问题
I have been implementing the Google web server OAuth flow, but when I attempted to exchange the authorization code with access token, it always complains "invalid_code".
Here is the issue:
Step 1:
Redirect one of our pages to 'https://accounts.google.com/o/oauth2/auth?scope=email&redirect_uri=https%3A%2F%2Fmyurl.com%2Fcallback&response_type=code&client_id=some_client_id'
Step 2:
The redirection happens and google would redirect to our url https://myurl.com/callback?code=somecode
Step 3:
curl -X POST --data "code=somecode&client_id=some_client_id&some_client_secret=some_client_secret&redirect_uri=https://myurl.com/callback&grant_type=authorization_code" https://accounts.google.com/o/oauth2/token -v --trace-ascii /dev/stout
The response comes back:
HTTP 400 Bad request
{ "error" : "invalid_grant", "error_description" : "Invalid code." }
Can someone help me with this issue? Thanks!
回答1:
The life span of authorization code is only 10 mins,and can only be used one time. So do these checks:
- Do you use it 10 min later? If so, use it in 10 mins.
- Have you used it before? If so, obtain a new one and then use it.
- Is you server time in sync with Google OAuth server's? If not, change your time.
回答2:
I was using http://localhost:8080 as my redirect url since I was just trying out their examples. And my json file contents had this:
"redirect_uris": [
"http://localhost:8080"
],
"javascript_origins": [
"http://localhost:8080"
]
In the developer console I had the redirect_uri set to "http://localhost:8080" and I was getting the same error. I changed it to "http://localhost:8080/" and then it started working. (Essentially adding a '/' at the end.)
Hope this helps!
来源:https://stackoverflow.com/questions/24002970/google-oauth-token-exchange-returns-invalid-code