Search code examples
google-apigoogle-oauthgoogle-api-nodejs-client

Google APIs OAuth refresh token url return 401 on http redirect uri?

I had implemented the code to received authorization code as described in this step:

https://developers.google.com/android-publisher/authorization#generating_a_refresh_token

We deployed this code to one server that has "https://..." domain and this works well. We can get the access_token, refresh_token...

But now we need to deploy the same code to a dev server that has no "https".

I created a new OAuth client id with redirect uri using the dev server (no https, the rest /api/v1/... is the same as the previous working server)

Now anytime I tried to go to this url and Allow access

https://accounts.google.com/o/oauth2/auth?scope=https://www.googleapis.com/auth/androidpublisher&response_type=code&access_type=offline&redirect_uri=http://dev_server/api/v1/...&client_id=dev_server_client_id

I got 401 Unauthorized.

I'm not sure why, but the only difference I can see is "https" vs "http".

Any idea why? Thank you very much.

Solution

  • Actually I forgot to update the corresponding values in my code

    const oauth2Client = new OAuth2(
    config.googleApi.clientId,
    config.googleApi.clientSecret,
    config.googleApi.redirectUri // <= Especially this value
);

    These values need to be updated to (beside values on google console).