oauth2 getting token - Error: invalid_request</p><p id="errorDescription">Parameter not allowed for this message type: client_secret

[joelkeepup]

Hi, I am working on implementing oauth2 using the oauth2 ruby gem. Through quite a bit of trial and error, I am able to redirect the user to google, have them approve the permissions, then when I get the callback I get a "code". My understanding is I need to use this code to get a token (not sure if this is a refresh token or not).

So I am making this call:

ruby:
 access_token = client.auth_code.get_token(params[:code], {:redirect_uri => GA_OAUTH2_REDIRECT_URL, 'response_type' => 'code', :scope => 'https://www.googleapis.com/auth/analytics.readonly'})
 
this translates to:
base url is : https://accounts.google.com/o/oauth2/auth

options: {:redirect_uri=>"http://localhost:3000/oauth2callback", :scope=>"https://www.googleapis.com/auth/analytics.readonly", "response_type"=>"code", "client_id"=>"XXXXXXXXX.apps.googleusercontent.com", "grant_type"=>"authorization_code", "client_secret"=>"XXXXXXXXXX", "code"=>"XXXXXXXXXXXXXXXXX"},

headers: {"Content-Type"=>"application/x-www-form-urlencoded"}

I guess it doesn't want me to send along client secret, but why would the oauth gem be doing this?

Also I have long running nightly jobs, with oauth1, I just got the access token and held onto it and it would work for a very long time. Is the right flow with oauth2 that I get the code, store it, and each night I use the code to get a token?

thanks
Joel

[joelkeepup]

I figured this problem out, I was sending to o/oauth2/auth instead of o/oauth2/token

thanks
Joel