I get 404 errors while following step by step the "Using OAuth 2.0 for Web Server Applications" help page. Using OAuth 2.0 for Web Server Applications
I use http/rest requests.
Everything is OK until step 5 : "Exchange authorization code for refresh and access tokens".
My request (POST or GET) returns a 404 error: "Not Found". Here is my request, the same as in the guide:
https://www.googleapis.com/oauth2/v4/token?
code=4/_XXXXXXXXXXXXXXXXXXX__XXXXXXXXXXXXXX-XXXXXX?&client_id=012345678912-aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.apps.googleusercontent.com&client_secret=XXXXXXXXXXXXXXXXXXX_XXXX&grant_type=authorization_code&redirect_uri=http%3a%2f%2fwww.mydomain.com%3a50000%2fMyPage
Here is the related part of the guide:
"To exchange an authorization code for an access token, call the https://www.googleapis.com/oauth2/v4/token endpoint and set the following parameters:
Fields
code The authorization code returned from the initial request.
client_id The client ID obtained from the API Console.
client_secret The client secret obtained from the API Console.
redirect_uri One of the redirect URIs listed for your project in the API Console.
grant_type As defined in the OAuth 2.0 specification, this field must contain a value of authorization_code."
I think there is a problem with the service URL. Am I wrong?
Can any one provide the working URL?
A working request would be
POST /oauth2/v4/token HTTP/1.1
Host: www.googleapis.com
Content-length: 233
content-type: application/x-www-form-urlencoded
user-agent: google-oauth-playground
code=4%2FKxoYTS-jeq5-d6Lv7YvSz9ZrK0pJ_5lZsMExzNC1M0o&redirect_uri=https%3A%2F%2Fdevelopers.google.com%2Foauthplayground&client_id=407408718192.apps.googleusercontent.com&client_secret=************&scope=&grant_type=authorization_code
Note that:-
code= etc is the request body, not the URL.Step two in the auth flow is a HTTP POST.
https://www.googleapis.com/oauth2/v4/token
code={The code from step one}&client_id={ClientId}&client_secret={ClientSecret}&redirect_uri={RedirectURI}&grant_type=authorization_code
The main difference I see is that you have a ? tacked on the end of the URL which is not needed.  Remember you need to post the string exactly as I have show it with the &'s as a string.
This is my tutorial on Google 3 Legged OAuth2 Flow it might help
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With