PHP invalid_grant via oauth? Can someone help me figure out what I am doing wrong?
81 views
Skip to first unread message
James Andrews
Dec 16, 2015, 11:01:43 AM12/16/15
to AdWords API Forum
My Company has a Google Application that we use for connecting to various Google APIs (Youtube, DFA... etc) via OAuth. Today I am trying to integrate Adwords into this application and am only getting the error "invalid_grant". I have looked through the "Enabled APIs" and see no way to enable Adwords to an application specifically. I suspect that is done through the developer token. The user's token is new created after we were granted permission to use the API in a production environment. Our application type is a "Web Application" type. and when we create tokens we create them for use Offline. I also made sure to add the users's adwords ID to the manager account so the developer key has access to the user's adwords account.
This is the code snippet I am using. It is pretty much straight out of the example documentation, with minor mods to get oauth creds from the configuration file.
Can someone please point me in the right direction.
This is the code snippet I am using. It is pretty much straight out of the example documentation, with minor mods to get oauth creds from the configuration file.
Can someone please point me in the right direction.
protected function getCustomer($account, $params)
{
try {
// Retrieve the client_id and client_secret
$config = $this->container->getParameter('google_app');
// Get dev_token and user_agent
$adwords = $this->container->getParameter('google_adwords');
// oauth 2 config
$oauth2Info = array(
'client_id' => $config['id'],
'client_secret' => $config['secret'],
'refresh_token' => $params['refresh_token']
);
$user = new \AdWordsUser(null, $adwords['dev_token'], $adwords['user_agent'], null, null, $oauth2Info);
// Get the adwords customer
$customerService = $user->GetService("CustomerService");
$customer = $customerService->get();
$customerInfoArray = array();
$customerService = $user->GetService("CustomerService");
$customer = $customerService->get();
print_r($customer);
exit();
// return $customer;
} catch (OAuth2Exception $e) {
throw new \Exception("ERROR_OAUTH_AUTHORIZATION_FAILURE", 500);
} catch (ValidationException $e) {
throw new \Exception("ERROR_OAUTH_AUTHORIZATION_FAILURE", 500);
} catch (Exception $e) {
throw new \Exception("ERROR_UNEXPECTED_FAILURE", 500);
}
}
Yin Niu
Dec 16, 2015, 12:08:14 PM12/16/15
to AdWords API Forum
Hi James,
Have you followed this instruction to generate refresh token using an MCC account?
Other things you can check are:
1. Make sure your server's clock is in sync with NTP.
2. There is a maximum of 25 refresh tokens that can be valid at a time. If someone gets a 26th refresh token, then the 1st refresh token becomes invalid.
Thanks,
Yin, AdWords API Team.
James Andrews
Dec 16, 2015, 2:41:15 PM12/16/15
to AdWords API Forum
Hello Yin,
I've been using Google APIs for 2 years, with code already created to get google Access tokens and Refresh tokens. Are you telling me that Adwords does not work with the standard Google API Oauth system and I have to integrate another method of getting refresh tokens in order to use the Adwords API?
I've been using Google APIs for 2 years, with code already created to get google Access tokens and Refresh tokens. Are you telling me that Adwords does not work with the standard Google API Oauth system and I have to integrate another method of getting refresh tokens in order to use the Adwords API?
I had mentioned in my original message that we work with Google APIs in general. Youtube, DFA etc... so we are aware that we are only allowed 25 refresh tokens. We use 1 with our other api calls so that's not the problem. Server is NTP enabled we ran into that issue when we were dealing with Instagram, so that's not it.
James
Yin Niu
Dec 17, 2015, 9:54:13 AM12/17/15
to AdWords API Forum
Hi James,
Have you followed the OAuth guide for web application with a web flow? If you need offline access, you need to set your access type to "offline". You can also try the OAuth Playground to generate refresh token.
James Andrews
Dec 17, 2015, 10:11:31 AM12/17/15
to AdWords API Forum
Yin,
I'm not trying to be a jerk here, but did you even read my 2 posts where I have told you my company has been using the google APIs for 2 years with oauth. We have this working in a production environment. The issue is tokens created with the system we have set up are not working with adwords API. I am really frustrated that 1) you didn't give me a direct answer to the questions I had in my 2nd post. and 2) you aren't paying attention to what I've written in both my previous posts. If you had read either of them you would have sen that the answer to your question is yes.
James
Michael Cloonan (AdWords API Team)
Dec 17, 2015, 12:57:35 PM12/17/15
to AdWords API Forum
Hello James,
I apologize for the unnecessary back and forth.
How exactly are you generating the new refresh tokens you're using with AdWords?
I do know that AdWords is different from other Google APIs in some ways, such as the one you've found where it can't be enabled the same way. I'm afraid that this may extend to how you generate refresh tokens as well, as I've encountered other users who needed to change their process specifically for AdWords. Unfortunately, as I haven't worked with other Google APIs except AdWords, I'm not exactly aware of how that process differs from the way AdWords does it.
The easiest way to get up and running with AdWords in PHP would be to use our PHP client library, or at the very least to take a look at the example that fetches a refresh token in PHP, to see how that may differ from your current process.
If I had to guess, I would say that possibly you are setting the wrong scope, which for AdWords is: https://www.googleapis.com/auth/adwords
Regards,
Mike, AdWords API Team
James Andrews
Dec 18, 2015, 8:49:28 AM12/18/15
to adwordsapiad...@google.com, AdWords API Forum
Hello Michael,
I was able to get a valid access/refresh token pair using the GoogleLeads api code and return data from. In comparing the tokens returned by Adwords and a token returned by the GoogleAPI they are drastically different in string length. Therefore I conclude they are not the same and that we’ll have to give users a new way to authenticate for adwords.
While I have someone’s attention. Can I point out that this would have been less painful if somewhere in the documentation it stated that AdwordsAPI Oauth was not the same as the GoogleAPI Oauth.
Thanks for the help,
James
I was able to get a valid access/refresh token pair using the GoogleLeads api code and return data from. In comparing the tokens returned by Adwords and a token returned by the GoogleAPI they are drastically different in string length. Therefore I conclude they are not the same and that we’ll have to give users a new way to authenticate for adwords.
While I have someone’s attention. Can I point out that this would have been less painful if somewhere in the documentation it stated that AdwordsAPI Oauth was not the same as the GoogleAPI Oauth.
Thanks for the help,
James
Michael Cloonan (AdWords API Team)
Dec 18, 2015, 9:36:10 AM12/18/15
to AdWords API Forum, adwordsapiad...@google.com
Hello,
Thank you for the feedback. I will take a closer look at how AdWords OAuth differs from other APIs so that we can hopefully improve our documentation.
Regards,
Mike, AdWords API Team
Reply all
Reply to author
Forward
0 new messages