Having got an authorisation code from Google for accessing a user's calendar, I'm now trying to swap this for an access token. According to their own docs:
The actual request might look like:
POST /o/oauth2/token HTTP/1.1 Host: accounts.google.com Content-Type: application/x-www-form-urlencoded code=4/v6xr77ewYqhvHSyW6UJ1w7jKwAzu& client_id=8819981768.apps.googleusercontent.com& client_secret={client_secret}& redirect_uri=https://oauth2-login-demo.appspot.com/code& grant_type=authorization_code
My attempt to access this is as follows (C#):
string url = "https://accounts.google.com/o/oauth2/token";
WebRequest request = HttpWebRequest.Create(url);
request.Method = "POST";
request.ContentType = "application/x-www-form-urlencoded";
string body = "code=<the_code_I_received>&\r\n"
+ "client_id=<my_client_id>&\r\n"
+ "client_secret=<my_client_secret>&\r\n"
+ "redirect_uri=http://localhost:4300\r\n"
+ "grant_type=authorization_code&\r\n"
;
byte[] bodyBytes = Encoding.ASCII.GetBytes(body);
request.ContentLength = bodyBytes.Length ;
Stream bodyStream = request.GetRequestStream();
bodyStream.Write(bodyBytes, 0, bodyBytes.Length);
bodyStream.Close();
try
{
request.GetResponse();
'http://localhost:4300' is exactly the same as I put in the original request (and it was valid because I got the code back through listening as a web server on that port), but I also tried just 'http://localhost' just in case.
I tried a number of suggestions such as setting the proxy to null (no change) and changing Accept (wasn't allowed to add that header to the web request).
In each case I get the HTTP 400 - bad request back (the try / catch fires with an exception stating that).
Putting a trailing slash after /token (I'll try anything!) resulted in a 500 Internal Server Error, so that wasn't it either.
Any idea what I'm doing wrong?
