AccessDeniedError at /auth/convert-token (access_denied) Your credentials aren't allowed <oauthlib.Request SANITIZED>
Closed this issue · 2 comments
Describe the bug
I have been able to set drf-social-oauth2 and created an app in the Django auth tool kit. everything works out with getting the credentials from Google but when I send the details to the convert-token endpoint, it gives me the AccessDeniedError.
It use to work with the old google API (gapi) system but I was prompted it'll be depreciated soon so I switched to the GSI and this is what I'm getting.
To Reproduce
Just set up a Django project and install drf-social-oauth2
Go to https://developers.google.com/oauthplayground/
use the playground to generate a token and use that token to access /auth/convert-token
Expected behavior
An access_token and a refresh_toke are supposed to be returned as the response
Screenshots
I have found a solution to my problem. Apparently I was supposed to convert that jwt token to get an access token from google, then send the access token to the backend for verification. But then I ran into another issue which I'll put up.
when a user is logging in for the first time, it works fine. But after logging out, if same user tries to login again, I get another error: BadHeaderError("Header values can't contain newlines (got %r)" % value)
How did you solve this (base)
C:\Users\hp>curl -X POST -d "grant_type=convert_token&client_id=11&client_secret=11&backend=google-oauth2&token=4/0AfJohXmee34GJDRqpwxARFfWjkL9QjffY1VFnCDC382q4YA1h8G3MdZsYevCsBJO98WbpA" http://localhost:8000/auth/convert-token
Output : {"error":"access_denied","error_description":"Your credentials aren't allowed"}