谷歌 Oauth 即使在验证应用程序后也无法登录

Question

We were setting up google oauth signin for our website. For testing purpose we have added our test email xxx@gmail.com and then submitted add for verification

The problem we are facing is, even though our app is in verified status, our app is not working for all emails. It is working for only for xxx@gmail.com. but other emails its is throwing

{ "error": "invalid_grant", "error_description": "Bad Request" }

upon trying to get access_token https://oauth2.googleapis.com/token using authorization code. sample auth_code: 4/0AX4XfWh4w99xccU1rPd2qi4hRUkp0Tyya7bOs373nDLbCXjrjvnWxY6uCgiZKRlXeimiFQ We are struck on this for quite sometime screen shots

Answer 1

The proper request exchanging the authorization code is.

HTTP Post https://accounts.google.com/o/oauth2/token
code=4/X9lG6uWd8-MMJPElWggHZRzyFKtp.QubAT_P-GEwePvB8fYmgkJzntDnaiAI&client_id={ClientId}&client_secret={ClientSecret}&redirect_uri=urn:ietf:wg:oauth:2.0:oob&grant_type=authorization_code

If you are getting invalid_grant from that, this would sugest that the authorizaotn code has either expired as they are only good for under five minutes. or the authorization code has in fact been used previously in which case it will no longer work.

It could also be that the client id and client secrets you are sending are not the ones that were used to get the authorization code to begin with.

• Understanding Oauth2 with curl
• Google 3 Legged OAuth2 Flow

invalid_grant errors

• invalid_grant Your server's clock is not in sync with NTP. (Solution: check the server time if its incorrect fix it. )
• invalid_grant: Code was already redeemed (you can only use authorizaton code once)
• invalid_grant: Invalid JWT (refrsh token expired)
• Invalid_grant: bad request (client id and client secret don't match refresh token / authorizaotn code)