0

When following the instructions on the site below, I get stuck in Step 2.

https://developers.google.com/assistant/smarthome/tools/smart-home-test-suite

After clicking on "Exchange authorization code for tokens" I get no codes, but a 401 Unauthorized error.

No idea what is going wrong during this test, because the action itself works fine.

This is the output from the OAuth playground:

Host: oauth.teletask.be 
Content-length: 169 
content-type: application/x-www-form-urlencoded 
user-agent: google-oauth-playground

code=XIspHj&redirect_uri=https%3A%2F%2Fdevelopers.google.com%2Foauthplayground&client_id=***********&client_secret=************&scope=&grant_type=authorization_code

HTTP/1.1 401 Unauthorized 
X-xss-protection: 1; mode=block 
X-content-type-options: nosniff 
Transfer-encoding: chunked 
Expires: 0 
Www-authenticate: Basic realm="oauth2/client" 
Server: nginx/1.14.1 
Connection: keep-alive 
Pragma: no-cache 
Cache-control: no-cache, no-store, max-age=0, must-revalidate 
Date: Thu, 21 Nov 2019 14:59:59 GMT 
Strict-transport-security: max-age=31536000 ; includeSubDomains 
Content-type: application/json;charset=UTF-8 
X-frame-options: DENY

{
    "status": 401,
    "timestamp": "2019-11-21T14:59:59.599+0000",
    "message": "Unauthorized",
    "path": "/auth/oauth/token",
    "error": "Unauthorized" 
}
KoenDC
  • 1

1 Answers1

0

That 401 error is being generated by your OAuth server (oauth.teletask.be), specifically the endpoint you entered as the Token endpoint, when it receives the authorization code grant from Google. You should check your server logs to identify more details about why it rejected the request.

Common issues here include rejecting the redirect_uri or client_id because they don't match expected values. It may also be possible that your Authorization code has too short a lifetime and the code expires before you hit the button to exchange it for a token.

devunwired
  • 62,780
  • 12
  • 127
  • 139
  • The 'redirect_uri' is added and OK, also the 'client_id' is correct. The 'access_token_validity' is 900 seconds. But this is probably not the expire time of the **Authorization code**. I suppose it's not set, so it doesn't expire? When I 'Get New Access Token with **Postman**, it's workes fine, but then the step to exchange is done automatic, direct. – KoenDC Dec 12 '19 at 15:22
  • Logs from the oauth-server: Oauth-Playground-Error.txt – KoenDC Dec 12 '19 at 15:31
  • The Authorization Code is validated by your server, so it's up to your server logic to determine whether the code it receives is valid or not. Your error logs currently state "Access is denied (user is anonymous)", which is likely related. – devunwired Dec 16 '19 at 01:41