Error 400: invalid_request

[mikedhanson]

Every time I run the node generate_token.js I get the following error.

Error 400: invalid_request You can't sign in to this app because it doesn't comply with Google's OAuth 2.0 policy for keeping apps secure. You can let the app developer know that this app doesn't comply with one or more Google validation rules. If you’re the app developer, make sure that these request details comply with Google policies. redirect_uri: urn:ietf:wg:oauth:2.0:oob

[safaalz]

i faced the same problem :(

[eouia]

Recently Google seems it might have changed its OAuth2 policy. I have no idea how to solve it at this moment. Maybe the verification of the app is a solution, but I hadn't. Usually, MagicMirror is hosted by localhost, so it could not be verified from Google unless it has public domain. (And I'm not sure whether it is the real solution to this issue.)

[RohitPanditRP]

I am facing the same issue as well.

[lnk64]

So I think I just found the solution to this:

I ended up going to Google Cloud Console. Click on the Navigation icon on the top left to bring out the side window, and go to API's & Services -> Credentials. Then make a new set credentials by clicking the Create Credentials on the top, and choose oath Client ID.

However, this time, instead of choosing Tv's and limited input devices , as the installation states, instead choose Desktop app. Give it a name, in my case, I named it MMM-GooglePhotos Oauth2, but the name is up to you.

Once done, download the json file, and place it in the \modules\MMM-GooglePhotos directory with the name of credentials.json (overwrite the old credentials file, and delete the old token file, if you still have it).

Then go to the terminal and run the following:

cd ~/MagicMirror/modules/MMM-GooglePhotos node generate_token.js

Copy the URL from the terminal into your browser and it will ask you to login to the google account. During the consent process, it will ask you check off two options. I checked off both before continuing.

Finally, it will give you a code that you copy and past back into the terminal window.

Lastly, go into modules\MMM-GooglePhotos\cache, and delete the contents in there, so that you have an empty folder.

After that I did an NPM start in my base MagicMirror directory to make sure there weren't any other errors during start up, and after a few seconds my photos started to show up again

[Moawin99]

So I think I just found the solution to this:

I ended up going to Google Cloud Console. Click on the Navigation icon on the top left to bring out the side window, and go to API's & Services -> Credentials. Then make a new set credentials by clicking the Create Credentials on the top, and choose oath Client ID.

However, this time, instead of choosing Tv's and limited input devices , as the installation states, instead choose Desktop app. Give it a name, in my case, I named it MMM-GooglePhotos Oauth2, but the name is up to you.

Once done, download the json file, and place it in the \modules\MMM-GooglePhotos directory with the name of credentials.json (overwrite the old credentials file, and delete the old token file, if you still have it).

Then go to the terminal and run the following:

cd ~/MagicMirror/modules/MMM-GooglePhotos node generate_token.js

Copy the URL from the terminal into your browser and it will ask you to login to the google account. During the consent process, it will ask you check off two options. I checked off both before continuing.

Finally, it will give you a code that you copy and past back into the terminal window.

Lastly, go into modules\MMM-GooglePhotos\cache, and delete the contents in there, so that you have an empty folder.

After that I did an NPM start in my base MagicMirror directory to make sure there weren't any other errors during start up, and after a few seconds my photos started to show up again

Was getting the same issue but this fixed it! I add to do some extra steps though. In the case you're getting a 403 when trying to generate the token go into the google console then go to "OAuth consent screen" and add your email under "Test Users". This should remove the 403 and allow you to login. However after logging the code may be in the url and nowhere on the screen. In this case just copy the code from the url into the terminal and this should fix the issue!

[sebastian-l-kaiser]

Hi, I'm having the same issue and I followed your steps Ink64.

However, after the step where I checked the two options the consent process redirects me to a localhost address in the browser leading to a "ERR_CONNECTION_REFUSED" in Chrome. It looks like this: "http://localhost/?code=4/LongLongVeryLongString1234&scope=https://www.googleapis.com/auth/photoslibrary.sharing%20https://www.googleapis.com/auth/photoslibrary"

So it doesn't give me any code that I can copy.

Is this because of the "Desktop App" option when creating the Client ID? Is anyone else experiencing this or is this a logic error on my part?

[sebastian-l-kaiser]

Hi, I'm having the same issue and I followed your steps Ink64.

However, after the step where I checked the two options the consent process redirects me to a localhost address in the browser leading to a "ERR_CONNECTION_REFUSED" in Chrome. It looks like this: "http://localhost/?code=4/LongLongVeryLongString1234&scope=https://www.googleapis.com/auth/photoslibrary.sharing%20https://www.googleapis.com/auth/photoslibrary"

So it doesn't give me any code that I can copy.

Is this because of the "Desktop App" option when creating the Client ID? Is anyone else experiencing this or is this a logic error on my part?

Ok so I found your answer my question above in the other token error thread https://github.com/aneaville/MMM-GooglePhotos/issues/135#issuecomment-1075344073.

Now everything works again. Thanks!

[hermanho]

Related: https://developers.googleblog.com/2022/02/making-oauth-flows-safer.html#disallowed-oob

[hermanho]

The token generation is changed in latest version. Please pull the source code and try it. When the problem is still there, please open a new issue