1
votes

I'm trying to get an access token to use the Google Web Play API, but it won't work, and it won't give a helpful error message, and Google doesn't provide a lick of support.

https://developers.google.com/android-publisher/authorization

Client ID for web applications
Client ID:  37625491467222.apps.googleusercontent.com
Email address:  [email protected]
Client secret:  XB5gwFt8w29Fs34540gr9urEGEmUHCLI
Redirect URIs:  http://www.kizbit.com/oauth2callback
JavaScript origins: http://www.kizbit.com

Refresh token: http://www.kizbit.com/oauth2callback?code=4/IAoP7JxYfe82KsuUwQRWQw2na_vreOM.MtjvGJqCG3IYshQV0ieZDArkfr1icAI

[root@308321 ~]# cat authcode.txt grant_type=authorization_code&code=4%2FIAoP7JxYfe82KsuUwQRWQw2na_vreOM.MtjvGJqCG3IYshQV0ieZDArkfr1icAI&client_id=37625491467222.apps.googleusercontent.com&client_secret=XB5gwFt8w29Fs34540gr9urEGEmUHCLI&redirect_uri=http%3A%2F%2Fwww.kizbit.com%2Foauth2callback

[root@308321 ~]# wget -S --post-file=authcode.txt  https://accounts.google.com/o/oauth2/token
--2012-06-28 01:08:37--  https://accounts.google.com/o/oauth2/token
Resolving accounts.google.com... 2001:4860:b007::54, 74.125.142.84
Connecting to accounts.google.com|2001:4860:b007::54|:443... connected.
HTTP request sent, awaiting response...
  HTTP/1.0 400 Bad Request
  Cache-Control: no-cache, no-store, max-age=0, must-revalidate
  Pragma: no-cache
  Expires: Fri, 01 Jan 1990 00:00:00 GMT
  Date: Thu, 28 Jun 2012 05:08:40 GMT
  Content-Type: application/json
  X-Content-Type-Options: nosniff
  X-Frame-Options: SAMEORIGIN
  X-XSS-Protection: 1; mode=block
  Server: GSE
2012-06-28 01:08:
37 ERROR 400: Bad Request.

I know you're not supposed to give out keys but it doesn't matter because it doesn't work!

The refresh token doesn't work either.

Not encoding the file doesn't work either:

[root@308321 ~]# cat authcode2.txt
grant_type=authorization_code
code=4/IAoP7JxYfe82KsuUwQRWQw2na_vreOM.MtjvGJqCG3IYshQV0ieZDArkfr1icAI
client_id=37625491467222.apps.googleusercontent.com
client_secret=XB5gwFt8w29Fs34540gr9urEGEmUHCLI
redirect_uri=http://www.kizbit.com/oauth2callback

[root@308321 ~]# wget -S --post-file=authcode2.txt  https://accounts.google.com/o/oauth2/token
--2012-06-28 01:33:44--  https://accounts.google.com/o/oauth2/token
Resolving accounts.google.com... 2001:4860:b007::54, 74.125.142.84
Connecting to accounts.google.com|2001:4860:b007::54|:443... connected.
HTTP request sent, awaiting response...
  HTTP/1.0 400 Bad Request
  Cache-Control: no-cache, no-store, max-age=0, must-revalidate
  Pragma: no-cache
  Expires: Fri, 01 Jan 1990 00:00:00 GMT
  Date: Thu, 28 Jun 2012 05:33:47 GMT
  Content-Type: application/json
  X-Content-Type-Options: nosniff
  X-Frame-Options: SAMEORIGIN
  X-XSS-Protection: 1; mode=block
  Server: GSE
2012-06-28 01:33:44 ERROR 400: Bad Request.
1

1 Answers

0
votes

I don't know how I solved this. Some possible things I may have done:

  1. Make the access token request from the same IP as the web page authorization request to get the code.
  2. Use wget -dSO- --post-file to debug.
  3. Make the access token request very quickly after the web page authorization. Maybe the code only lasts 10m?
  4. Add more IPs to the Javascript origins in the Google API Console.
  5. Re-URL encode the POST file and strip off any trailing newlines.

Anyways, once I got the access token and the all-so-important refresh token, I'm was good.