This does work really well. It has the domain under the field for username and won't let you enter any foreign characters, so you should not be able to enter any other Google App domains.

Out of interest, what, if anything, do you store from the information provided by Google/Facebook/LinkedIn? The IDs? Profile photos?

Great stuff (Again).
I liked the LinkedIn and Facebook posts as well and intend to use them all so users can login with whatever method they want.

I was wondering whether you were planning on doing a Sign in with Twitter post to complement the others ?

@Adrian: What you store would be up to you. What your app needs. Obviously you would have to content w/ the fact that those details may change.

@Dave: I looked into Twitter this weekend actually. Unfortunately they are OAuth1 so it isn't as easy. Fortunately, someone has already blogged on it so I don't have to. ;)

http://www.delbridge.org/po...

Thanks Ray. You are a gentleman and a scholar.
Now I have to roll it all up and make a loginUsing.cfc
Also I have to agree that CodeSchool is excellent, hanks for the Hall Pass :)

Nice post, explains it well. What would be your thoughts on utilizing that as the login interface for an app that uses primarily rest endpoints to connect a JS/html front-end with an ORM based backend?

Their api page does give information about token validation, so my thought is that every endpoint call requires the token be attached as a header element, and just cache the public keys from google to do validation against the tokens.

"What would be your thoughts on utilizing that as the login interface for an app that uses primarily rest endpoints to connect a JS/html front-end with an ORM based backend?"

Um, do you mean _your_ app is primary client-side code w/ CF REST stuff ont he back?

Yes

Well, your client-side code could run a CFC that then hits Google. Basically the CFC acts as a proxy. Or you could hit Google directly if they support JSON/P or CORS.

Once again - I love all of your posts. I'm a fan and a subscriber. Although I feel like I'm missing something here. This line in particular: new google(application.clientid, application.clientsecret); Do I need some sort of additional file to have this work? Does it matter if I use application.cfm instead of cfc? I feel so lost... :/

As I didn't provide a zip, you have to get the code from the blog entry. google.cfc is the second to last, where I say, "This is the CFC..."

You can use App.cfm instead of App.cfc, but... honestly, it is time to move on from App.cfm! :)

Haha - I know. Sometimes I have much less to say about those things than I'd like to - ergo my limited experience with CFC files. Thanks Raymond - once again I owe you a beer. Actually it's a whole case by now. :D

Enjoy man. Warning - I've got pricey taste in beer.

http://pastebin.com/KfdZiAG4

Hi i just posted a question with a bit of code.

This got rejected so i posted a pastebin link.

Thanks for the tutorial.

It may be that the order isn't preserved in the second one and that may matter to Google. I've never used that particular API though so - sorry - can't really help.

Hi ray, Followed Your post, i am using Application.cfm rather than CFC

But when i logs into Google auth and it comes back to callback, it just hangs there

don't know what is the matter, any idea

So you come back to the CFM and... nothing happens? The CFM never outputs anything? Do you see anything logged at all?

Nothing gets logged, i used try catch blocks, site wide error, application based error, nothing. it just hangs up.

Then I'm not sure what to suggest. So to be clear, you leave google.com, see your server load in the browser, see the cfm in the browser bar, and nothing. If you add "Hello World" to the top of the CFM, does that come out?

It shows nothing, Nothing anywhere, not in console, not error anywhere where i can search of. i tried creating log also when a callback is returned but it does not write, something is going wrong

not sure what, if you wanna check

here is the link:

http://tinyurl.com/ktjdgh6

It worked for me. I see the dump in the popup window.

Strange, Did you checked twitter too

Same here. I see a dump after submitting in the Google pop-up.

With Twitter processLogin.cfm loads, but displays nothing. Please share (pastebin or gist!) your code there.

ok, i thing something is going bad on my end, but not sure what, i tried different browsers, its a hosted application, i have to check again, but guys have you all the three of just one. Can you please confirm all 3 are working or just 1 or 2 only

Thanks

I tested two - and one showed what you saw. At this point it would be helpful to see your code. In a pastebin or gist.

