Getting an OAuthProblemException: invalid_request for Google when using OLTU

Question

I'm using the Oltu library from Apache and I'm trying to authenticate via Google using OAuth2. Here's the relevant code:

OAuthAuthzResponse oar = OAuthAuthzResponse.oauthCodeAuthzResponse(request);
OAuthClientRequest clientReq = OAuthClientRequest
    .tokenProvider(OAuthProviderType.GOOGLE)
    .setClientId("<my-client-id>")
    .setClientSecret("<my-client-secret>")
    .setRedirectURI("https://test.example.com/oauthtest/oauth/google/auth")
    .setCode(oar.getCode())
    .setGrantType(GrantType.AUTHORIZATION_CODE)
    .buildQueryMessage();

OAuthClient oAuthClient = new OAuthClient(new URLConnectionClient());

// This call fails with the OAuthProblemException
OAuthAccessTokenResponse oAuthResponse = oAuthClient.accessToken(clientReq, 
        OAuthJSONAccessTokenResponse.class);

I can authenticate via Facebook without an issue, but for whatever reason this is failing. I can get the code from the OAuthAuthzResponse without issue so I know the original call is working, but this follow-up call is failing.

---

Edit: I've given up on using Oltu and stuck with the simpler approach of using the HttpClient library and performing the OAuth dance by hand. It's worked better for me and I would recommend it to anyone who wants to authenticate against more than one OAuth provider reliably. Only Twitter required me to use Scribe.

Answer 1

Google's OAuth2 sends parameters in the body of HTTP POST method instead query string.

Try replace buildQueryMessage() by buildBodyMessage() method.

Answer 2

I've a Spring OAuth2 and Google integration program working where I can access the protected resources like user profile etc..

I think you need to refactor the code to use the following code:

OAuthClientRequest request = OAuthClientRequest
                .authorizationLocation("https://accounts.google.com/o/oauth2/auth")
                .setClientId("")
                .setRedirectURI("https://test.example.com/oauthtest/oauth/google/auth")
                .setResponseType("code")
                .setScope("https://www.googleapis.com/auth/plus.login https://www.googleapis.com/auth/plus.profile.emails.read https://www.googleapis.com/auth/plus.me")
                .buildQueryMessage();

Also when you're handling callback you need to make sure of sending the "secret", "TokenLocation", "RedirectURI" and above "code" value you need to set for setCode("")

Please refer my answer from Apache Oltu Spring Security OAuth2 and Google Integration to your query. Make sure your codes details are in place properly.