starred/OAuthSwift
1
0
Fork 0
mirror of https://github.com/OAuthSwift/OAuthSwift.git synced 2026-04-26 20:55:57 +03:00
Code Issues 56 Projects Releases 5 Packages Wiki Activity

[GH-ISSUE #275] "error" : "invalid_client" #163

New issue
Closed
opened 2026-03-03 16:46:16 +03:00 by kerem · 11 comments
kerem commented 2026-03-03 16:46:16 +03:00
Owner
Copy link

Originally created by @ivanruizscm on GitHub (Sep 20, 2016).
Original GitHub issue: https://github.com/OAuthSwift/OAuthSwift/issues/275

OAuthSwift (0.5.2)
Xcode 7.3
Target IOS8
OAuth Server Google

Im trying to follow RW tutorial for OAuth2 but i can't connect, i end with this error.
I also attached a Demo where its only necesary to change client key and password.
Note its using swift 2.2 (xcode 7.3).
The strange thing in the tutorial is this image cause in the current version of credentials the "client secret" doesnt appear like this, now is:
screen shot 2016-09-20 at 22 20 37

So i had to go to "create credentails" and then click to API Key. So then i put Alza... to consumerSecret: ""

demo.zip

    let oauthswift = OAuth2Swift(consumerKey: "****.apps.googleusercontent.com", consumerSecret: "****", authorizeUrl: "https://accounts.google.com/o/oauth2/auth", accessTokenUrl: "https://accounts.google.com/o/oauth2/token", responseType: "code")
    oauthswift.allowMissingStateCheck = true
    oauthswift.authorizeWithCallbackURL(NSURL(string: "com.raywenderlich.Incognito:/oauth2Callback")!, scope: "https://www.googleapis.com/auth/drive", state: "", success: { (credential, response, parameters) in
        print("granted")
      }) { (error) in
        print("error")
    }

