Hope this doesn't get too complicated. :) thing is..
I'm trying to make my PHP code post notes to Google Buzz using OAuth as authentication mechanism. I'm doing the typical "OAuth dance" (get request token, authorise it, exchange for access token), but i've ran into some problems that seem to be on Google's side. Hope i'm wrong - it would be much easier to fix. :)
To get to the point - oauth_callback parameter doesn't seem to get passed to the authorization form. Authorization URI i'm redirecting to is like:
https://www.google.com/buzz/api/auth/OAuthAuthorizeToken
?domain=<my.domain>
&scope=<urlencode(https://www.googleapis.com/auth/buzz)>
&oauth_token=<request_token>
&oauth_callback=<my.domain/callback>
When redirected, client is asked to authorize site to read/write from/to Buzz. If accepted, Google asks again (but in different form) to allow access to .. after allowing for second time, success message is shown, but it doesn't return any tokens to my site, not redirecting to oauth_callback uri.
Workaround i found is to manually add form field 'oauth_callback=' trough firebug/chrome inspector, and then, after these two confirmations it redirects to my site and i can extract authorized token from response, and exchange it for access token. If i use 'standard' Google's authorization endpoint, i get redirected correctly (one confirmation only), but then the access token i get after that is invalid for Buzz.
So, am i wrong or google?! :D I've implemented OAuth for cooperation with some other services (Facebook, MySpace..) but i've never had this much trouble.
ok, when i got on the problem next morning, with (partially) fresh eyes, solution was pretty easy (but still undocumented).. :) in case anybody else needs answer - oauth_callback parameter should be specified when requesting request token.