user1739509
Reputation: 61
oauth2.0 invalid request when trying to use refresh token
Used google oauth2 playground: https://developers.google.com/oauthplayground/ Followed: https://developers.google.com/accounts/docs/OAuth2WebServer#offline
Anyone why I am getting invalid request?
POST /o/oauth2/token HTTP/1.1
Host: accounts.google.com
Content-length: 209
Content-type: application/x-www-form-urlencoded
Authorization: OAuth ya29.XXXXXXXX
client_id=XXXXXXXXX&
client_secret=XXXXXXXXX&
refresh_token=1/0ffkj5lggn8XXXXXXXXX&
grant_type=refresh_token
HTTP/1.1 400 Bad Request
Content-length: 33
X-xss-protection: 1; mode=block
X-content-type-options: nosniff
X-google-cache-control: remote-fetch
-content-encoding: gzip
Server: GSE
Reason: Bad Request
Via: HTTP/1.1 GWA
Pragma: no-cache
Cache-control: no-cache, no-store, max-age=0, must-revalidate
Date: Thu, 11 Oct 2012 21:29:55 GMT
X-frame-options: SAMEORIGIN
Content-type: application/json
Expires: Fri, 01 Jan 1990 00:00:00 GMT
{
"error" : "invalid_request"
}
Upvotes: 6
Views: 3274
Answers (1)
Stance
Reputation: 41
If you're getting 400 is because you are adding an invalid parameter or missing one.
edit:
i believe from the given data there is an extra header Authorization. This is used in oauth2 only when access_token is passed in header, to make authenticated calls
Authorization : Bearer XXXXXXXXXXXXXXXX
while refreshing access_token there is no need to provide the same in header.
https://developers.google.com/accounts/docs/OAuth2InstalledApp#refresh
Upvotes: 1
Related Questions
- How to use refresh token in Oauth2.0?
- Oauth2 refresh_token confusion
- Why refresh token has to be replaced when used?
- No refresh_token in OAuth 2.0 response
- Using refresh_token for Google OAuth 2.0 returns http 400 bad request
- OAuth2 refresh token utility
- Fail to refresh access token in OAuth 2.0 Playground
- Not getting refresh token with google oauth2
- Refresh token unique
- Refresh_token using oauth.io