I'm trying to authorize the Google Play Android Developer API. I'm at the step where I need to make an HTTP post request to exchange the authorization code for an access token and a refresh token. Google gives the following example request:
POST /o/oauth2/token HTTP/1.1
Host: accounts.google.com
Content-Type: application/x-www-form-urlencoded
code=4/v6xr77ewYqhvHSyW6UJ1w7jKwAzu&
client_id=8819981768.apps.googleusercontent.com&
client_secret={client_secret}&
redirect_uri=https://oauth2-login-demo.appspot.com/code&
grant_type=authorization_code
I'm confused... First of all, for an installed application (Android) no client_secret is given. I created a web application for the same project in the Google API Console and this gave me a client_secret, so I used that, even though there is no web application. The following code gives me an "invalid_grant" error:
HttpClient httpclient = new DefaultHttpClient();
HttpPost httppost = new HttpPost("https://accounts.google.com/o/oauth2/token");
try {
List<NameValuePair> nameValuePairs = new ArrayList<NameValuePair>(5);
nameValuePairs.add(new BasicNameValuePair("code", "CODE"));
nameValuePairs.add(new BasicNameValuePair("client_id", "CLIENT_ID"));
nameValuePairs.add(new BasicNameValuePair("client_secret", "CLIENT_SECRET"));
nameValuePairs.add(new BasicNameValuePair("redirect_uri", "urn:ietf:wg:oauth:2.0:oob"));
nameValuePairs.add(new BasicNameValuePair("grant_type", "authorization_code"));
httppost.setEntity(new UrlEncodedFormEntity(nameValuePairs));
HttpResponse response = httpclient.execute(httppost);
....
Taking out the client_secret entirely gave me an "invalid_request" error.
This is how I solved it. I ended up using a Web Applcation. See more details in my response here.
HttpClient client = new DefaultHttpClient();
HttpPost post = new HttpPost("https://accounts.google.com/o/oauth2/token");
List<NameValuePair> nameValuePairs = new ArrayList<NameValuePair>(4);
nameValuePairs.add(new BasicNameValuePair("grant_type", "refresh_token"));
nameValuePairs.add(new BasicNameValuePair("client_id", CLIENT_ID));
nameValuePairs.add(new BasicNameValuePair("client_secret", CLIENT_SECRET));
nameValuePairs.add(new BasicNameValuePair("refresh_token", REFRESH_TOKEN));
post.setEntity(new UrlEncodedFormEntity(nameValuePairs));
HttpResponse response = client.execute(post);
I have managed to redeem access code for access token from android app without the help of web application by simply eliminating the client_secret key as it is not applicable for installed applications.
HttpPost httppost = new HttpPost("https://accounts.google.com/o/oauth2/token");
httppost.setHeader("Content-type", "application/x-www-form-urlencoded");
List<NameValuePair> nameValuePairs = new ArrayList<NameValuePair>(4);
nameValuePairs.add(new BasicNameValuePair("grant_type", "authorization_code"));
nameValuePairs.add(new BasicNameValuePair("client_id", BLOGGER_CLIENT_ID));
nameValuePairs.add(new BasicNameValuePair("redirect_uri", "http://localhost"));
nameValuePairs.add(new BasicNameValuePair("code", BLOGGER_ACCESS_CODE));
httppost.setEntity(new UrlEncodedFormEntity(nameValuePairs));
HttpClient httpClient = new DefaultHttpClient(myParams);
response = httpClient.execute(httppost);
String returnedJsonStr = EntityUtils.toString(response.getEntity());
JSONObject jsonObject = new JSONObject(returnedJsonStr);
String receivedToken = jsonObject.getString("access_token");
Reason to post this comment is that your solution can be misleading to someone who might think only way to get access token in mobile apps is via web-application, which I thought after reading your post few minutes ago !
To avoid invalid_grant error follow this code:
https://stackoverflow.com/a/14141020/989418
Related
My problem is this: after the GET request authorization and save cookies trying to perform a POST request to add data, but the server responds with 500 code. What's funny, because if POST query string form in a browser, it is executed correctly. The code below.
