Authorization code is invalid or expired error

SOLVED
Go to solution
FirstNameL86527
Member
0 Votes

When I try to convert my access code to an access token I'm getting the error:  Status 400.  Authorization code is invalid or expired  Error:  invalid_grant

 

I formerly had this working, but moved code to my local dev machine.  The steps I tried taking:

 

1)  Delete existing auth token/refresh token file

2) Called 

https://api.cc.email/v3/idfed?client_id=<redacted>&redirect_uri=https%3A%2F%2Flocalhost&response_type=code&scope=account_read+account_update+contact_data

3)  When this returned a page on my browser, I logged in.  I then took the auth code from the redirect url (?code=xxxxxxxxxxxxxx)

4)  I called the following code, setting the authCode to xxxxxxxxxxxxxx from the step above

String tokenFromAuthCodeUrl = "https://idfed.constantcontact.com/as/token.oauth2?code=" + authCode +
"&redirect_uri=https://localhost&grant_type=authorization_code";

HttpRequest httpRequest = null;
java.net.http.HttpResponse< String > response = null;
HttpClient httpClient = HttpClient.newBuilder().build();

httpRequest = HttpRequest.newBuilder()
.uri( URI.create( tokenFromAuthCodeUrl ) )
.header( "Authorization" , refreshTokenHeadersMap.get( "Authorization" ) )
.POST( HttpRequest.BodyPublishers.ofString( "" ) )
.build();

response = httpClient.send( httpRequest , java.net.http.HttpResponse.BodyHandlers.ofString() );

5)  The response returned is Status 400.  Authorization code is invalid or expired  Error:  invalid_grant

 

I'm not sure where to go from here.  Can anyone see a problem with what I'm doing?

 

1 ACCEPTED SOLUTION
raleighb3
Member

i will ask the obvious:   did you post your Request for Access/Refresh Token within the 60 second life of the Authorization Code?    Because:  "The authorization code has a 60 second lifetime."    If that is not the problem,  then can you post copy of your httpRequest so we see the details.

View solution in original post

2 REPLIES 2
raleighb3
Member

i will ask the obvious:   did you post your Request for Access/Refresh Token within the 60 second life of the Authorization Code?    Because:  "The authorization code has a 60 second lifetime."    If that is not the problem,  then can you post copy of your httpRequest so we see the details.

FirstNameL86527
Member
0 Votes

Not so obvious

Yes, that was the problem.  I wasn't aware of the short life of the Auth Code. 

 

Thanks!