LinkedIn
Twitter
The following configuration is used to generate a token from the authentication code to use the Google Calendar API (OAuth)
I'm stuck and don't know how to solve this invaild_grant!Please help me.
Front: OAuth consent screen is displayed by pressing the button → The authentication code is generated → AWS Lambda is launched.(Pass the authentication code as an argument)
Back(Lambda): Generate a token from the authentication code with the following code → invaild_grant error
const response = await axios.post<GoogleTokenAPIResponse>(
"https://oauth2.googleapis.com/token",
{
client_id: clientId,
client_secret: clientSecret,
redirect_uri: redirectURI,
grant_type: "authorization_code",
code, //変数名が重複するのでこれで大丈夫です
}
);
Error
response: {
status: 400,
statusText: 'Bad Request',
headers: {
date: 'Tue, 27 Dec 2022 07:29:49 GMT',
'cache-control': 'no-cache, no-store, max-age=0, must-revalidate',
pragma: 'no-cache',
expires: 'Mon, 01 Jan 1990 00:00:00 GMT',
'content-type': 'application/json; charset=utf-8',
vary: 'X-Origin, Referer, Origin,Accept-Encoding',
server: 'scaffolding on HTTPServer2',
'x-xss-protection': '0',
'x-frame-options': 'SAMEORIGIN',
'x-content-type-options': 'nosniff',
'alt-svc': 'h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"',
'accept-ranges': 'none',
connection: 'close',
'transfer-encoding': 'chunked'
},
config: {
transitional: [Object],
adapter: [Function: httpAdapter],
transformRequest: [Array],
transformResponse: [Array],
timeout: 0,
xsrfCookieName: 'XSRF-TOKEN',
xsrfHeaderName: 'X-XSRF-TOKEN',
maxContentLength: -1,
maxBodyLength: -1,
validateStatus: [Function: validateStatus],
headers: [Object],
method: 'post',
url: 'https://oauth2.googleapis.com/token',
data: '{"client_id":"******","client_secret":"*******","redirect_uri":"http://localhost:8083","grant_type":"authorization_code","code":"********"}'
},
request: <ref *1> ClientRequest {
_events: [Object: null prototype],
_eventsCount: 7,
_maxListeners: undefined,
outputData: [],
outputSize: 0,
writable: true,
destroyed: false,
_last: true,
chunkedEncoding: false,
shouldKeepAlive: false,
_defaultKeepAlive: true,
useChunkedEncodingByDefault: true,
sendDate: false,
_removedConnection: false,
_removedContLen: false,
_removedTE: false,
_contentLength: null,
_hasBody: true,
_trailer: '',
finished: true,
_headerSent: true,
socket: [TLSSocket],
_header: 'POST /token HTTP/1.1\r\n' +
'Accept: application/json, text/plain, */*\r\n' +
'Content-Type: application/json\r\n' +
'User-Agent: axios/0.26.1\r\n' +
'Content-Length: 298\r\n' +
'Host: oauth2.googleapis.com\r\n' +
'Connection: close\r\n' +
'\r\n',
_keepAliveTimeout: 0,
_onPendingData: [Function: noopPendingOutput],
agent: [Agent],
socketPath: undefined,
method: 'POST',
maxHeaderSize: undefined,
insecureHTTPParser: undefined,
path: '/token',
_ended: true,
res: [IncomingMessage],
aborted: false,
timeoutCb: null,
upgradeOrConnect: false,
parser: null,
maxHeadersCount: null,
reusedSocket: false,
host: 'oauth2.googleapis.com',
protocol: 'https:',
_redirectable: [Writable],
[Symbol(kCapture)]: false,
[Symbol(kNeedDrain)]: false,
[Symbol(corked)]: 0,
[Symbol(kOutHeaders)]: [Object: null prototype]
},
data: { error: 'invalid_grant', error_description: 'Bad Request' }
},
isAxiosError: true,
toJSON: [Function: toJSON]
}
According to the documentation, the following applied, so I re-created the OAuth 2.0 client ID, but this did not resolve the issue.
A Google Cloud Platform project with an OAuth consent screen configured for an external user type and a publishing status of "Testing" is issued a refresh token expiring in 7 days.
