[midPoint] Google Apps Connector error

Matthew Mize mmize1 at udayton.edu
Mon Nov 14 17:05:24 CET 2022


I went back and checked my notes from when we were setting up our GSuite
resource and found this: "the documentation for getting a refreshToken has
been deprecated by Google (
https://developers.googleblog.com/2022/02/making-oauth-flows-safer.html#disallowed-oob).
I didn't go through the steps of tweaking Evolveum's script due to time
constraints, instead I was able to use a workaround (
https://stackoverflow.com/questions/71318804/google-oauth-2-0-failing-with-error-400-invalid-request-for-some-client-id-but),
changing the redirect_uri to "http://localhost:1" and grabbing the code
parameter from the response URL. That gave me the refresh token and I was
able to successfully connect to Google".

This to me looks like another version of the workaround. Hopefully you can
grab the code parameter from the response URL and use it in Midpoint.

On Wed, Nov 9, 2022 at 11:17 AM Luke Novak via midPoint <
midpoint at lists.evolveum.com> wrote:

> Hey all
>
> I am getting a localhost error message when trying to update my oauth
> refresh token.  After signing into Google and clicking to allow Midpoint
> access I am getting this error message.
>
> I am seeing this redirect to the localhost in the url that maven spits out
> to click on.  Is this correct?
>
> redirect_uri=http://localhost:39907/Callback&response_type=code&scope=
> <https://accounts.google.com/o/oauth2/auth?access_type=offline&approval_prompt=force&client_id=931203756627-a2p9n99312e83jbd11s7s3468sh06cm5.apps.googleusercontent.com&redirect_uri=http://localhost:39907/Callback&response_type=code&scope=https://www.googleapis.com/auth/admin.directory.group%20https://www.googleapis.com/auth/admin.directory.orgunit%20https://www.googleapis.com/auth/admin.directory.user%20https://www.googleapis.com/auth/apps.licensing>
>
> Any ideas.
>
> Thanks
>
> Luke
>
> Lucas Novak
> Systems Engineer
> OAISD
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> https://lists.evolveum.com/mailman/listinfo/midpoint
>


-- 
------------------------------------------------------------------------
Matt Mize, (he, him, his)
Director, Software Engineering & Web Engineering
mmize1 at udayton.edu
[image: A button with "Hear my name" text for name playback in email
signature] <https://www.name-coach.com/matt-mize>
IT Service Center, (937) 229-3888, itservicecenter at udayton.edu

University of Dayton
300 College Park, Dayton, OH, 45469-2230
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20221114/b5741b7a/attachment-0001.htm>


More information about the midPoint mailing list