Reputation: 12645
How to get Google OAuth 2.0 Access token directly using curl? (without using Google Libraries)
I'm trying to follow this tutorial to authenticate with Google using their OAuth 2.0 API. However, I would like to make straight curl calls rather than use their libraries.
I have obtained my Client ID and Client Secret Key. Now I'm trying to get the access token like this:
curl \
--request POST \
--header "Content-Type: application/json" \
--data '{
"client_id":"MY_CLIENT_ID",
"client_secret":"MY_SECRET_KEY",
"redirect_uri": "http://localhost/etc",
"grant_type":"authorization_code"
}' \
"https://accounts.google.com/o/oauth2/token"
However, it is not working. It gives me the following error:
{
"error" : "invalid_request",
"error_description" : "Required parameter is missing: grant_type"
}
Can someone please provide me sample curl call to obtain the access token (and refresh token)?
Upvotes: 26
Views: 40301
Answers (3)
Reputation: 17
create and execute a python script file to obtain JWT assertion key which will be further used in curl command :
python script for generating jwt assertion key :
import jwt
import os
import json
import sys
# Load the service account key JSON
service_account_key = json.loads(open("name of your service account key file").read())
# Extract necessary information from the service account key JSON
client_email = service_account_key["client_email"]
# Create the payload with necessary claims
payload = {
"iss": client_email,
"sub": client_email,
"aud": "https://oauth2.googleapis.com/token",
"exp": expired timestamp, # Replace with the expiration timestamp
"iat": current timestamp, # Replace with the issuance timestamp
"scope": "https://www.googleapis.com/auth/cloud-platform"
}
# Sign the payload with the service account's private key
#with open(os.path.join(sys.path[0], 'privatekey.pem'), "r") as private_key_file:
# private_key = private_key_file.read()
private_key = "mention your private key present in service account key file"
jwt_assertion = jwt.encode(payload, private_key, algorithm="RS256")
print(jwt_assertion)
______________________________________________________________________
assertion key will be obtained after executing the above python script , paste that in below curl command ,
Now, curl -X POST "https://oauth2.googleapis.com/token" \
-d "scope=read&grant_type=urn:ietf:params:oauth:grant-type:jwt-bearer" \
-d "assertion=(your jwt_assertion key)"
Upvotes: -2
Reputation: 4784
While not directly using CURL, you can also get and test OAuth tokens using the Google OAuth Playground: https://developers.google.com/oauthplayground/
Upvotes: 9
Reputation: 54118
a) the data you provide should be form-encoded instead of presented as a JSON object and b) you should also provide an authorization code value in the "code" parameter. E.g.:
curl -d "client_id=MY_CLIENT_ID&\
client_secret=MY_SECRET_KEY&\
redirect_uri=http://localhost/etc&\
grant_type=authorization_code&\
code=CODE" https://oauth2.googleapis.com/token
Upvotes: 18
Related Questions
- How to send a header using a HTTP request through a cURL call?
- Why is there an "Authorization Code" flow in OAuth2 when "Implicit" flow works so well?
- How to add custom claims to Google ID_Token with Google OAuth 2.0 for Web Server Applications
- Google OAuth token exchange returns invalid_code
- 400 Bad Request when sending http post request to get token from auth code?
- How to get google auth token from authorization code?
- Error: redirect_uri_mismatch while trying to get access_token using oauth
- Issue during migration from Google OAuth 1.0 to OAuth 2.0
- curl php cannot get access token from google. Curl returns nothing