dknaack
Reputation: 60438
Google OAuth - Authenticate using Javascript Frontend and Server Backend (Authorization Code Flow)
I am implementing Google authentication into my JavaScript web application. I would like to use the authentication code flow as described here.
What I want to do is...
- User clicks a button and gets presented with the consent screen
- He clicks "allow" and I get back the authorization code
- I send the authorization code to my rest backend in order to exchange the authorization code to a
access_token
The first 2 parts working perfectly as expected but I cant get 3. to work.
I call https://www.googleapis.com/oauth2/v3/token from my backend posting the code, client_id, client_secret, redirect_uri and grant_type (authorization_code). This works well, I checked it with fiddler (a web debugging tool). However I always get unauthorized_client as a result.
Any ideas?
Upvotes: 0
Views: 3721
Answers (1)
dknaack
Reputation: 60438
After a lot of testing and reading i finally got it.
- Even if i perform a POST request to get the access token in my backend i need to pass in the parameters (client_id, client_secret, etc...) with the query string NOT the body.
- I need to provide the same redirect_uri in both requests (getting the code and getting the access_token)
Now it works great.
Upvotes: 1
Related Questions
- How to use Google OAuth to authenticate on the backend?
- Having a trouble with Google OAuth2 (app has no backend, so client side only)
- Authenticate to Google API with Node JS
- How to use Google oAuth with Node.js backend and Angular frontend?
- Session handling in Google oauth
- Is there any way to combine client-side and server-side Google API authentication?
- Google API: Authenticating with oauth user id
- Google sign-in for server-side
- OAuth 2 Login using Node.js and Google & Javascript
- Google API Authorisation with JavaScript