Comment 9 for bug 1236881

running signon-ui with SSOUI_LOGGING_LEVEL=4 (value I've been increasing until I got more info), I got this:

(note that I've removed some strings that looked a lot like they could compromise my account security)

service.cpp 222 queryDialog Got request: QMap(("Caption", QVariant(QString, "Google") ) ( "ClientData" , QVariant(QVariantMap, QMap(("AllowedSchemes", QVariant(QStringList, ("https", "http") ) ) ( "AuthPath" , QVariant(QString, "o/oauth2/auth") ) ( "ClientId" , QVariant(QString, "759250720802-4sii0me9963n9fdqdmi7cepn6ub8luoh.apps.googleusercontent.com") ) ( "ClientSecret" , QVariant(QString, "[REMOVED]") ) ( "Embedded" , QVariant(bool, true) ) ( "Host" , QVariant(QString, "accounts.google.com") ) ( "RedirectUri" , QVariant(QString, "https://wiki.ubuntu.com/") ) ( "ResponseType" , QVariant(QString, "code&access_type=offline") ) ( "Scope" , QVariant(QStringList, ("https://docs.google.com/feeds/", "https://www.googleapis.com/auth/googletalk", "https://www.googleapis.com/auth/userinfo.email", "https://www.googleapis.com/auth/userinfo.profile", "https://picasaweb.google.com/data/") ) ) ( "TokenPath" , QVariant(QString, "o/oauth2/token") ) ( "WindowId" , QVariant(uint, 90178289) ) ) ) ) ( "FinalUrl" , QVariant(QString, "https://wiki.ubuntu.com/") ) ( "Identity" , QVariant(uint, 1) ) ( "Mechanism" , QVariant(QString, "web_server") ) ( "Method" , QVariant(QString, "oauth2") ) ( "OpenUrl" , QVariant(QString, "https://accounts.google.com/o/oauth2/auth?client_id=759250720802-4sii0me9963n9fdqdmi7cepn6ub8luoh.apps.googleusercontent.com&redirect_uri=https://wiki.ubuntu.com/&response_type=code%26access_type%3Doffline&type=web_server&scope=https://docs.google.com/feeds/ https://www.googleapis.com/auth/googletalk https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile https://picasaweb.google.com/data/") ) ( "Secret" , QVariant(QString, "[REMOVED]") ) ( "StoredIdentity" , QVariant(bool, true) ) ( "UserName" , QVariant(QString, "[REMOVED]") ) ( "requestId" , QVariant(QString, "/com/google/code/AccountsSSO/SingleSignOn/AuthSession_0") ) )

request.cpp 314 newRequest Platform: "xcb"

service.cpp 132 runQueue Head: SignOnUi::BrowserRequest(0x932090)

browser-request.cpp 125 acceptNavigationRequest QUrl( "https://accounts.google.com/o/oauth2/auth?client_id=759250720802-4sii0me9963n9fdqdmi7cepn6ub8luoh.apps.googleusercontent.com&redirect_uri=https://wiki.ubuntu.com/&response_type=code%26access_type%3Doffline&type=web_server&scope=https://docs.google.com/feeds/ https://www.googleapis.com/auth/googletalk https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile https://picasaweb.google.com/data/" )

It seems the culprit is that pair ' ( "ResponseType" , QVariant(QString, "code&access_type=offline"))', which afaict from /usr/share/accounts/providers/google.provider should have been two different entries: "ResponseType" with value 'code' and "AuthPath" with value 'o/oauth2/auth?access_type=offline'. I've checked with request url, changing the '%26' on 'response_type=code%26access_type...' to a '&' and the url does work -- my guess is that after reading the value from the QVariant, the '&' is taken as a literal value and not the control character it should have been and translated to %26.

I've taken a quick look over the sources of signon-ui and signond but dind't find where that request is built, nor where does the QMap come from.

I hope this helps.