When I try to request for token after i get the oauth from google I am getting an error
Response result body {
"error" : "invalid_request",
"error_description" : "Required parameter is missing: grant_type"
}
I know this issue is due to grant_type is not set properly that is authorization_code. But I am getting a response with code and other information when i request for oauth. My response comes as authResult. I am able to get the authResult['code'] but when I try to get the authResult['authorization_code'] it is getting as undefined. Can anyone out here help how to get the authorization_code from the authResult response.
My request for oauth:
<span id="signinButton">
<span
class="g-signin"
data-callback="signinCallback"
data-clientid="clientid"
data-cookiepolicy="single_host_origin"
data-scope="https://www.googleapis.com/auth/plus.login"
data-response_type="code"
data-redirect_uri="http://test-on.ap1.visual.force.com/apex/Gmail_inbox">
</span>
</span>
function signinCallback(authResult) {
if (authResult['status']['signed_in']) {
}
}
you will not get authResult[authorization_code] just pass grant_type=authorization_code in your url. This will work for you.
well i didn't get anything from your updated question but still i am writing here entire process of getting code and token.
make a http request https://accounts.google.com/o/oauth2/auth?redirect_uri=http://test-on.ap1.visual.force.com/apex/Gmail_inbox&response_type=code&client_id={clientId}&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fplus.login&approval_prompt=force&access_type=offline
Response you will get a code here and then
2.make a post request to get token
the url would be
code={YOUR_CODE}&redirect_uri=http://test-on.ap1.visual.force.com/apex/Gmail_inbox&client_id={your-client-id}&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fplus.login&client_secret={your-client-secret}&grant_type=authorization_code
here you will get token tokens as a response
Related
Long story short, I'm trying to get guest's token, but receive 401 response code and I'm not quite sure, what I'm doing wrong.
JSR223 PreProcessor code:
import org.apache.commons.codec.binary.Base64;
byte[] encodedUsernamePassword = Base64.encodeBase64("user_pass".getBytes());
vars.put("auth",new String(encodedUsernamePassword));
Response data:
Response code:401
Response message:Unauthorized
Request documentation
I found, where was the problem: I had to send grant_type as parameter without scope
I'm trying to exchange an authorization code for access code, but I'm getting an error saying "redirect_uri_mismatch".
I waited ~8 hours just in case it needs to update, but no luck so far.
The redirect uri's are set correctly, as you can see from the image here.
Initial Front-End redirect/request:
GET => https://accounts.google.com/o/oauth2/v2/auth
?scope=https://www.googleapis.com/auth/youtube.readonly
&include_granted_scopes=true
&state=state_parameter_passthrough_value
&redirect_uri=http://localhost:4200/profile?platform=youtube
&access_type=offline
&response_type=code
&client_id=[HIDDEN]
After code is parsed, I exchange the code for access code:
POST => https://oauth2.googleapis.com/token
?client_id=[HIDDEN]
&client_secret=[HIDDEN]
&code=[HIDDEN]
&grant_type=authorization_code
&redirect_uri=http://localhost:2222/youtube/oauth
Response:
data: {
error: 'redirect_uri_mismatch',
error_description: 'Bad Request'
}
Apparently, the redirect_uri has to match the initial request's uri.
Problem solved, feel free to upvote for visibility - thanks.
Source: https://www.rfc-editor.org/rfc/rfc6749#section-4.1.3
I'm new to keycloak and tyring to get access token from keycloak using GET request method through postman but experiencing http 405 error (Method not allow)
I already have tried this but it's not working and throwing HTTP 405 error method not allowed
MEHTOD: GET
URL: https://keycloak.carbook-dev.gocarbook.com/auth/realms/carbook/protocol/openid-connect/token
{
"realm":"carbook",
"bearer-only":true,
"grant_type":"password",
"client_id": "web_app",
"username":"admin*****",
"password":"a*****"
}
I'm expecting access token upon successfully completion of that request such as
eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJJQk1YWTd0TGpfejg5c1p2Z2JrUHp.....
I can achieve the same using postman GET NEW ACCESS TOKEN form but i want to achieve this through rest call so that later on i could use the same request in cypress to access the token for subsequent calls.
Shouldn't you POST the request instead of GET ?
The message seems to tell that GET method is not allowed for this endpoint...
