oauth2 icon indicating copy to clipboard operation
oauth2 copied to clipboard

Published 20 hours ago verified publisher icon ueberauth

Oauth2.Client.get_token not working for Google

Open FelixFortis opened this issue 5 years ago • 4 comments 

OAuth2.Client.new([   
  strategy: OAuth2.Strategy.AuthCode,
  client_id: "my_client_id",
  client_secret: "my_client_secret",
  site: "https://accounts.google.com",
  authorize_url: "/o/oauth2/auth",
  redirect_uri: "http://localhost:4000/auth/google/callback"
]) |> OAuth2.Client.get_token!(code: code)

Responds with:

{:error,
 %OAuth2.Response{
   body: "<!DOCTYPE html><html lang=en><meta charset=utf-8><meta name=viewport content=\"initial-scale=1, minimum-scale=1, width=device-width\"><title>Error 400 (Bad Request)!!1</title><style nonce=\"L8kvoo2If2LzNils9NwbOA\">*{margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{color:#222;text-align:unset;margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px;}* > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}pre{white-space:pre-wrap;}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) 0}}@media only screen and (-webkit-min-device-pixel-ratio:2){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat;-webkit-background-size:100% 100%}}#logo{display:inline-block;height:54px;width:150px}</style><div id=\"af-error-container\"><a href=//www.google.com><span id=logo aria-label=Google></span></a><p><b>400.</b> <ins>That’s an error.</ins><p>The server cannot process the request because it is malformed. It should not be retried. <ins>That’s all we know.</ins></div>",
   headers: [
     {"cache-control", "no-cache, no-store, max-age=0, must-revalidate"},
     {"pragma", "no-cache"},
     {"expires", "Mon, 01 Jan 1990 00:00:00 GMT"},
     {"date", "Fri, 24 Jul 2020 07:38:38 GMT"},
     {"content-type", "text/html; charset=utf-8"},
     {"transfer-encoding", "chunked"},
     {"x-content-type-options", "nosniff"},
     {"x-xss-protection", "1; mode=block"},
     {"server", "GSE"},
     {"alt-svc",
      "h3-29=\":443\"; ma=2592000,h3-27=\":443\"; ma=2592000,h3-25=\":443\"; ma=2592000,h3-T050=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\""}
   ],
   status_code: 400
 }}

"The server cannot process the request because it is malformed" - Has anyone run across this problem? Any tips? Thanks in advance.

FelixFortis avatar Jul 24 '20 07:07 FelixFortis

According to the docs you need to make a call to a different URL. For that, you need to construct a different client and then make a request.

OAuth2.Client.new([   
  strategy: OAuth2.Strategy.AuthCode,
  client_id: "my_client_id",
  client_secret: "my_client_secret",
  site: "https://oauth2.googleapis.com",
  token_url: "/token",
  redirect_uri: "http://localhost:4000/auth/google/callback"
]) |> OAuth2.Client.get_token!(code: code)

s22su avatar Nov 27 '20 14:11 s22su

Thanks @s22su, I'll take a look as soon as I have some time :+1:

FelixFortis avatar Dec 08 '20 10:12 FelixFortis

any progress ?

hamidb80 avatar Dec 28 '21 13:12 hamidb80

This does not work for Cognito also.

The issue in case of Amazon Cognito is that there are double headers and Amazon responds 405. (Without accept header it works)

[{"accept", "application/x-www-form-urlencoded"}, {"content-type", "application/x-www-form-urlencoded"},

Issue seems to be on this line, so manually overriding should help.

https://github.com/scrogson/oauth2/blob/ce4fd5ec836488197ca513ed51fc3976100420f8/lib/oauth2/request.ex#L137

I am using this type of "hack" to bypass this error:

config =
      Keyword.merge(
        config,
        headers: [{"accept", ""}], #
        token_url: "https://#{auth_domain}/oauth2/token",
        redirect_url: callback_url
      )

theycallmehero avatar Jan 02 '22 13:01 theycallmehero

This issue has been automatically marked as "stale:discard". If this issue still relevant, please leave any comment (for example, "bump"), and we'll keep it open. We are sorry that we haven't been able to prioritize it yet. If you have any new additional information, please include it with your comment.

github-actions[bot] avatar Feb 07 '24 02:02 github-actions[bot]