This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

Unable to retrieve files: googleapi: Error 403: Request had insufficient authentication scopes.

Posted on 07-06-2023 06:48 PM
ghostwhowalks
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

I'm a novice user, so its quite likely the problem is at my end -- so with that warning, here goes.

I have a simple drive search program with OAuth2, and it keeps failing with insufficient authentication scopes. I have pretty much all the authentication scopes selected, but it seems fail regardless...Is passing in the SCOPES array being done correctly? 

 

Any help is appreciated!

 

 
conf := &oauth2.Config{
ClientID: config.GoogleDriveClientID,
ClientSecret: config.GoogleDriveClientSecret,
RedirectURL: config.GoogleDriveOAuthRedirectUrl,
Scopes: []string{
},
Endpoint: google.Endpoint,
}
tokenRes, err := utils.GetGoogleDriveOauthToken(code)
if err != nil {
fmt.Printf("error is being logged ")
log.Fatal(err)
}
tok := &oauth2.Token{AccessToken: tokenRes.Access_token }
// tok, err := conf.Exchange(context.Background(), "authorization-code")
client := conf.Client(context.Background(), tok)
fmt.Printf("client is %v ", client)

srv, err := drive.NewService(ctx, option.WithHTTPClient(client))
if err != nil {
log.Fatalf("Unable to retrieve Drive client: %v", err)
}

r, err := srv.Files.List().PageSize(10).
Fields("nextPageToken, files(id, name)").Do()
if err != nil {
log.Fatalf("Unable to retrieve files: %v", err)
}
 
Solved Solved
1 4 4,275
Topic Labels
Jump to Solution
1 ACCEPTED SOLUTION

Posted on --/--/---- --:-- AM
ghostwhowalks
Bronze 1
Bronze 1
In response to Willbin
Reply posted on --/--/---- --:-- AM

I found out the issue here. There are a couple of issues:

1. The golang example expects a code to be printed on the browser, but for some reason unlike the python example, it does not spin up a webserver to show the code. So, one should extract the code from the url generated and paste that in. It works fine later

2. The issue in my code was indeed to do with the scopes being passed in. There was a flaw in my understanding though, the scopes are passed in at first via the js code and then the golang handler was kicking in to make the request with the token (that also specifies scopes). So, while the scopes defined in the golang code was correct, the js code was not specifying the scopes correctly. I am using a clientid and not a service acct.

Moral of the story is understand oauth2 carefully, it's a 3 legged stool and can fail at any leg.

Posting it here in case this is useful to someone else in the future.

View solution in original post

Jump to Solution
4 REPLIES 4
Top Labels in this Space
Top Solution Authors
View all