Just in Time
Getting the oAuth Token
After setting up all the required server side authorisation and running up an example we continually got an ‘Unknown‘ message back from the server when attempting to get the authorisation token.
Now we thought that security through obscurity had been proven to be ineffective? The obscure error message was totally useless in helping to resolve the problem. So useless that we started to look for problems elsewhere, such as changing accounts, client ids, registratiion details and wasted a whole day trying to resolve this.
It was only after stumbling onto a Google IO video that we identified the problem.
Scopes. Ah, yes. These tell the server what access you would like and the server will rigourously enforce this when you make the service call.
We knew all about scopes, as we’d read up on the Google Drive SDK documention about it.
We’d coded the scope for file access using the string
https://www.googleapis.com/auth/drive.file, as documented.
Unfortunately that scope, as it stands, won’t work. Why? Well, there’s a little piece of magic that is required to get this scope to work. We noticed this magic in the video, at the 9 minute mark. Did you spot it?
Yup, the scope needs to be written as
FFS, why isn’t this made clear in all the documentation? Why do we have to look at a video and trawl though code examples to see this if it is MANDATORY.
Admittedly, there is a clue in the Android Developer’s blog on this subject, as they shown some text with the scope prefixed with ‘oauth2:’ but also some scopes without it.
Google, you owe us one day.
We plan to use this to allow the Finance data to be backed up to Google Drive.
Depending upon how quick this process is, we may also look into using it to synchronise the file across devices so you can use the same Finance application and data on any of your devices. It won’t be a transaction level sync, but a complete file sync so there will be many limitations users will need to be aware of. However, with some careful management, we think it has potential.