flow with urn:ietf:wg:oauth:2.0:oob as the redirect_uri, and parsing
the token from the title of the web browser's window, correct? "
Yes, that is correct.
We have a major problem here in that our application does not support silent pushed updates .. for example how Chrome updates.
So I have the enormous challenge of contacting my user base (which is huge) and trying to get them to update to the newest version which I am going to publish in a few hours.
In all likelihood I can get 10% of them to update, and 90% will just assume my application is broken and perhaps never use it again.
This is a very large and popular app -- is there no way YouTube can temporarily (say for 30 days) revert back to using 30 character auth codes? This would at least give me a chance to convert my user base without instantly losing everything I've worked for in the last year.
I can't possibly be the only developer who has this problem right now.
This would also give the API team a chance to come up with a best practice here. Otherwise my current fix could very likely just be broken again in the future.
So the most reasonable thing to do would be to give each other 30 days to both come up with a best practice and let me prep my user base for the update. In the mean time, revert back to 30 character oAuth2 return codes. Can we do that?
======
For Tim Wintle and fightingmonk ..
Yes that is what we are doing, but because there is no documentation saying what the best practice for parsing the URL parameters is we always pulled the 30 character parameter. This is because up until yesterday, and for as long as our app existed, the return code was always 30 characters. It was from what we could tell was the most stable identifier.
On Tuesday, April 24, 2012 8:45:13 AM UTC-7, Jeffrey Posnick wrote:
-- On Tuesday, April 24, 2012 8:45:13 AM UTC-7, Jeffrey Posnick wrote:
Hello Dan,
Based on what you describe, you're using the Installed Applications
flow with urn:ietf:wg:oauth:2.0:oob as the redirect_uri, and parsing
the token from the title of the web browser's window, correct? I'm
sorry that we don't provide more than an example in the OAuth 2 guide
(https://developers.google.com/youtube/2.0/ ) of what the window title could look
developers_guide_protocol_oauth2
like—I agree that providing a specific algorithm (like, "always split
on '=' and use the second value") explicitly spelled out in the guide
would be very helpful. I'll sync up with the folks at Google
responsible for our OAuth 2 infrastructure and ask them to provide a
best practice that we could pass along.
In the meantime, we really can't offer any assurances about the
length of the token—it's meant to be an opaque value, and we don't
document its length as being 30 characters. The workaround you have in
place should hold you over until we can provide authoritative guidance
as to the best practice.
Cheers,
-Jeff Posnick, YouTube API Team
groups.google.com/group/youtube-api-gdata | apiblog.youtube.com |
@YouTubeDev
On Apr 24, 11:26 am, Sandy <alexanderpe...@gmail.com> wrote:
> YouTube, please help! Our application is sinking! Please fix this API
> problem....!
>
>
>
>
>
>
>
> On Monday, April 23, 2012 11:07:43 PM UTC-7, Dan S wrote:
>
> > Hello,
> > Recently (perhaps in the last 0-5 hours) my .NET based application which
> > has an "upload to youtube" feature has started failing for all users during
> > the oAuth2 authentication sequence.
>
> > Up until a few hours ago, the application worked fine for about 5 months
> > straight.
>
> > I have double checked my YouTube Developer Key, Oauth2 Client ID, Client
> > Secret, and Redirect URI .. everything is fine.
>
> > I have tried upgrading my app to use the latest versions of the following
> > dlls:
>
> > DotNetOpenAuth.dll
> > Google.Apis.Authentication.OAuth2.dll
> > Google.Apis.dll
> > Google.GData.Client.dll
> > Google.GData.Extensions.dll
> > Google.GData.YouTube.dll
> > log4net.dll
> > Newtonsoft.Json.Net35.dll
>
> > Regardless, I still get:
> > Message: The remote server returned an error: (400) Bad Request.
> > StackTrace: at System.Net.HttpWebRequest.GetResponse()
>
> > ==========
>
> > I tried using the latest Google sample oAuth2 app:
> > Tasks.SimpleOAuth2
> > which is part of the "samples" package available here:
> >http://code.google.com/p/google-api-dotnet-client/wiki/ Downloads
>
> > I get the same exact result, error 400 Bad Request.
>
> > So at this point I need to verify if the YouTube OAuth2 API is down for
> > everyone, or is it just me? (developer id available via private
> > communication on request)
> > If it is down for everyone, when can we expect it back up?
> > If it is down for just our developer ID, what can we do to fix this?
>
> > Thank you!
You received this message because you are subscribed to the Google Groups "YouTube APIs Developer Forum" group.
To view this discussion on the web visit https://groups.google.com/d/msg/youtube-api-gdata/-/p4w7vmPTx9YJ.
To post to this group, send email to youtube-api-gdata@googlegroups.com.
To unsubscribe from this group, send email to youtube-api-gdata+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/youtube-api-gdata?hl=en.
No comments:
Post a Comment