(lldb) po error
Error Domain=NSURLErrorDomain Code=401 "HTTP Status 401: Unauthorized, Response: {
  "error" : "invalid_client"
}" UserInfo={NSLocalizedDescription=HTTP Status 401: Unauthorized, Response: {
  "error" : "invalid_client"
}, Response-Headers=<CFBasicHash 0x7fc4f2443ef0 [0x1033d2a40]>{type = immutable dict, count = 11,
entries =>
    0 : x-content-type-options = nosniff
    1 : Content-Type = <CFString 0x7fc4f243e550 [0x1033d2a40]>{contents = "application/json; charset=utf-8"}
    2 : Server = GSE
    3 : Pragma = no-cache
    6 : Date = <CFString 0x7fc4f243e590 [0x1033d2a40]>{contents = "Tue, 20 Sep 2016 20:07:17 GMT"}
    7 : x-frame-options = <CFString 0x7fc4f2444730 [0x1033d2a40]>{contents = "SAMEORIGIN"}
    8 : Content-Encoding = gzip
    9 : x-xss-protection = <CFString 0x7fc4f2443cb0 [0x1033d2a40]>{contents = "1; mode=block"}
    10 : alt-svc = <CFString 0x7fc4f2443d90 [0x1033d2a40]>{contents = "quic=":443"; ma=2592000; v="36,35,34,33,32""}
    11 : Expires = <CFString 0x7fc4f243da30 [0x1033d2a40]>{contents = "Mon, 01 Jan 1990 00:00:00 GMT"}
    12 : Cache-Control = <CFString 0x7fc4f24437b0 [0x1033d2a40]>{contents = "no-cache, no-store, max-age=0, must-revalidate"}
}
, Response-Body={
  "error" : "invalid_client"
}}
Originally created by @ivanruizscm on GitHub (Sep 20, 2016). Original GitHub issue: https://github.com/OAuthSwift/OAuthSwift/issues/275 OAuthSwift (0.5.2) Xcode 7.3 Target IOS8 OAuth Server Google Im trying to follow [RW tutorial for OAuth2](https://www.raywenderlich.com/99431/oauth-2-with-swift-tutorial) but i can't connect, i end with this error. I also attached a Demo where its only necesary to change client key and password. Note its using swift 2.2 (xcode 7.3). The strange thing in the tutorial is [this image](https://cdn5.raywenderlich.com/wp-content/uploads/2015/04/RW_OAuth_Tokens-571x500.png) cause in the current version of credentials the "client secret" doesnt appear like this, now is: <img width="1096" alt="screen shot 2016-09-20 at 22 20 37" src="https://cloud.githubusercontent.com/assets/15628215/18687485/9ebfa4ce-7f80-11e6-85ee-407a4e5dedef.png"> So i had to go to "create credentails" and then click to API Key. So then i put Alza... to consumerSecret: "" [demo.zip](https://github.com/OAuthSwift/OAuthSwift/files/483518/demo.zip) ``` let oauthswift = OAuth2Swift(consumerKey: "****.apps.googleusercontent.com", consumerSecret: "****", authorizeUrl: "https://accounts.google.com/o/oauth2/auth", accessTokenUrl: "https://accounts.google.com/o/oauth2/token", responseType: "code") oauthswift.allowMissingStateCheck = true oauthswift.authorizeWithCallbackURL(NSURL(string: "com.raywenderlich.Incognito:/oauth2Callback")!, scope: "https://www.googleapis.com/auth/drive", state: "", success: { (credential, response, parameters) in print("granted") }) { (error) in print("error") } ``` ``` (lldb) po error Error Domain=NSURLErrorDomain Code=401 "HTTP Status 401: Unauthorized, Response: { "error" : "invalid_client" }" UserInfo={NSLocalizedDescription=HTTP Status 401: Unauthorized, Response: { "error" : "invalid_client" }, Response-Headers=<CFBasicHash 0x7fc4f2443ef0 [0x1033d2a40]>{type = immutable dict, count = 11, entries => 0 : x-content-type-options = nosniff 1 : Content-Type = <CFString 0x7fc4f243e550 [0x1033d2a40]>{contents = "application/json; charset=utf-8"} 2 : Server = GSE 3 : Pragma = no-cache 6 : Date = <CFString 0x7fc4f243e590 [0x1033d2a40]>{contents = "Tue, 20 Sep 2016 20:07:17 GMT"} 7 : x-frame-options = <CFString 0x7fc4f2444730 [0x1033d2a40]>{contents = "SAMEORIGIN"} 8 : Content-Encoding = gzip 9 : x-xss-protection = <CFString 0x7fc4f2443cb0 [0x1033d2a40]>{contents = "1; mode=block"} 10 : alt-svc = <CFString 0x7fc4f2443d90 [0x1033d2a40]>{contents = "quic=":443"; ma=2592000; v="36,35,34,33,32""} 11 : Expires = <CFString 0x7fc4f243da30 [0x1033d2a40]>{contents = "Mon, 01 Jan 1990 00:00:00 GMT"} 12 : Cache-Control = <CFString 0x7fc4f24437b0 [0x1033d2a40]>{contents = "no-cache, no-store, max-age=0, must-revalidate"} } , Response-Body={ "error" : "invalid_client" }} ```
kerem closed this issue 2026-03-03 16:46:16 +03:00
kerem commented 2026-03-03 16:46:17 +03:00
Author
Owner
Copy link

@ivanruizscm commented on GitHub (Sep 20, 2016):

In fact, when you create OAuth client ID if you dont select Web Application you dont get client secret and its a mandatory field :-?
So i'm a bit confused

<!-- gh-comment-id:248426155 --> @ivanruizscm commented on GitHub (Sep 20, 2016): In fact, when you create OAuth client ID if you dont select Web Application you [dont get client secret](http://stackoverflow.com/questions/32071856/how-to-get-client-secret-from-google-developers-console-in-ios) and its a mandatory field :-? So i'm a bit confused
kerem commented 2026-03-03 16:46:17 +03:00
Author
Owner
Copy link

