invalid_grant trying to get oAuth token from google
I ran into this problem when I didn't explicitly request "offline" access when sending the user to the OAuth "Do you want to give this app permission to touch your stuff?" page.
Make sure you specify access_type=offline in your request.
Details here: https://developers.google.com/accounts/docs/OAuth2WebServer#offline
(Also: I think Google added this restriction in late 2011. If you have old tokens from before then, you'll need to send your users to the permission page to authorize offline use.)
Google Oauth request results in invalid grant error
Okay this is going to be a wild guess. The issue being that invalid_grant can have a lot of possible causes.
One of them is trying to use a refresh token with a different client id and client secret then the one that was used to create it.
In comments you mentioned that you created another credentials file. And one file works the other doesn't. This may be due to the fact that you a have a refresh token stored and you are trying to refresh the access token using the refresh token from a credentials file that was not used to create it.
solution, delete your stored refresh token, pick the credentials file you want to use. Your application should request consent of the user again. All should then work.
Again wild guess Let me know if what happens.
Why do I keep catching a Google_Auth_Exception for invalid_grant?
I resolved the issue. I was trying to authorize the same authentication code twice, and therefore it returned an invalid_grant error.
My solution was to rewrite much of the code and fix the OAuth2 logic.
I have created a mini-tutorial of the OAuth2 authentication flow below:
<?php
session_start(); // Create a session
/**************************
* Google Client Configuration
*
* You may want to consider a modular approach,
* and do the following in a separate PHP file.
***************************/
/* Required Google libraries */
require_once 'Google/Client.php';
require_once 'Google/Service/Analytics.php';
/* API client information */
$clientId = 'YOUR-CLIENT-ID-HERE';
$clientSecret = 'YOUR-CLIENT-SECRET-HERE';
$redirectUri = 'http://www.example.com/';
$devKey = 'YOUR-DEVELOPER-KEY-HERE';
// Create a Google Client.
$client = new Google_Client();
$client->setApplicationName('App'); // Set your app name here
/* Configure the Google Client with your API information */
// Set Client ID and Secret.
$client->setClientId($clientId);
$client->setClientSecret($clientSecret);
// Set Redirect URL here - this should match the one you supplied.
$client->setRedirectUri($redirectUri);
// Set Developer Key and your Application Scopes.
$client->setDeveloperKey($devKey);
$client->setScopes(
array('https://www.googleapis.com/auth/analytics.readonly')
);
/**************************
* OAuth2 Authentication Flow
*
* You may want to consider a modular approach,
* and do the following in a separate PHP file.
***************************/
// Create a Google Analytics Service using the configured Google Client.
$analytics = new Google_Service_Analytics($client);
// Check if there is a logout request in the URL.
if (isset($_REQUEST['logout'])) {
// Clear the access token from the session storage.
unset($_SESSION['access_token']);
}
// Check if there is an authentication code in the URL.
// The authentication code is appended to the URL after
// the user is successfully redirected from authentication.
if (isset($_GET['code'])) {
// Exchange the authentication code with the Google Client.
$client->authenticate($_GET['code']);
// Retrieve the access token from the Google Client.
// In this example, we are storing the access token in
// the session storage - you may want to use a database instead.
$_SESSION['access_token'] = $client->getAccessToken();
// Once the access token is retrieved, you no longer need the
// authorization code in the URL. Redirect the user to a clean URL.
header('Location: '.filter_var($redirectUri, FILTER_SANITIZE_URL));
}
// If an access token exists in the session storage, you may use it
// to authenticate the Google Client for authorized usage.
if (isset($_SESSION['access_token']) && $_SESSION['access_token']) {
$client->setAccessToken($_SESSION['access_token']);
}
// If the Google Client does not have an authenticated access token,
// have the user go through the OAuth2 authentication flow.
if (!$client->getAccessToken()) {
// Get the OAuth2 authentication URL.
$authUrl = $client->createAuthUrl();
/* Have the user access the URL and authenticate here */
// Display the authentication URL here.
}
/**************************
* OAuth2 Authentication Complete
*
* Insert your API calls here
***************************/
When authenticating with oAuth and youtube, always get error : invalid_grant on 2nd auth attempt, why?
I found a way to fix this (at least for us). When redirecting to the accounts.google.com/o/oauth2/auth url, we had to add both approval_prompt=force and access_type=offline. If one was missing, we got no refresh token.
This url documents all of the parameters, but says nothing about the refresh token: http://code.google.com/apis/accounts/docs/OAuth2WebServer.html
Related Topics
Having Problems While Try to Install Oauth with Pecl in Mamp on MAC Os Lion
How to Get CPU Usage and Ram Usage Without Exec
Laravel Catch Tokenmismatchexception
Custom Laravel Validation Messages
How to Handle $_Post Data in MVC
Codeigniter - Why Use Xss_Clean
Which Is Faster and Better, Switch Case or If Else If
Uploading a File in Chunks Using HTML5
Loading View Outside View Folder with Codeigniter
Are the PHP Preg_Functions Multibyte Safe
How to Find the Socket Transport "Ssl" - Did You Forget to Enable It When You Configured PHP
How to Deal with Backslashes in JSON Strings PHP