Here is the Pastebin Code for Twitter:

http://pastebin.com/MvFue9Be

To be clear, are you using a different CFM file for each? I thought you were using the same. If you are, please do not share just a portion of your code, share *everything*.

Misty, did you debug this at all? Your code looks at the URL structure for a value called loginType. If you look at the value in the URL from Twitter, you can see login type is not there.

Sorry if that sounds rough, but as part of the debugging you should have done, you should have noticed that, right?

I'll echo my request that it would be more helpful if you were to share the entire CFM so we can see the app as it is being executed. Another test would be to add

<cfdump var="#url#" abort>

SO we can see what happens _immediately_ after the return from Twitter. You may have something else doing a cflocation later on in the process.

Hi Ray, Never took your comments as tough and harsh, I have always something new from you, so let me debug that and i will share the code also which i am using now

should i send the code in the email address

No, lets keep it here. If you have something secret in the CFM, like an APP Id, you can definitely change it.

i did some debugging and noticed that with twitter the application scope which i had defined as:

<cfcase value="twitter">
<cfset application.current_login_method = 'twitter'>
<cfset twitterLogin = objLogin.get_request_token()>
</cfcase>

is coming as [empty string] when it comes back from authorization, note here that i am not using the twitter4j library for authetication, do i need to use it

Don't know. I think this is why I skipped Twitter when I was doing my OAuth series.

ok, i will check this out and see what i can figure out here, so another question is: even yahoo can be done with oauth, have not debugged t yet, but just guessing

Cool - to be honest - I don't pay much attention to Yahoo. They have some cool APIs and stuff, but I just... well I just don't pay attention to em. Maybe I should. :)

This tut did save my life! Thank you so much! ^___^

Hi Ray, Thanks for great tutorial and the tip at the end. Quick question.... Do you know of a way to access a Google folder's file list using OAuth & Coldfusion completed by the server only? No human clicking the agree and authenticate button? Looking to build an automated web app to reach into a Generic User's Google drive and access a folder where students have shared papers, presentations, projects, and artwork photos stored in their Google Drives. Thanks again!

Hmm. In theory, you could automate it with cfhttp. But you would need the user's email/password of course. Not sure how much faith I'd put into that though. Seems like a brittle solution.

Hi Ray, I agree as Google is dropping their client access in 2015. I am reading up on OAUTH for Google. I think from what I am gathering, there is a way to do this as long as I log in as the user 1 time and retrieve a valid refresh token for my app (which I did today). Now I just need to figure out how to get the whole thing to work. If I succeed, I'll post back. Thanks!

Hi ray, Coming back again, I am unable to access the google login API, I can find google + API, but not google Login, is it same or different, i user new google+ but did not worked

You need to give me more detail. What happens exactly?

Hi ray,

How to fetch additional Information of google API like email address, login username etc.

You've been asking similar questions on two posts - I replied on the other one.

how you write this in cffunction

public function getProfile(accesstoken) {

var h = new com.adobe.coldfusion.http();
h.setURL("https://www.googleapis.com/...");
h.setMethod("get");
h.addParam(type="header",name="Authorization",value="OAuth #accesstoken#");
h.addParam(type="header",name="GData-Version",value="3");
h.setResolveURL(true);
var result = h.send().getPrefix();
return deserializeJSON(result.filecontent.toString());
}

it will cfhttp call., but what about the following line:

h.send().getPrefix(); - only explanation need to this line

h.send() means, make the http call. getPrefix gets the result. So result (the variable) is equal to <cfhttp url="..." result="result">

hi ray,

you said, its possible to get email address, so check this link:

in pastebin, i will expire in 1 hours

http://pastebin.com/RVzey1uQ

This shows my Infor but does not show my email address info, if i try same in google editor which they had provided in the console window, the emails array is shown, what we are missing here then

I believe you will need to ask for the email scope. https://developers.google.c....

