Why does Google Drive API / Oauth2 refresh token request, returns an error saying "SSL is required to perform this operation."?

Question

i'm new to OAuth2 and it confuses me why my refresh token request gets a response of "SSL is required to perform this operation." when obviously we got an SSL free from DigitalOcean.

  public function refresh_token($test = false){

    $url = "www.googleapis.com/oauth2/v4/token";
    $credentials = $this->credentials();
    $refresh_token = $credentials->refresh_token;
    $client_id = $credentials->client_id;
    $client_secret = $credentials->client_secret;
    $redirect =  base_url($credentials->redirect_url);

    $data = "client_id=$client_id&client_secret=$client_secret&refresh_token=$refresh_token&grant_type=refresh_token";

    $access = $this->curl_post($url,$data,array('Content-Type: application/x-www-form-urlencoded'));

    if($test){
      echo "<pre>";
      echo $access;
      die();
    }

    $access = json_decode($access);

    if(isset($access->access_token)){
      $this->admin->update(
        array('access_token'=>$access->access_token),
        'sheet_config',
        array('status'=>1)
      );
      echo $access->access_token;
      return true;
    }else{
      echo $access->error->message;
      return false;
    }
  }

I was expecting a result of a new token or some errors like your certificate is messed up or you need to configure something with digital ocean first about your SSL

I'm so noob about SSL and stuff, but i'm pretty sure that we have an SSL since we run https://

Answer 1

Because making a call to an authorization server on HTTP would be really bad!

This $url = "www.googleapis.com/oauth2/v4/token"; is the same as doing $url = "http://www.googleapis.com/oauth2/v4/token"; and no authorization server would respond to that.

That being said i think you are just missing the https on the front of your url.

$url = "https://www.googleapis.com/oauth2/v4/token";