Google oauth2 integration not work - invalid_grant

485 views
Skip to first unread message

Nicholas Faiz

unread,
Apr 18, 2012, 12:25:33 AM4/18/12
to omni...@googlegroups.com
Hi,

I'm just wondering if anyone has solved the problem I (and many others) have been encountering when trying to setup oauth2 with Google? 

I invariably encounter an 'invalid_grant' error when trying to exchange the code for an access token. To be specific, this happens after the user has successfully authorized my Google app, Google has posted a code to my callback, and my callback then has to issue a HTTPs post back to google to find out information about the user. At this point the invalid_grant error is returned with HTTP 400 (and with a HTTP expires header dating back to 1990).

I have this working for Facebook, and Twitter uses oauth1 so this step doesn't exist. 

I've googled it quite a bit. Many people have encountered this error and no one seems to know what causes it. It isn't documented in Google's Authentication information (although other error conditions are, at times). 

If you have solved this problem it'd be great if you could share how.

Cheers,
Nicholas

Content-Type: "application/x-www-form-urlencoded"
400
cache-control: "no-cache, no-store, max-age=0, must-revalidate"
pragma: "no-cache"
expires: "Fri, 01 Jan 1990 00:00:00 GMT"
date: "Wed, 18 Apr 2012 04:18:50 GMT"
content-type: "application/json"
x-content-type-options: "nosniff"
x-frame-options: "SAMEORIGIN"
x-xss-protection: "1; mode=block"
server: "GSE"
connection: "close"



 {
  "error" : "invalid_grant"
}

Nicholas Faiz

unread,
Apr 18, 2012, 12:26:17 AM4/18/12
to omni...@googlegroups.com
Erm, excuse the bad post title. Was rushing a bit. 

s/work/working/

colbert2012

unread,
Apr 24, 2012, 10:37:44 AM4/24/12
to omni...@googlegroups.com
yes I get this as well,  I have tracked it down to that the callback is being called twice somehow.  The first time it authorizes with  /oauth/token just fine, the second time it raises an invalid grant error because you have already exchanged the code.

I do not know how to fix or how to stop it being called twice.

If you want to see proof its being called twice add this to your  initializer:

module OmniAuth
  module Strategies
    class GoogleOauth2 < OmniAuth::Strategies::OAuth2

 
      def callback_phase
        require 'debugger'; debugger
        super
      end
    end
  end
end   

It should only do the callback phase once and not twice.

colbert2012

unread,
Apr 25, 2012, 5:09:30 AM4/25/12
to omniauth
Ok I am a moron, was setting up omniauth in config.ru and omniauth
intializser and i didnt realise.
> > posthttps://accounts.google.com/o/oauth2/token

realalien

unread,
May 28, 2012, 9:23:56 PM5/28/12
to omni...@googlegroups.com
Thank you very much indeed for posting this issue. It saved my days!
I accidentally added one authentication provider in two places(one in devise initializer and the other omniauth) by following several asynchronous tutorials!
Reply all
Reply to author
Forward
0 new messages