You should be able to add this to the existing scope.

and where i should add this

Um, did you read the blog post? It is one of the code samples, and documented. Please look again.

i followed exactly as your code, doing a copy/paste, but in your above demo too, no email address is showing,

You aren't getting it - the Scope value determines what you can get back. You need to *add* to it to get email support. See my comment a few things above.

okay, i read the full blog post, and the code too. even though it has ben specified anywhere about email and not even getting the one:

what if we have a code which is doing a call to the api like this:

<cffunction access="public" name="getProfileEmail" returntype="any" returnformat="json">
<cfargument name="accesstoken" default="" required="yes" type="any">
<cfhttp url="https://www.googleapis.com/..." method="get" resolveurl="yes" result="httpResult">
<cfhttpparam type="header" name="Authorization" value="OAuth #arguments.accesstoken#">
<cfhttpparam type="header" name="GData-Version" value="3">
</cfhttp>
<cfreturn DeserializeJSON(httpResult.filecontent)>
</cffunction>

but this just shows me an a string value:

https://www.googleapis.com/...

what i need to change here to bring actual email address instead of this string

read this line even though it has ben specified anywhere about email and not even getting the one:

as

even though it has not been specified anywhere about email and not even getting the one:

I tried again with this:

cfhttp url="https://www.googleapis.com/..." method="get" resolveurl="yes" result="httpResult">
<cfhttpparam type="header" name="Authorization" value="OAuth #access_token#">
<cfhttpparam type="header" name="GData-Version" value="3">
</cfhttp>
<cfoutput>#httpResult.filecontent#</cfoutput>

i get empty response as: {}

does it have any dependency on verified response

i tried in cflive.net

Misty: Do you, or do you not, see the code portion that involves Scope. It is above. The comment above is talks about how you have to change it. None of your comments seem to imply you get that you have to change the scope - so can you please answer that?

Ray, I am following what you are saying, but the code below google may not support after sept 2014

I use this:

<cfset googleLogin = objLogin.initiate_login(
loginUrlBase = "https://accounts.google.com...",
loginClientID = application.google_client_id,
loginRedirectURI = application.google_redirecturl,
loginScope = "https://www.googleapis.com/..."
)>

I get email with this, but if i use the https://www.googleapis.com/...

i do not get the email in that

So your saying - you don't want to use this method. You want to use the method I described in G+? Or are you saying something else? I'm really confused here.

I do not want to use the method of Google+ u described in another post, wanna use the method the comments are posted in.
i had to check many things before i make a complete rewrite of login with google+. right now, the old way of oauth2, going by google login side and fetching the contents

So... you don't want to use my method, and you don't want to use the G+ method. Then I don't know what to tell you. As I described, multiple times, the docs say you need to *ask* (via Scope) for email permission, and I've seen it work with my code. If you are using your own code, than I don't think I can help you more than I have tried to do so already.

Great Post Raymond.

Any chance someone from the ColdFusion community could contribute code samples to Google's developer portal?

If somebody wants to submit it - I'm all for it.

I noticed you used localhost as the domain of your callback url. Is that actual code? My development server is behind a firewall, and it seems to be causing problems.
At first I kept getting uri mismatch errors. I found a workaround for that by adding a bit.ly url in my console and supplying that url as the callback parameter. That at least got me to Google's "Allow access" page. But then when I grant access I get "State values do not match" on the callback page.
Any thoughts? Thanks!
Ron

For oauth redirect, the remote server sends a header back to the browser saying,"Go Here." For my testing then, localhost works fine. In a 'real' app, you would not do that of course. Thing is - a firewall should not impact that. If your browser can hit the URL, then it should just plain work.

OK, Thanks. I'll take another look at the code with a fresh set of eyes Monday.

