Regression: OAuth Invalid Scope (Google Hangouts - Hangups Library)

问题

It is impossible to obtain an access token with an OAuth URI which worked until the end of August, and which is used by various clients.

It's a general issue with third party clients as of now:

• hangoutsbot
• yakyak
• purple-hangouts

Thus, currently, it is impossible to use a Google Hangouts Chat Bot (third party application) using hangups. It now fails with this error:

Here is how URI created to access Google OAuth with Python :

OAUTH2_SCOPE = 'https://www.google.com/accounts/OAuthLogin'
OAUTH2_CLIENT_ID = 'some_client_id'
OAUTH2_CLIENT_SECRET = 'some_client_screet'
OAUTH2_LOGIN_URL = 'https://accounts.google.com/o/oauth2/auth?{}'.format(
    urllib.parse.urlencode(dict(
        client_id=OAUTH2_CLIENT_ID,
        scope=OAUTH2_SCOPE,
        redirect_uri='urn:ietf:wg:oauth:2.0:oob',
        response_type='code',
    ))
)
OAUTH2_TOKEN_REQUEST_URL = 'https://accounts.google.com/o/oauth2/token'

Google has made some OAuth changes that killed the way hangups does its initial login: see issue here and here

Existing bots will also stop working as soon as their tokens expire find this article.

So, how can we access the Authorization Code for accessing Hangouts?

回答1:

Using the urls below

https://accounts.google.com/o/oauth2/programmatic_auth?hl=en&scope=https%3A%2F%2Fwww.google.com%2Faccounts%2FOAuthLogin+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email&client_id=936475272427.apps.googleusercontent.com&access_type=offline&delegated_client_id=183697946088-m3jnlsqshjhh5lbvg05k46q1k4qqtrgn.apps.googleusercontent.com&top_level_cookie=1

you can get to a programmatic_auth url that sets the oauth code to a cookie that contains the oAuth code.

How to do:
1. Go to the above url
2. Enter your username, click next.
3. Right click page background, inspect
4. Go to the network tab.
5. Enter your password, click sign in
6. Click the first row, the one that says "programmatic_auth"
7. Scroll down in the right-side panel, find "set-cookie"
8. Your code should be there, after "oauth_code=", up to but not including the semicolon.
9. Copy it and use it.

来源：https://stackoverflow.com/questions/39314580/regression-oauth-invalid-scope-google-hangouts-hangups-library