Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

How do I get the access token from a code I already have? #64

Closed
cinjon opened this issue Oct 3, 2019 · 15 comments
Closed

How do I get the access token from a code I already have? #64

cinjon opened this issue Oct 3, 2019 · 15 comments
Assignees
@busunkim96
Labels
type: question Request for information or clarification. Not an issue.

Comments

@cinjon
Copy link

cinjon commented Oct 3, 2019

I used ReactGoogleLogin (https://github.com/anthonyjgrove/react-google-login) to get the offline code. This works fine and is associated with my clientId. I then want to have the server complete the process with this API.

Doing the following does not work and yields an error oauthlib.oauth2.rfc6749.errors.InvalidGrantError: (invalid_grant) code_verifier or verifier is not needed.. How do I fix this?

def fetch_token(code):
  flow = Flow.from_client_secrets_file(</path/to/credentials.json>, [list of scopes], 
    redirect_uri='urn:ietf:wg:oauth:2.0:oob')
  flow.fetch_token(code)

Note that I tried this w/ and w/o the redirect_uri. I also tried it with the redirect_uri for my website. All gave the same error.
@cinjon
Copy link
Author

cinjon commented Oct 3, 2019

I changed this to use a site-specific redirect uri and now I'm getting:

oauthlib.oauth2.rfc6749.errors.CustomOAuth2Error: (redirect_uri_mismatch) Bad Request

This seems pretty common but none of the solutions I see are working for me.

@yoshi-automation yoshi-automation added the triage me I really want to be triaged. label Oct 4, 2019
@busunkim96
Copy link
Contributor

Hiya @cinjon

I think you're running into a bug introduced in v0.4.0. Please use 0.3.0 until the fix is released in 0.4.1

@busunkim96 busunkim96 added type: question Request for information or clarification. Not an issue. and removed triage me I really want to be triaged. labels Oct 4, 2019
@busunkim96 busunkim96 self-assigned this Oct 4, 2019
@cinjon
Copy link
Author

cinjon commented Oct 4, 2019

I tried downgrading and am still getting the same error:

oauthlib.oauth2.rfc6749.errors.CustomOAuth2Error: (redirect_uri_mismatch) Bad Request

@cinjon
Copy link
Author

cinjon commented Oct 4, 2019
edited

Is there a way to get more visibility into what is the error? All I'm seeing is oauthlib.oauth2.rfc6749.errors.CustomOAuth2Error: (redirect_uri_mismatch) Bad Request but the redirect_uri is the same on both the client and the server.

(@cc @busunkim96 )

@busunkim96 busunkim96 reopened this Oct 4, 2019
@busunkim96
Copy link
Contributor

Hmm, can verify that the desired redirect_uri is in the credentials.json file? It should be listed under the redirect_uris field.

@cinjon
Copy link
Author

cinjon commented Oct 4, 2019

So that was an issue, and I've now updated it - and I still get the same error. Fwiw, this is all happening in local development.

My current credentials.json looks like:
{"web":{"client_id":"<blah>.apps.googleusercontent.com","project_id":"<blah>","auth_uri":"https://accounts.google.com/o/oauth2/auth","token_uri":"https://oauth2.googleapis.com/token","auth_provider_x509_cert_url":"https://www.googleapis.com/oauth2/v1/certs","client_secret":"<blah>","redirect_uris":["https://localhost:3000/google_oauth_redirect","http://localhost:3000/google_oauth_redirect","http://localhost:5000/google_oauth_redirect","https://localhost:5000/google_oauth_redirect"],"javascript_origins":["https://localhost:3000","http://localhost:3000","https://localhost:5000","http://localhost:5000"]}}

As you can see, I have inserted all the things I could think of to try and get it to not be a mismatch. I've also tried the redirect_uri combinations in my local JS as well.

Do you have more suggestions? That last one was really useful. Thanks!

@busunkim96
Copy link
Contributor

@cinjon Did you edit the file manually? If so, you should go to the API console and edit your existing OAuth client ID. After that you can re-download the credentials.

@cinjon
Copy link
Author

cinjon commented Oct 4, 2019

I didn't. I downloaded it from the console.

@busunkim96
Copy link
Contributor

It looks like the library you linked is using gapi under the hood. You might want to take a look at that documentation as well.

https://developers.google.com/identity/sign-in/web/reference#gapiauth2clientconfig
image

There are some more general suggestions in this stackoverflow post.

@busunkim96
Copy link
Contributor

When you do figure out the solution, would you mind posting back here? It will help who stumbles on this issue in the future. 😃

@Andras1000
Copy link

Andras1000 commented Nov 4, 2020
edited

This happened to me after trying to use the OAuth2 authorization code more then once.

The solution for me was to get a fresh authorization code.

@jahangirkabir
Copy link

I am also getting the same error with version 0.4.2

@busunkim96
Copy link
Contributor

Revisiting this, I think @Andras1000 is correct.

To get a new access token you need to use the refresh token.
image

Documentation:

@bhavaygg
Copy link

@busunkim96 How do i get the refresh token tho? I have got the authorization code from the front end and want to store the refresh token in my django backend.

@busunkim96
Copy link
Contributor

@Chokerino The authorization code should be exchanged for a refresh token. https://developers.google.com/identity/protocols/oauth2/web-server#exchange-authorization-code

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@busunkim96 busunkim96

Labels
type: question Request for information or clarification. Not an issue.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@cinjon @jahangirkabir @busunkim96 @Andras1000 @bhavaygg @yoshi-automation