Google+ insert moment using google-api-dotnet-client

Question 1

Ah it's that simple! Maybe not? I am answering my own question and consequently accept it as the answer (after a few days of course) so others having the same issue may be guided. But I will definitely up-vote Gus' answer for it led me to the fix for my code.

So according to @class answer written above and as explained on his blog the key to successfully creating a moment is adding the request_visible_actions parameter. I did that but my request still failed and it is because I was missing an important thing. You need to add one more parameter and that is the access_type and it should be set to offline. The OAuth request, at a minimum, should look like: https://accounts.google.com/o/oauth2/auth?scope=https://www.googleapis.com/auth/plus.login&response_type=code&redirect_uri=http://localhost/&request_visible_actions=http://schemas.google.com/AddActivity&access_type=offline.

For the complete and correct client code you can get Gus' example here or download the entire dotnet client library including the source and sample and add what I added below. The most important thing that you should remember is modifying your AuthorizationServerDescription for the Google API. Here's my version of the authenticator:

public static OAuth2Authenticator<WebServerClient> CreateAuthenticator(
        string clientId, string clientSecret)
{
    if (string.IsNullOrWhiteSpace(clientId))
        throw new ArgumentException("clientId cannot be empty");

    if (string.IsNullOrWhiteSpace(clientSecret))
        throw new ArgumentException("clientSecret cannot be empty");

    var description = GoogleAuthenticationServer.Description;

    var uri = description.AuthorizationEndpoint.AbsoluteUri;
    // This is the one that has been documented on Gus' blog site 
    // and over at Google's (https://developers.google.com/+/web/signin/)
    // This is not in the dotnetclient sample by the way 
    // and you need to understand how OAuth and DNOA works.
    // I had this already, see my original post, 
    // I thought it will make my day.
    if (uri.IndexOf("request_visible_actions") < 1)
    {
        var param = (uri.IndexOf('?') > 0) ? "&" : "?";
        description.AuthorizationEndpoint = new Uri(
            uri + param +
            "request_visible_actions=http://schemas.google.com/AddActivity");
    }

    // This is what I have been missing! 
    // They forgot to tell us about this or did I just miss this somewhere?
    uri = description.AuthorizationEndpoint.AbsoluteUri;
    if (uri.IndexOf("offline") < 1)
    {
        var param = (uri.IndexOf('?') > 0) ? "&" : "?";
        description.AuthorizationEndpoint = 
                new Uri(uri + param + "access_type=offline");
    }

    // Register the authenticator.
    var provider = new WebServerClient(description)
    {
        ClientIdentifier = clientId,
        ClientSecret = clientSecret,                  
    };            
    var authenticator =
        new OAuth2Authenticator<WebServerClient>(provider, GetAuthorization)
                 { NoCaching = true };
    return authenticator;
}

Without the access_type=offline my code never worked and it will never work. Now I wonder why? It would be good to have some explanation.

Question 2

For the OAuth flow, there are two issues with your request:

request_visible_actions is what is passed to the OAuth v2 server (don't pass requestvisibleactions)
plus.moments.write is a deprecated scope, you only need to pass in plus.login

Make sure your project references the latest version of the Google+ .NET client library from here:

https://developers.google.com/resources/api-libraries/download/stable/plus/v1/csharp

I have created a project on GitHub showing a full server-side flow here:

https://github.com/gguuss/gplus_csharp_ssflow

As Brettj said, you should be using the Google+ Sign-in Button as demonstrated in the latest Google+ samples from here:

https://github.com/googleplus/gplus-quickstart-csharp

First, ensure you are requesting all of the activity types you're writing. You will know this is working because the authorization dialog will show "Make your app activity available via Google, visible to you and: [...]" below the text that starts with "This app would like to". I know you checked this but I'm 90% sure this is why you are getting the 401 error code. The following markup shows how to render the Google+ Sign-In button requesting access to Add activities.

<div id="gConnect">
<button class="g-signin"
    data-scope="https://www.googleapis.com/auth/plus.login"
    data-requestvisibleactions="http://schemas.google.com/AddActivity"
    data-clientId="YOUR_CLIENT_ID"
    data-accesstype="offline"
    data-callback="onSignInCallback"
    data-theme="dark"
    data-cookiepolicy="single_host_origin">
</button>

Assuming you have a PlusService object with the correct activity type set in data-requestvisibleactions, the following code, which you should be able to copy/paste to see it work, concisely demonstrates writing moments using the .NET client and has been tested to work:

Moment body = new Moment();
ItemScope target = new ItemScope();

target.Id = "replacewithuniqueforaddtarget";
target.Image = "http://www.google.com/s2/static/images/GoogleyEyes.png";
target.Type = "";
target.Description = "The description for the activity";
target.Name = "An example of add activity";

body.Target = target;
body.Type = "http://schemas.google.com/AddActivity";

MomentsResource.InsertRequest insert =
    new MomentsResource.InsertRequest(
        _plusService,
        body,
        "me",
        MomentsResource.Collection.Vault);
Moment wrote = insert.Fetch();

Note, I'm including Google.Apis.Plus.v1.Data for convenience.