@phimage commented on GitHub (Sep 20, 2016):

You can choose also "other" etc.. I think iOS specific case is for a special authentification mode using their sdk/api

ps: keep oauthswift in memory (by setting as attribute of your view controller)

<!-- gh-comment-id:248434041 --> @phimage commented on GitHub (Sep 20, 2016): You can choose also "other" etc.. I think iOS specific case is for a special authentification mode using their sdk/api ps: keep oauthswift in memory (by setting as attribute of your view controller)
kerem commented 2026-03-03 16:46:17 +03:00
Author
Owner
Copy link

@ivanruizscm commented on GitHub (Sep 20, 2016):

Now i get redirect uri miss match
screen shot 2016-09-20 at 23 17 21
screen shot 2016-09-20 at 23 18 12

<!-- gh-comment-id:248437649 --> @ivanruizscm commented on GitHub (Sep 20, 2016): Now i get redirect uri miss match <img width="635" alt="screen shot 2016-09-20 at 23 17 21" src="https://cloud.githubusercontent.com/assets/15628215/18689243/7350acc2-7f88-11e6-8c14-7def7c7d9dc0.png"> <img width="1473" alt="screen shot 2016-09-20 at 23 18 12" src="https://cloud.githubusercontent.com/assets/15628215/18689273/93ba76f0-7f88-11e6-9a4a-ecb117158aa0.png">
kerem commented 2026-03-03 16:46:17 +03:00
Author
Owner
Copy link

@ivanruizscm commented on GitHub (Sep 20, 2016):

and the bundle id is com.raywenderlich.Incognito
Notice if i select "Other" i can't set the Bundle Id, probably the problem?

<!-- gh-comment-id:248440008 --> @ivanruizscm commented on GitHub (Sep 20, 2016): and the bundle id is com.raywenderlich.Incognito Notice if i select "Other" i can't set the Bundle Id, probably the problem?
kerem commented 2026-03-03 16:46:17 +03:00
Author
Owner
Copy link

@ivanruizscm commented on GitHub (Sep 20, 2016):

As of:
https://support.google.com/googleapi/answer/6158849?hl=en-GB#installedapplications&ios

If your application accesses APIs directly from iOS, you will need the application's Bundle ID and (optionally) its Apple App Store ID.

<!-- gh-comment-id:248440919 --> @ivanruizscm commented on GitHub (Sep 20, 2016): As of: https://support.google.com/googleapi/answer/6158849?hl=en-GB#installedapplications&ios If your application accesses APIs directly from iOS, you will need the application's Bundle ID and (optionally) its Apple App Store ID.
kerem commented 2026-03-03 16:46:17 +03:00
Author
Owner
Copy link

@phimage commented on GitHub (Sep 20, 2016):

so that's not a real oauth flow, but some people have success to use google api according to some issues

redirect uri mismatch : you don't provide the same redirect url in swift code and google configuration page
maybe only http scheme is autorized

the google doc f=
https://developers.google.com/identity/protocols/OAuth2InstalledApp#overview

<!-- gh-comment-id:248442648 --> @phimage commented on GitHub (Sep 20, 2016): so that's not a real oauth flow, but some people have success to use google api according to some issues redirect uri mismatch : you don't provide the same redirect url in swift code and google configuration page maybe only http scheme is autorized the google doc f= https://developers.google.com/identity/protocols/OAuth2InstalledApp#overview
kerem commented 2026-03-03 16:46:17 +03:00
Author
Owner
Copy link

@ivanruizscm commented on GitHub (Sep 20, 2016):

basically if i set the credentials to iOS im able to give permission and get back to the app with "invalid client" error, but if i set to other then im uneable to give permission. So i'm not sure where to follow

<!-- gh-comment-id:248447644 --> @ivanruizscm commented on GitHub (Sep 20, 2016): basically if i set the credentials to iOS im able to give permission and get back to the app with "invalid client" error, but if i set to other then im uneable to give permission. So i'm not sure where to follow
kerem commented 2026-03-03 16:46:17 +03:00
Author
Owner
Copy link

