I am trying to exchange a one-time Google Plus Authorization code for an access token. But I keep on getting a 400 Bad Request. I am using VB.NET. Here is the code:
'We should now have a "good" one-time authorization code stored in "code"
Using Client As New WebClient()
'Dim Client As New WebClient()
Dim values As New NameValueCollection()
Dim Resp
Dim responseString As String
values("code") = Request.QueryString("code")
values("client_id") = ConfigurationManager.AppSettings("google.clientid")
values("client_secret") = ConfigurationManager.AppSettings("google.clientsecret")
values("grant_type") = "authorization_code"
values("redirect_uri") = "http://localhost:3333/MyVacations/default.aspx"
Resp = Client.UploadValues("https://www.googleapis.com/oauth2/v3/token", values)
responseString = Encoding.Default.GetString(Resp)
End Using
I'm pretty sure this is the endpoint I'm supposed to be using https://www.googleapis.com/oauth2/v3/token but who knows? The Google Discovery Document just muddles this for me.
Also pardon my naivete but would someone explain how the POST code Google uses as an example relates to the Web Request in my code above? I think I understand how the values translate, but the 3 header lines in the POST (below) ... how does this get specified in the VB code? I'm missing something that must be really obvious to others so if you know, please tell me.
POST /oauth2/v3/token HTTP/1.1
Host: www.googleapis.com
Content-Type: application/x-www-form-urlencoded
code=4/P7q7W91a-oMsCeLvIaQm6bTrgtp7&
client_id=8819981768.apps.googleusercontent.com&
client_secret={client_secret}&
redirect_uri=https://oauth2-login-demo.appspot.com/code&
grant_type=authorization_code
Another Stack Overflow Post says something about sending the data as query parameters (using '&' I guess) instead of sending the data as request headers, so is there something wrong with sending along a NameValueCollection?
So here's the answer: The API requires 2 calls. The first call returns a one time authorization code. The first call must specify a redirect URI.
The 2nd call sends the one time code to the API for an authorization token. This POST also requires a redirect URI.
The redirect URI in the first call must be the same as the redirect URI in the 2nd call!!!
I was unable to find this anywhere in the documentation. Remember that this URI must also match one of the URIs in the list in your developers console, which is what all the documentation says.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With