Sure enough, even after triple- and quadruple-checking my callback url, i still had a typo in it. Works fine now. Thanks for the help.

How can I get user email ?

The scope value determines what data is returned. You have to ask for email.

https://developers.google.c...

I am having an issue with the `Google OAuth` using `cfhttp` in Safari. It works in my local environment but on our hosted environment everytime I use google oauth, I get the return code below:

Error detail:
string 400 Bad Request

File content:
string { "error" : "invalid_grant", "error_description" : "Code was already redeemed." }

Header:
>string HTTP/1.1 400 Bad Request Content-Type: application/json Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: Fri, 01 Jan 1990 00:00:00 GMT Date: Sat, 22 Nov 2014 01:38:30 GMT X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block Server: GSE Alternate-Protocol: 443:quic,p=0.02 Transfer-Encoding: chunked

<cffunction name="getGoogleToken" access="public" output="false">
<cfargument name="Event" type="any">
<cfargument name="code" type="any">
<cfset var="" rc="Event.getCollection()"/>
<cfscript>
var postBody = "code=" & UrlEncodedFormat(arguments.code) & "&";
postBody = postBody & "client_id=" & UrlEncodedFormat(rc.googleclientid) & "&";
postBody = postBody & "client_secret=" & UrlEncodedFormat(rc.googleclientsecret) & "&";
postBody = postBody & "redirect_uri=" & UrlEncodedFormat(rc.googlecallback) & "&";
postBody = postBody & "grant_type=authorization_code";
</cfscript>

<cfhttp url="https://accounts.google.com..." method="post" result="result" charset="utf-8">
<cfhttpparam type="header" name="Content-Type" value="application/x-www-form-urlencoded">
<cfhttpparam type="body" value="#postBody#">
</cfhttp>

<cfreturn deserializejson(result.filecontent.tostring())=""/>

</cffunction>

I'd Google "Code was already redeemed" and see what it suggests.

Thanks Ray. I tried that and it said its typically if the token is already used. The strange thing is it works perfectly fine in Firefox, Chrome and IE, it's just safari which is having an issue.

Hi Raymond..thanx for posting but i have one small question.. m new to cf + api and did not get the workflow behind your code.is it possible for you to provide at github with necessary files? and sorry but should i execute google.cfc with any cfm file or it will direct execute??

All the code that was used is in the blog article, so I can't provide more really.

"and sorry but should i execute google.cfc with any cfm file or it will direct execute??"

I'm not quite sure I understand what you are saying. If you don't know what CFCs are in general, I'd start with the ColdFusion docs to get the basics.

Raymond, I realize this is an old post but I'm hoping you will be able to follow up. FYI, while I don't have this working just yet, it is the most instructional post I've found on the topic. Thank you!

I feel I've followed the post. I have the login.cfm file which provides the link to login. I get the Google authentication page. However, when I authenticate with Google, I come back to the login.cfm page, not the callback page I've registered with Google. I get no errors coming up. I decided to try putting the lines below on the login.cfm page that comes up to see if I'm even getting any return from Google but the test comes back that I have no token. I can't figure out a way to troubleshoot where this is going wrong without errors or any returned info. I can't even figure out how it can come back to the login.cfm page. Any thoughts or guidance?

<cfif isdefined("session.token")="">
I have a token.
<cfset me="application.google.getProfile(session.token.access_token)">
<cfdump var="#me#" label="me">
<cfelse>
I have no token.
</cfif>

One other note, I was testing the <cfoauth> tag earlier. While I didn't get that completely working either, it did at least send me to the callback page after authenticating with Google. So I'm pretty sure I have the correct callback page registered properly with Google.

Thanks in advance for any help you might have. Athelene

Just wanted you to know that I've got it worked out. First problem described above was an idiot typing error. Then I had do to some updating of the endpoints and such. But the basic structure of your post was still extremely helpful. Thank you so much!!

Cool - glad to hear it.