Search code examples
javagoogle-apioauth-2.0gmail-apigoogle-oauth

getting TokenResponseException: 401 Unauthorized

I used the following example from google https://developers.google.com/identity/sign-in/web/server-side-flow so far I was able to achieve the following steps:

  1. User authenticate on the client side (browser)
  2. Code is returned back and saved on the server db
  3. when asking for an auth code TokenResponseException: 401 Unauthorized.

I checked the following:

  1. API is enabled
  2. over https://developers.google.com/oauthplayground I tested the access with the same client id and client secret and it works
  3. read almost every SO query that was related to this issue but none of them really helped.
  4. tried to revoke all user permissions and re ask them to get a new code.

Below is the code I am using:

public void getUserAuthTokens(String authCode){
    try {

        GoogleClientSecrets clientSecrets = GoogleClientSecrets.load(
                JacksonFactory.getDefaultInstance(),new FileReader(new ClassPathResource("static\\client_secret.json").getFile()));

        List<String> scopes = new ArrayList<>();
        scopes.add("https://www.googleapis.com/auth/gmail.readonly");
        //String scopes[]={"https://www.googleapis.com/auth/gmail.readonly"};

        Collection<String> SCOPES
                = Collections.unmodifiableCollection(
                Arrays.asList(
                        new String[]{
                                GmailScopes.GMAIL_READONLY
                        }));
        GoogleTokenResponse tokenResponse = new GoogleAuthorizationCodeTokenRequest(new NetHttpTransport(),JacksonFactory.getDefaultInstance(),
                "https://www.googleapis.com/oauth2/v4/token",
                clientSecrets.getDetails().getClientId(),
                clientSecrets.getDetails().getClientSecret(),
                authCode).setRedirectUri(clientSecrets.getDetails().getRedirectUris().get(0)).setScopes(SCOPES).execute();


        String accessToken = tokenResponse.getAccessToken();
        System.out.print("Token is: "+accessToken);
    }catch (IOException x){
        x.printStackTrace();

    }

}

as a side note, if I didnt use setRedirectUri(clientSecrets.getDetails().getRedirectUris().get(0)) then i got "redirect mismatch error"

I would greatly appreciate any ideas on this as I ran out

Solution

  • After much debugging and searching I found a solution that works, I am posting this here in case someone will encounter the same issue.

    Here is the code I used:

    GoogleTokenResponse tokenResponse = new GoogleAuthorizationCodeTokenRequest(new NetHttpTransport(),JacksonFactory.getDefaultInstance(),
                "https://www.googleapis.com/oauth2/v4/token",
                clientSecrets.getDetails().getClientId(),
                clientSecrets.getDetails().getClientSecret(),
                authCode, "postmessage")
                .execute();

    You can read more on the postmessage @ Google+ Sign-in for server-side apps, exchanging auth code for access token

    Hope that helps.