Bad request on posting to google Oauth2 token url

Question

Bad request on posting to google Oauth2 token url

This is the data I am receiving on doing a post on this url :

POST https://accounts.google.com/o/oauth2/token 400 (Bad Request)

Object {error: "invalid_request", error_description: "Parameter not allowed for this message type: session_state"}

I have no idea what the problem might be. This code is getting called within an ionic application.

$scope.gpluslogin = function() {
        var ref = window.open('https://accounts.google.com/o/oauth2/auth?client_id=' + clientId + '&redirect_uri=http://localhost/callback&scope=https://www.googleapis.com/auth/plus.login%20https://www.googleapis.com/auth/plus.me&approval_prompt=auto&response_type=code&access_type=offline&include_granted_scopes=false', '_blank', 'location=no');
        //var ref = window.open('https://accounts.google.com/o/oauth2/auth?client_id=' + clientId + '&redirect_uri=http://localhost/callback&scope=https://www.googleapis.com/auth/plus.login%20https://www.googleapis.com/auth/plus.me&approval_prompt=force&response_type=code', '_blank', 'location=no');
        ref.addEventListener('loadstart', function(event) { 
            if((event.url).startsWith("http://localhost/callback")) {
                requestToken = (event.url).split("code=")[1];
                $http({method: "post", url: "https://accounts.google.com/o/oauth2/token", data: "client_id=" + clientId + "&client_secret=" + clientSecret + "&redirect_uri=http://localhost/callback" + "&grant_type=authorization_code" + "&code=" + requestToken })
                    .success(function(data) {
                        accessToken = data.access_token;
                        console.log(data);
                        console.log(accessToken);
                        $.ajax({
                          url: "http://192.168.137.118:3000/api/v1/save_gp_auth",
                          data: {'gp_auth_token':accessToken,'user_id':$rootScope.currentuser_id},
                          dataType: "json",
                          type: "post",
                          success: function(data){
                            if(data.gp_status=="gp_saved" || data.gp_status=="gp_updated")
                              { $rootScope.gp_toggle=true;
                                 if($rootScope.fb_toggle==true && $rootScope.gp_toggle==true)
                                    $scope.toggle_status="both_connected";
                                  else
                                    $scope.toggle_status="gp_connected";
                              }
                          }
                        });
                    })
                    .error(function(data, status) {
                        console.log(data);
                    });
                ref.close();
            }
        });
    }

However when I change the scope to something like "email", it works and gives me the access token.

oauth-2.0
ionic-framework
google-oauth

Answer 1

Given that it works for the email scope, my guess is it's an URI encoding issue with your other scopes.

Try URI encoding scopes using encodeURIComponent, i.e.:

encodeURIComponent("https://www.googleapis.com/auth/plus.login https://www.googleapis.com/auth/plus.me")

Which outputs: https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fplus.login%20https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fplus.me