Problems with Google Login, getting http 400 bad request

[ernesto-handy]

Facebook works well for me but with Google I am getting http error 400, I am sending this in the POST from my Android to auth/convert-token/:

"grant_type" -> "convert_token"
"backend" -> "google-oauth2"
"client_id" -> "My client id generated by Django admin"
"token" -> "The token generated by google sign in"

And I have this on my settings on backend:

AUTHENTICATION_BACKENDS = (
    # Google OAuth2
    'social_core.backends.google.GoogleOAuth2',

    # Facebook OAuth2
    'social_core.backends.facebook.FacebookAppOAuth2',
    'social_core.backends.facebook.FacebookOAuth2',

    # django-rest-framework-social-oauth2
    'rest_framework_social_oauth2.backends.DjangoOAuth2',
    'django.contrib.auth.backends.ModelBackend',
)

SOCIAL_AUTH_GOOGLE_OAUTH2_KEY = "The client id I got from Google Api Keys in form of 8057483621490-8idklcos9uaow8kvdlks7ue92m8n7v3rss6.apps.googleusercontent.com"
SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET = "The secret key in that same page"
SOCIAL_AUTH_GOOGLE_OAUTH2_SCOPE = ['email']

I checked the error JSON and I am getting this:

{"error":"invalid_request","error_description":"Backend responded with HTTP403: {\n \"error\": {\n \"errors\": [\n {\n \"domain\": \"usageLimits\",\n \"reason\": \"dailyLimitExceededUnreg\",\n \"message\": \"Daily Limit for Unauthenticated Use Exceeded. Continued use requires signup.\",\n \"extendedHelp\": \"https://code.google.com/apis/console\"\n }\n ],\n \"code\": 403,\n \"message\": \"Daily Limit for Unauthenticated Use Exceeded. Continued use requires signup.\"\n }\n}\n."}

I wonder if it is because I am using just Google Sign in, not Google+ Sign in as Google+ just died

My Google Sign in token works well when I try it at https://oauth2.googleapis.com/tokeninfo?id_token=

[DimonLuk]

The same issue for me (except that I use backend=google because backend=google-oauth2 gives me error Invalid backend parameter which I was able to obtain with DEBUG logging level) . Facebook works fine but google doesn't

[Fi5t]

I faced the same issue. When I try to call a convert-token method, I get this error:

Request

grant_type=convert_token
client_id=<my_app_client_id>
client_secret=<my_app_client_secret>
backend=google-oauth2
token=<id_token from the mobile device>

Response

{
    "error": "access_denied",
    "error_description": "Your credentials aren't allowed"
}

Of course I've already checked my id_token with https://oauth2.googleapis.com/tokeninfo?id_token= and it's ok.

[robertoggarcia]

@Fi5t I use "authToken" instead "idToken" and works!

[ernesto-handy]

@robertoggarcia Could you please explain a little more? where do you use authToken?

[robertoggarcia]

@ernesto-handy You get the next object from Google Auth Service response:

{authToken: "", ​email: "", ​firstName: "", ​id: "", ​idToken: "", lastName: "", ​name: "", ​photoUrl: "", ​provider: "GOOGLE"}

So, use authToken to convert token on your backend. grant_type=convert_token client_id=<my_app_client_id> client_secret=<my_app_client_secret> backend=google-oauth2 token=<authToken from google response instead idToken>

[ernesto-handy]

I am not getting the authToken from Google Auth Service I get serverAuthToken, but I also tried with it and get the same

[b0lle]

You have to choose the correct token. Its access_token and not id_token

---

Request grant_type=convert_token client_id= client_secret= backend=google-oauth2 token=<access_token from the mobile device>

---

Result "access_token": "XxXXXXXXXXXX", "expires_in": 36000, "token_type": "Bearer", "scope": "read write groups", "refresh_token": "XXXXXXXXXX"

example access_token layout: access_token: "ya29.Il-xxxxxxxxxxxxxxxx-zbWq91kUydNSXCR_uKaueMLLg5UF1VR36vsmv28JbPdNfLaBT3YeXbxpZ91MV5piqhDDh41eJ65UoLytIn_YoJ_eQ"

[balamurali27]

@robertoggarcia Could you please explain a little more? where do you use authToken?