DefaultHttpClient httpclient = new DefaultHttpClient();
HttpGet httpget = new HttpGet(site + "/admin/users/login_do/?login=admin&password=demo");
HttpResponse response = httpclient.execute(httpget);
List<Cookie> cookies = httpclient.getCookieStore().getCookies();
HttpPost httppost = new HttpPost(site + "/admin/news/add/5/item/do/");
httppost.addHeader("Cookie", "PHPSESSID="+cookies.get(0).getValue()+"; umicms_session="+cookies.get(1).getValue()+"; stat_id="+cookies.get(2).getValue());
List<NameValuePair> nameValuePairs = new ArrayList<NameValuePair>();
nameValuePairs.add(new BasicNameValuePair("active", "1"));
nameValuePairs.add(new BasicNameValuePair("name", "test"));
nameValuePairs.add(new BasicNameValuePair("data[new][anons]", "anno"));
nameValuePairs.add(new BasicNameValuePair("data[new][content]", "cont"));
nameValuePairs.add(new BasicNameValuePair("data[new][publish_time]", "1420202020"));
httppost.setEntity(new UrlEncodedFormEntity(nameValuePairs, HTTP.UTF_8));
response = httpclient.execute(httppost);
StatusLine status = response.getStatusLine();
Log.d("my",String.valueOf(status.getStatusCode()));
Log.d("my",String.valueOf(status.getReasonPhrase()));
I've tried to run POST using HttpURLConnection, but also received 500 response.
Who can tell what might be the problem?
Problem solved. I Forgot to send csrf token with POST request and set Referer header
nameValuePairs.add(new BasicNameValuePair("csrf", csrf));
httppost.addHeader("Referer", referlink);
I want to get the authentication from moodle (say the moodle site from our university) in my android application. And I do not have the access to the database. I tried to make a http post request from my application with username and password.
But when I execute the post request, I get an exception. This is what I have tried
private URI url = new URI("https://online.mrt.ac.lk/login/index.php");
HttpClient httpclient = new DefaultHttpClient();
HttpPost httppost = new HttpPost(url);
List<NameValuePair> nameValuePairs = new ArrayList<NameValuePair>();
nameValuePairs.add(new BasicNameValuePair("username", "user"));
nameValuePairs.add(new BasicNameValuePair("password", "password"));
httppost.setEntity(new UrlEncodedFormEntity(nameValuePairs));
HttpResponse response = httpclient.execute(httppost);
HttpEntity entity = response.getEntity();
InputStream is = entity.getContent();
I get a exception like this
javax.net.ssl.SSLPeerUnverifiedException: No peer certificate
Please someone help me.
I am executing the following post in Android:
HttpClient httpclient = new DefaultHttpClient();
HttpPost httppost = new HttpPost("http://www.example.com");
List<NameValuePair> nameValuePairs = new ArrayList<NameValuePair>();
nameValuePairs.add(new BasicNameValuePair("account", "login"));
nameValuePairs.add(new BasicNameValuePair("email", "email#email.com));
httppost.setEntity(new UrlEncodedFormEntity(nameValuePairs));
HttpResponse response = httpclient.execute(httppost);
In the server side I return the cgi.request_method variable and it is GET.
Shouldn't it be POST? Am I missing something?
That code should initiate a POST, not a GET. I would guess that something on the server side is misconfigured.
My problem was send http instead of https
I want to send some data to a server through POST method in android. I am using the following code
DefaultHttpClient hc=new DefaultHttpClient();
ResponseHandler <String> res=new BasicResponseHandler();
HttpPost postMethod=new HttpPost(url);
List<NameValuePair> nameValuePairs = new ArrayList<NameValuePair>(2);
nameValuePairs.add(new BasicNameValuePair("name", "value"));
nameValuePairs.add(new BasicNameValuePair("password", "value"));
postMethod.setEntity(new UrlEncodedFormEntity(nameValuePairs));
String response=hc.execute(postMethod,res);
But I am getting the error response in my response xml. The error message is cookies are disabled in client machine. How do I need to enable cookies in android ?
You need to handle cookies with your request. See this and this related questions.
I need to pass some values to a URL by Post Method in my apllication. Please Help
Here's some code that will make an HTTP POST request. Taken from http://androidadvice.blogspot.com/2010/10/httppost-request.html, which has some additional explanation as well.
HttpClient httpclient = new DefaultHttpClient(httpParameters);
HttpPost httppost = new HttpPost(Constants.MAIN_URL);
List<NameValuePair> nameValuePairs = new ArrayList<NameValuePair>(2);
nameValuePairs.add(new BasicNameValuePair("u", eUsername));
nameValuePairs.add(new BasicNameValuePair("p", ePassword));
httppost.setEntity(new UrlEncodedFormEntity(nameValuePairs));
You need to use HttpClient. See a related question here.