Ubuntu
evolution-data-server package

Enable carddav OAuth2 scope ( https://www.googleapis.com/auth/carddav ) in Ubuntu Online Account (Vivid)

Bug #1433943 reported by Khurshid Alam
4
This bug affects 1 person
Affects Status Importance Assigned to Milestone
evolution-data-server (Ubuntu)
Invalid
Medium
Alberto Mardegan

Bug Description

It seems Ubuntu does not enable CardDav scope (https://www.googleapis.com/auth/carddav) in online account. Ubuntu only enables Google Contacts API (Gdata) https://www.google.com/m8/feeds/ which is NOT same as CardDav. As a result when some application( ex. Syncevolution) tries to access it (through oauth2), it gives “authentication failed error”.

For example, running following command:

'''

SYNCEVOLUTION_DEBUG=1 syncevolution --print-databases –daemon=no\

loglevel=2 backend=carddav username=uoa:3,google-contacts\

syncURL=https://www.googleapis.com/.well-known/carddav

'''
gives following error:

“PROPFIND: Neon error code 1: 403 Forbidden, must not retry”

NOTE: It is required that that the scope for accessing CardDAV needs to be specified in the sources too. Having it only in the APIs Console is not enough. Otherwise Google rejects access to the CardDAV resources with a 401 "AuthSub challenge".

Discussion on Syncevolution Mailing List: https://lists.syncevolution.org/pipermail/syncevolution/2015-March/005119.html

Tags: vivid
Revision history for this message
Alberto Mardegan (mardy) wrote :

We will not enable this in the Google key shipped with the google.provider file, because that key should only be used for validating the account creation.
GNOME Evolution ships the google-contacts.service file which you seem to be using, so that could be a candidate for adding the permission. I've already enabled the CardDav access on the Google API console, so it's just a matter of modifying the google-contacts.service file and adding the additional scope there.

affects: account-plugins → evolution-data-server (Ubuntu)
Changed in evolution-data-server (Ubuntu):
assignee: nobody → Alberto Mardegan (mardy)
importance: Undecided → Medium
status: New → Confirmed
Revision history for this message
Khurshid Alam (khurshid-alam) wrote :

Sorry for late reply.....

Well It work that way....manually adding https://www.googleapis.com/auth/carddav to /usr/share/accounts/services/google-contacts.service....

But it requires evolution to get oauth2 token. So I have to grant access for evolution from UOA as well. A single sign-on for google from UOA is not enough.

Khurshid Alam (khurshid-alam)
Changed in evolution-data-server (Ubuntu):
status: Confirmed → Invalid
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.