Hey did you solve the problem?

[wagnerdelima]

Hi all.

My team and I are constantly using this framework and it seems it has died out there. I contacted the owner by email asking if he would add some of us as maintainers so we could continue to improve it. However we didn't get a response.

I am publishing the project under my profile and we are going to continue to invest time in it.

So I would like to gently ask you to contribute to this project on: https://github.com/wagnerdelima/drf-social-oauth2

Thank you for understanding.

[balamurali27]

Hi all.

My team and I are constantly using this framework and it seems it has died out there. I contacted the owner by email asking if he would add some of us as maintainers so we could continue to improve it. However we didn't get a response.

I am publishing the project under my profile and we are going to continue to invest time in it.

So I would like to gently ask you to contribute to this project on: https://github.com/wagnerdelima/drf-social-oauth2.

Thank you for understanding.

The link isn't valid 😅

[wagnerdelima]

Hi all. My team and I are constantly using this framework and it seems it has died out there. I contacted the owner by email asking if he would add some of us as maintainers so we could continue to improve it. However we didn't get a response. I am publishing the project under my profile and we are going to continue to invest time in it. So I would like to gently ask you to contribute to this project on: https://github.com/wagnerdelima/drf-social-oauth2. Thank you for understanding.

The link isn't valid 😅

Just fixed it. Thanks

[devendrakushwah]

I am not getting the authToken from Google Auth Service I get serverAuthToken, but I also tried with it and get the same

Hey did you solve the problem?

[micmas85]

I am not getting the authToken from Google Auth Service I get serverAuthToken, but I also tried with it and get the same

Hey did you solve the problem?

I had same problem and just found solution: https://stackoverflow.com/questions/33998335/how-to-get-access-token-after-user-is-signed-in-from-gmail-in-android

[abubakarA-Dot]

Facebook works well for me but with Google I am getting http error 400, I am sending this in the POST from my Android to auth/convert-token/:

"grant_type" -> "convert_token"
"backend" -> "google-oauth2"
"client_id" -> "My client id generated by Django admin"
"token" -> "The token generated by google sign in"

And I have this on my settings on backend:

AUTHENTICATION_BACKENDS = (
    # Google OAuth2
    'social_core.backends.google.GoogleOAuth2',

    # Facebook OAuth2
    'social_core.backends.facebook.FacebookAppOAuth2',
    'social_core.backends.facebook.FacebookOAuth2',

    # django-rest-framework-social-oauth2
    'rest_framework_social_oauth2.backends.DjangoOAuth2',
    'django.contrib.auth.backends.ModelBackend',
)

SOCIAL_AUTH_GOOGLE_OAUTH2_KEY = "The client id I got from Google Api Keys in form of 8057483621490-8idklcos9uaow8kvdlks7ue92m8n7v3rss6.apps.googleusercontent.com"
SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET = "The secret key in that same page"
SOCIAL_AUTH_GOOGLE_OAUTH2_SCOPE = ['email']

I checked the error JSON and I am getting this:

{"error":"invalid_request","error_description":"Backend responded with HTTP403: {\n \"error\": {\n \"errors\": [\n {\n \"domain\": \"usageLimits\",\n \"reason\": \"dailyLimitExceededUnreg\",\n \"message\": \"Daily Limit for Unauthenticated Use Exceeded. Continued use requires signup.\",\n \"extendedHelp\": \"https://code.google.com/apis/console\"\n }\n ],\n \"code\": 403,\n \"message\": \"Daily Limit for Unauthenticated Use Exceeded. Continued use requires signup.\"\n }\n}\n."}

I wonder if it is because I am using just Google Sign in, not Google+ Sign in as Google+ just died

My Google Sign in token works well when I try it at https://oauth2.googleapis.com/tokeninfo?id_token=

my facebook login is not working. giving me this error : "error": "invalid_request", "error_description": "Invalid backend parameter." can you help me to solve this error?