Im trying to use google oauth using the below link but get a 405 error,
Can you please let me know if the parameters are correct?
client_id = changed to a diff value
response_type = code
scope= openid%20email
redirecturl = given the value based on what I registered in console.developers.com
login_hint = my gmail id..
https://accounts.google.com/o/oauth2/token?
client_id=690178314820-85fvo4eq56se4mppdaf0pt6tnnjo552&
response_type=code&
scope=openid%20email&
redirect_uri=http://test.webfactional.com&
state=security_token%3D138r5719ru3e1%26url%3Dhttps://oa2cb.example.com/myHome&
login_hint=myemail#gmail.com
I made the above get requests in the browser..
There are a few steps to getting access to Google its easer for me to show you the full flow. My guess is you are stuck on step two because your not sending it as a post.
Step 1: Ask for access
https://accounts.google.com/o/oauth2/auth?client_id={clientid}.apps.googleusercontent.com&redirect_uri={From console}&scope=openid%20email&response_type=code
This just displays the window asking them to approve you. Once the user has approved access you get a one time Authentication Code.
Step 2: Exchange Authentication Code for AccessToken and RefreshToken. Note this needs to be sent as a HTTP POST not a HTTP Get.
https://accounts.google.com/o/oauth2/token
code={Authentication Code from step 1}&client_id={ClientId}.apps.googleusercontent.com&client_secret={ClientSecret}&redirect_uri=={From console}&grant_type=authorization_code
you should get a JSon string back looking something like this.
{
"access_token" : "ya29.1.AADtN_VSBMC2Ga2lhxsTKjVQ_ROco8VbD6h01aj4PcKHLm6qvHbNtn-_BIzXMw",
"token_type" : "Bearer",
"expires_in" : 3600,
"refresh_token" : "1/J-3zPA8XR1o_cXebV9sDKn_f5MTqaFhKFxH-3PUPiJ4"
}
Now you can take that Access_token and use it to make your requests. But access tokens are only good for 1 hour and then they expire before that time you need to use the Refresh_token to get a new access token. Also if you are going to want to access your users data again you should save the refresh_token some place that will enable you to always access there data.
Step 3: Use Refreshtoken
https://accounts.google.com/o/oauth2/token
client_id={ClientId}.apps.googleusercontent.com&client_secret={ClientSecret}&refresh_token={RefreshToken from step 2}&grant_type=refresh_token
This time you will only get the Access token back, because your refreshtoken is good until the user removes authentication or you haven't used it for 6 months.
{
"access_token" : "ya29.1.AADtN_XK16As2ZHlScqOxGtntIlevNcasMSPwGiE3pe5ANZfrmJTcsI3ZtAjv4sDrPDRnQ",
"token_type" : "Bearer",
"expires_in" : 3600
}
You can find more detailed information on this here Google 3 Legged oauth2 flow
It seems you are using wrong api, you should use https://accounts.google.com/o/oauth2/auth instead of https://accounts.google.com/o/oauth2/token.
The reason you get error 405 is https://accounts.google.com/o/oauth2/token can only be called by POST, and it is to get token. You need to get authorization code first and then exchange it for a token.
Please pay attention for this /oauth2/v3/token and /oauth2/token
I do follow guide of google at this link
It show me following
obtain Authentication Code by /o/oauth2/auth => it work, the response as example in the guide
obtain access token by /oauth2/v3/token => it is error, the status code 405 is responsed
The correct must be /oauth2/token
I am trying to authenticate google api in ruby. I got code parameter successfully. But I couldn't get access token using code params.i am passing following parameter to get access token
https://accounts.google.com/o/oauth2/token?code=4/HttxxNNyD8RU-emkYJufAM2&client_id=103xxxxxx-t8uaeuc4cexxxxxxxxv3ha1r50e.apps.googleusercontent.com&client_secret=xxxxxx&grant_type=authorization_code
i got following response:
An error occured connecting to the server: 400 returned.
<TITLE>Required parameter is missing: grant_type</TITLE> </HEAD> <BODY BGCOLOR="#FFFFFF" TEXT="#000000"> <H1>Required parameter is missing: grant_type</H1> <H2>Error 400</H2>
Any one help me to get accesstoken
Looks like the slash shouldn't be there in your code parameter. If needed it should be url encoded.
The format that Google shared these code keys is like the one given in the example. I do not believe your problem is because any of the credentials. I highly recommend to visit http://www.visualab.org/index.php/using-google-rest-api-for-analytics and I assure you will be fine. Also do not forget these tokens expires in 3600 seconds so have to whether reload the key approval screen for requesting new 'code' or follow the instructions in the link and understand 'refresh token' 'access token' for further lines of codes.