9

I need to get my access_token and refresh_token for OAuth 2.0 to Access Google APIs, the php script below should return a json with access_token, refresh_token like this:

{
  "access_token" : "####",
  "token_type" : "Bearer",
  "expires_in" : 3600,
  "refresh_token" : "####"
}

but, the php script return me only this error message:

{
"error" : "invalid_request",
"error_description" : "Client must specify either client_id or client_assertion, not both"
}

I tried to remove client_secret/client_id and use only client_id/client_secret, but still get the same error.

PHP script

$client_id = '###.apps.googleusercontent.com';
$redirect_uri = 'http://localhost/phpConnectToDB/csv/refreshFusionTable.php';
$client_secret = '###';

$ch = curl_init();

curl_setopt($ch, CURLOPT_URL, "https://accounts.google.com/o/oauth2/token");

$code = $_REQUEST['code'];

curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);

curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);


curl_setopt($ch, CURLOPT_POSTFIELDS, array(
'code' => $code,
'client_id' => $clientID,
'client_secret' => $clientSecret,
'redirect_uri' => $redirect_uri,
'grant_type' => 'authorization_code'
));

$data = curl_exec($ch);

var_dump($data);

Although curl in cmd works and returns me access and refresh token without any errors.

curl --data "code=###&client_id=###.apps.googleusercontent.com&client_secret=###&redirect_uri=http://localhost/phpConnectToDB/csv/refreshFusionTable.php&grant_type=authorization_code" https://accounts.google.com/o/oauth2/token

I don't understand why I get the missing scheme error, although the .php script exists and it's located on the given path. Could you help me please ?

EDIT

Problem with "Invalid parameter value for redirect_uri: Missing scheme" solved, I just replaced 'redirect_uri' => urlencode($redirect_uri), with this 'redirect_uri' => $redirect_uri, in CURLOPT_POSTFIELDS.

Improve this question

1 Answer 1

Reset to default
16

Wow, stupid mistake, I should have a rest.

The variables names don't match. I defined:

    $client_id = '###.apps.googleusercontent.com';
    $client_secret = '###';

But here I used an non-existing clientID and clientSecret :

    curl_setopt($ch, CURLOPT_POSTFIELDS, array(
    'code' => $code,
    'client_id' => $clientID,
    'client_secret' => $clientSecret,
    'redirect_uri' => $redirect_uri,
    'grant_type' => 'authorization_code'
    ));

Fixed and working PHP script

    $client_id = '###.apps.googleusercontent.com';
    $redirect_uri = 'http://localhost/phpConnectToDB/csv/refreshFusionTable.php';
    $client_secret = '###';

    $ch = curl_init();
    
    curl_setopt($ch, CURLOPT_URL, "https://accounts.google.com/o/oauth2/token");
    
    curl_setopt($ch, CURLOPT_POST, TRUE);
    
    $code = $_REQUEST['code'];

    // This option is set to TRUE so that the response
    // doesnot get printed and is stored directly in
    // the variable
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
    
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
    
    curl_setopt($ch, CURLOPT_POSTFIELDS, array(
    'code' => $code,
    'client_id' => $client_id,
    'client_secret' => $client_secret,
    'redirect_uri' => $redirect_uri,
    'grant_type' => 'authorization_code'
    ));

    $data = curl_exec($ch);
    
    var_dump($data);

But I have to say that google provides a little misleading error message here, because I hadn't defined client_id nor client_secret and the error message was:

    {
    "error" : "invalid_request",
    "error_description" : "Client must specify either client_id or client_assertion, not both"
    }
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.