Invalid Client ID

[pablospizzamiglio]

Hello!

I was trying to run some examples for OAuth2 since it's my first time implementing OAuth with Python and found out an issue while doing so.

I'm not sure if it's my fault or an updated API from Google is complaining about this:

from requests_oauthlib import OAuth2Session

client_id = "<client_id>.apps.googleusercontent.com",
client_secret = "<client_secret>"
redirect_uri = "http://localhost"

scope = [
    "https://www.googleapis.com/auth/userinfo.email",
    # "https://www.googleapis.com/auth/userinfo.profile",
]

authorization_base_url = "https://accounts.google.com/o/oauth2/v2/auth"
token_url = "https://www.googleapis.com/oauth2/v4/token"

oauth = OAuth2Session(client_id, redirect_uri=redirect_uri, scope=scope)

authorization_url, state = oauth.authorization_url(
    authorization_base_url,
    # access_type and prompt are Google specific extra
    # parameters.
    access_type="offline",
    prompt="select_account",
)

print(f"Please go to {authorization_url}")

authorization_response = input("Enter the full callback URL")

token = oauth.fetch_token(
    token_url,
    # include_client_id=True, # Saw this one in another post but didn't work either
    authorization_response=authorization_response,
    # Google specific extra parameter used for client
    # authentication
    client_secret=client_secret,
)

r = oauth.get("https://www.googleapis.com/oauth2/v1/userinfo")

print(r)

What I did found out is that the authorization_url wraps the client_id like this ('<client_id>', ) which ends up encoded between %28%27 and %27%2C%29 and being sent to Google's endpoint. If I remove such characters then the flow works successfully.

Hope it helps someone!

[pablospizzamiglio]

I'm ashamed of my blindness.

My issue was caused by the trailing comma after I assign the client_id variable.

Everything works fine now.