CODEWITHSUNDEEP
pythonpython-2.7oauthoauth-2.0
amazingbasil
amazingbasil

Reputation: 1715

invalid_grant error while getting access token via OAuth 2.0

There is a python app uses Health Graph API

# -*- coding: utf-8 -*-
from django.shortcuts import render_to_response, redirect
from main.settings import CLIENT_ID, CLIENT_SECRET, RUNKEEPER_LOGIN_URL, ACCESS_TOKEN_URL
import requests


def index(request):
    return render_to_response('index.html')

def login(request):
    code = request.GET['code']
    post_data = {'grant_type': 'authorization_code',
                 'code': code,
                 'client_id': CLIENT_ID,
                 'client_secret': CLIENT_SECRET,
                 'redirect_uri': 'http://127.0.0.1:8000/welcome/'}

    req = requests.post(ACCESS_TOKEN_URL, data=post_data)

My login button that redirects user to Health Graph Login Page and let's my app wait authorization code.

<a href="https://runkeeper.com/apps/authorize?redirect_uri=http%3A%2F%2F127.0.0.1%3A8000%2Flogin&response_type=code&client_id=xxxxxxxxx">

When I try to get access token by calling login function, I getting 'invalid grant' error as request. I tried to replace 'authorization_code' to another words and I've got another 'unsupported grant type' error. Another words, token server refuses code that I getting from auth server. What I doing wrong?

Upvotes: 0

Views: 10358

Answers (1)

Hans Z.
Hans Z.

Reputation: 53888

The redirect_uri used in the redirect to the authorization endpoint differs from the one that you use in the login function that exchanges the code at the token endpoint. As the docs at http://developer.runkeeper.com/healthgraph/getting-started ("Connect your Application to a User's Health Graph Account", bullet 3.) stipulate, it should match exactly:

redirect_uri: The exact URL that you supplied when sending the user to the authorization endpoint above

Upvotes: 4

Related Questions