Reputation: 55
Why do my Android app get an Unknown Source Exception requesting short-lived authorization code in Google OAuth 2.0 flow?
We have a project consisting of an android app and a web back-end, and as such it is registered in the Google Console. The Android app is authenticating the user with his Google account (Google OAuth 2.0 flow).
We are successful in getting an access token to access the Google APIs. (the scope is: "oauth2: "+SCOPE_PLUS_LOGIN+" "+SCOPE_EMAIL+" "+SCOPE_PROFILE)
We are successful in getting an id token, that the app can forward to the back-end, as well. (the scope is: "audience:server:client_id:"+SERVER_CLIENT_ID)
The problem is when we ask for a short-lived authorization code (needed for the offline access of the back-end) we get an GoogleAuthException: Unknown at com.google.android.gms.auth.GoogleAuthUtil.getToken(Unknown Source).
We know two things:
The scope is ok, because we tested the permissions and the web_client_id already in the case of access token and id token. Scope is: "oauth2:server:client_id:"+"SERVER_CLIENT_ID"+":api_scope:"+SCOPE_PLUS_LOGIN and the syntax is as described here: https://developers.google.com/accounts/docs/CrossClientAuth in part for obtaining an offline access for the back-end.
The source code is ok, because it this the same source code as in the access token and id token case (where it works perfectly), only the scope is different. Code is taken from here: http://developer.android.com/google/auth/http-auth.html#ExtendAsyncTask
What can be the reason the short-lived authorization code won't be returned although the two other are? In some other questions here somebody suggested that getting the short-lived authorization code stopped working for them too. Can it be that it isn't available anymore or that sth in the specifications changed lately?
Upvotes: 2
Views: 338
Answers (1)
Reputation: 331
First, make sure your Android app is registered in Google developers console. If you only registered with your release signing key hash but you're using a debug key for testing, the Android app is recognized as unregistered. Do registered all your signing keys. Second, make sure the cliend IDs for your Android app and web server are in the same Google developer console project. Cross client auth only allowed for auth parties in the same project.
Upvotes: 1
Related Questions
- getting Google oauth authorization token from Android- return with invalid_scope/ Unknown error
- Google Authorization Code Flow - Getting Access Token Returns "unauthorized_client"
- GoogleAuthException: Unknown (android)
- com.google.android.gms.auth.GoogleAuthException: Unknown
- Google Plus Single Sign On Server Flow - Google_AuthException Error fetching OAuth2 access token, message: 'invalid_grant'
- Google API Invalid grant on one-time auth code from GoogleAuthUtil.getToken
- OAuth sample app crashes with verifyerror
- Why does Google OAuth 2.0 code-token Exchange returns "invalid_request"?
- Android Google Oauth issue
- Oauth 2 fails to exchange code for access token, returns "invalid_grant"