Google Cross Client Authorization and invalid_grant Errors

Question

I am currently developing the web component for Google Api cross client authorization as described in this article. https://developers.google.com/identity/protocols/CrossClientAuth

Additionally, the environment that I am in is Rails and so I am using the google-api-client gem as described in this article https://developers.google.com/identity/protocols/OAuth2WebServer#handlingtheresponse

The authorization code is obtained via the android app using the web client ID and passed onto the web api in order to exchange it. My use of the gem and code to exchange is as follows

auth_client = Google::APIClient::ClientSecrets.load("/path/to/client_secrets.json").to_
authorization
auth_client.code = code
auth_client.fetch_access_token!

I've additionally tried doing

auth_client = Google::APIClient::ClientSecrets.load("/path/to/client_secrets.json").to_
authorization
auth_client.update!(
  :grant_type => 'authorization_code'
)
auth_client.code = code
auth_client.fetch_access_token!

In all cases I receive an invalid grant error from Google with no description.

I have tried to construct the urls in order to leverage other api tools such as curl and postman, and circumvent the gem, using the google oauth playground without any success.

Any insight into what maybe generating the invalid grant errors or how to generate the curl requests to exchange the token directly with google outside of the gem would be greatly appreciated.

Answer 1

{“error”: “invalid_grant”, “error_description”: “Bad Request”}

Normally means that the client id and secret you are using to request access is not the one that was used to create the code in question.

The authorization code request via the credentials from the android app must be authorized using the same credentials. You cant mix and match credentials in this way.

I suggest you have your web app request the credentials the android app should be able to use the refresh token that the web credentials created if memory serves.