XMPP Google Talk X-OAUTH2 login requires username

1
votes

I'm implementing an XMPP client for Google Talk that is using the relatively new X-OAUTH2 mechanism. I had the idea that I shouldn't need to store either username or password for the authentication to the service. However, Google's documentation for the X-OAUTH2 authentication states this is the initial <auth> request to make:

<auth xmlns="urn:ietf:params:xml:ns:xmpp-sasl"
    mechanism="X-OAUTH2"
    auth:service="oauth2"
    xmlns:auth="http://www.google.com/talk/protocol/auth">
  base64("\0" + user_name + "\0" + oauth_token)
</auth>

Note that it requires the "user_name" to be sent along with the token. Is there something I'm missing here? Or do I really have to have my application prompt for the username? (Note that the user would already have logged in via OAuth2 to receive the access token)

I don't know of any other service that uses OAuth that requires the client to provide a username. For instance, this same app can connect to Facebook Chat via XMPP and OAuth2 without needing the username to be provided in XMPP.

1
xmppoauth-2.0google-talk
I am using strophe.js for implementing XMPP for Google Talk. I am already using Google OAuth for login into my application. Can you please tell me, how to use the X-OAUTH2 mechanism to make the <auth> request using strophe.Nitish Borade

1 Answers

2
votes

You don't need to prompt for username in your application. Just specify "SCOPE" parameter as "https://www.googleapis.com/auth/userinfo.email". Refer this. This will give you users email-ID in response along with token.

This Link has detailed explanation about Google Accounts Authentication and Authorization. Username and email-id is returned in getUserInfo() function which you can use in your application.