Google OAuth “invalid_grant” because of URL-encoded format

Yusuf Biberoğlu
2 min readFeb 23, 2023

If Instead of decoding the the url received you copied directly the code and passed to your API you got “invalid_grant” error

4%2F0AWtgzh4NXVxRSQJgVpxtGoRaTs0Zekj1EUnB36svBWiBrUE0TbzazsxNs3b_NBPU4-L0em

Decode from URL-encoded format;

4/0AWtgzh4NXVxRSQJgVpxtGoRaTs0Zekj1EUnB36svBWiBrUE0TbzazsxNs3b_NBPU4-L0em

https://www.urldecoder.org/

Send request after decoded as below;

The superglobals $_GET and $_REQUEST are already decoded. Using urldecode() on an element in $_GET or $_REQUEST could have unexpected and dangerous results.

You can get code value without decode URL in php example;

$_GET['code']

$request->get('code')

My Udemy Course;

Symfony application using Google OAuth for authentication. When a user signs in through Google, our system will check if the user already exists in our database. If not, it will create a new user account. Once authenticated, either as a new or existing user, our application will generate a JSON Web Token (JWT). Built on the API Platform.

If you want a detailed explanation, please purchase my Udemy course.

https://www.udemy.com/course/google-oauth-php-symfony-api-platform-jwt/?referralCode=67A58BBAE3151CDC1255

Discount Coupon: AD25A625CB8976085C88

--

--