Reputation: 11
GooglePlus API - (401) Invalid Credentials error
We have code that was working perfectly to access the Googleplus Api, but now it inexplicably no longer works, instead returning a "(401) Invalid Credentials" error when this line is called:
$me = $plus->people->get('me');
Here is the full code snippet (php):
try
{
$client = new apiClient();
$client->setApplicationName("Google OAuth");
$client->setClientId(GOOGLE_API_CLIENT_ID);
$client->setClientSecret(GOOGLE_API_CLIENT_SECRET);
$client->setRedirectUri(GOOGLE_API_REDIRECT_URI);
$client->setDeveloperKey('XXX');
$client->setScopes(array('https://www.googleapis.com/auth/plus.me'));
$plus = new apiPlusService($client);
$oauth2 = new apiOauth2Service($client);
$client->authenticate();
$token = $client->getAccessToken();
if (isset($token))
$client->setAccessToken($token);
if ($client->getAccessToken()) {
$me = $plus->people->get('me');
}
}
catch (Exception $x)
{
echo "Stack: " . $x->getTraceAsString() . "<br />";
echo "Message: " . $x->getMessage() . "<br />";
echo "File: " . $x->getFile() . "<br />";
echo "Line: " . $x->getLine(). "<br />";
}
Upvotes: 1
Views: 3486
Answers (4)
Reputation: 393
I had the same error when user denied access to my aplication, and the token remained in the DB (or session). The API was trying to authenticate using old token. You need to check
if(strpos($x->getMessage(), 'Invalid Credentials')) {
unset($_SESSION['access_token'];
}
and also remove any relevant data from your db.
Upvotes: 1
Reputation:
This problem is caused when you login from other device using same credentials and then logout .
Upvotes: 0
Reputation: 8681
Everything checks out as far as I can tell, it's possible that something went wrong with the credentials associated with your account.
To verify this, try using another account to access the API or try revoking your application from Google accounts. To revoke your application from your account:
- Navigate to this page: https://www.google.com/settings/account
- Click the Security link and then click the Manage access button on the bottom of the page.
- Find the application that corresponds to your site and click
After your site/application is revoked, go back to your site and then re-authenticate.
Upvotes: 0
Reputation: 8869
What fails? the first call to authorize, or the 2nd one to get the token ?
Check the URLs that are sent, it will be easier to inspect the issue.
and: Google might have changed their oAuth APIs?
Upvotes: 0
Related Questions
- Annoying invalid credentials with oauth 2.0 google + api
- Google OAuth2 (401) Invalid Credentials
- Google Plus OAuth PHP 401 (Unauthorized)
- Google+ OAuth API - error 400
- Google+ login api problems
- Google Plus Login API Invalid_request PHP Client
- Google Authentication Using PHP Library OAuth 2.0
- Google+ Sign-In Error: Invalid_client
- google plus api invalid_request
- Receiving HTTP 401 Unauthorized when making a Google plus API call