@ivanruizscm commented on GitHub (Sep 21, 2016):

so theres no support for google oauth apis? Other frameworks seems also not using the client secret like AeroGearHttp

let googleConfig = GoogleConfig(
clientId: "YOUR_GOOGLE_CLIENT_ID", // [1] Define a Google configuration
scopes:["https://www.googleapis.com/auth/drive"]) // [2] Specify scope

<!-- gh-comment-id:248632644 --> @ivanruizscm commented on GitHub (Sep 21, 2016): so theres no support for google oauth apis? Other frameworks seems also not using the client secret like AeroGearHttp let googleConfig = GoogleConfig( clientId: "YOUR_GOOGLE_CLIENT_ID", // [1] Define a Google configuration scopes:["https://www.googleapis.com/auth/drive"]) // [2] Specify scope
kerem commented 2026-03-03 16:46:17 +03:00
Author
Owner
Copy link

@phimage commented on GitHub (Sep 21, 2016):

there is no really a google oauth api, there is oauth 1 and 2
then if google some weird things, that's not the OAuthSwift to support or not, just let user do some customisation in request if needed.

I have no time, to test google, but some before me have (see issue with google word inside)

<!-- gh-comment-id:248675773 --> @phimage commented on GitHub (Sep 21, 2016): there is no really a google oauth api, there is oauth 1 and 2 then if google some weird things, that's not the OAuthSwift to support or not, just let user do some customisation in request if needed. I have no time, to test google, but some before me have (see issue with google word inside)
kerem commented 2026-03-03 16:46:17 +03:00
Author
Owner
Copy link

@ivanruizscm commented on GitHub (Sep 21, 2016):

so sick,i removed the customerSecret by an empty string then.. it worked.

<!-- gh-comment-id:248678231 --> @ivanruizscm commented on GitHub (Sep 21, 2016): so sick,i removed the customerSecret by an empty string then.. it worked.
kerem commented 2026-03-03 16:46:18 +03:00
Author
Owner
Copy link

@martindufort commented on GitHub (Jun 27, 2018):

Got bitten by the same issue... Specify empty string for consumerSecret and everything worked fine.

<!-- gh-comment-id:400765961 --> @martindufort commented on GitHub (Jun 27, 2018): Got bitten by the same issue... Specify empty string for consumerSecret and everything worked fine.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
ci/action/danger
ci/action/release-drafter
pkce
ci/action/tvos
ci/travis
2.1.0
2.0.0
fix/fitbiterror
swift3
digu-demo
swift3.0objc
swift2.2
swift2.3
swift2.0
2.2.0
2.1.2
2.1.1
2.1.0
2.0.1
2.0.0
1.4.1
1.4.0
1.3.0
1.2.2
1.2.1
1.2.0
1.1.2
1.1.1
1.1.0
1.0.0
0.6.0
0.5.2
v0.5.2
0.5.1
0.5.0
0.4.8
0.4.6
v0.4.6
0.4.5
v0.4.5
0.4.4
v0.4.4
0.4.3
0.4.2
0.4.1
v0.4.1
0.4.0
v0.4.0
Swift1.x
0.3.7
v0.3.7
0.3.6
v0.3.6
0.3.5
v0.3.5
0.3.4
v0.3.4
0.3.3
v0.3.3
v0.3.2
0.3.2
0.3.1
v0.3.1
0.3.0
v0.3.0
0.2.1
0.2.0
v0.2.0
0.1.9
0.1.8
0.1.7
v0.1.7
v0.1.6
Labels
Clear labels   
bug

   
cocoapod

   
duplicate

   
enhancement

   
feature-request

   
help wanted

   
help wanted

   
invalid

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
wontfix
No labels
bug
cocoapod
duplicate
enhancement
feature-request
help wanted
help wanted
invalid
pull-request
question
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/OAuthSwift#163
No description provided.