How to get dummy google access token to test oauth google api

google-api oauth

Is there any way in which I can generate access token to test oauth for logging in with gmail?

I have created a google app, and got the client and secret ids.

I know facebook will allow you to do so from this url https://developers.facebook.com/tools/accesstoken/

Is there any method like this for Google?


Use the Google OAuth playground:

Request:

POST /oauth2/v3/token HTTP/1.1
Host: www.googleapis.com
Content-Type: application/x-www-form-urlencoded

code=4/P7q7W91a-oMsCeLvIaQm6bTrgtp7&
client_id=8819981768.apps.googleusercontent.com&
client_secret={client_secret}&
redirect_uri=https://oauth2-login-demo.appspot.com/code&
grant_type=authorization_code

(Successful) Response:

{
  "access_token":"1/fFAGRNJru1FTz70BzhT3Zg",
  "expires_in":3920,
  "token_type":"Bearer"
}

I also highly recommend reading the Google OAuth 2.0 documentation


The best solution to this currently is to log in to a Google account, capture the Google cookies for this session, then use these same cookies to acquire an authorization code in your tests later. Each time the test runs, it can create an authorization code and exchange this for an access token. I've found these cookies can last 6 months or more.

I did the following to achieve this using Chrome:

  1. Open a Chrome private browing session
  2. Open https://myaccount.google.com and log in using your chosen Google credentials
  3. Open the Chrome Dev Tools (Ctrl-Shift-I), Network tab, and select 'Preserve log'
  4. Do your OAuth login flow to log in with Google
  5. In the Chrome Dev Tools 'Network' tab you will see a request that went to https://accounts.google.com/o/oauth2/auth.... Copy this full URL.
  6. Select this request and select the Cookies tab. Copy all the cookies. You should have cookies for ACCOUNT_CHOOSER, APISID, CONSENT, GAPS, ...

Now during your test, you can do an HTTP GET request to the URL you captured above, and in the request you should include the cookies you captured above. You should get a 302 response with code=... in the URL shown in the Location header.

Finally, in your test you can exchange this code for an access and refresh token using a POST to https://www.googleapis.com/oauth2/v4/token.

The Google OAuth playground doesn't help us here, since you still need some manual interaction to generate the authorization code (the playground is not 'automated').

Related

Writing a "real" interactive terminal program like vim, htop, ... in C/C++ without ncurses
Using percent for font size?
DELETE using CURL with encoded URL
angularjs with oop inheritance in action
django settings per application - best practice?
How to set and change the culture in WPF
Is there an invalid pthread_t id?
ASP.NET MVC Architecture : ViewModel by composition, inheritance or duplication?
What is [cmdletbinding()] and how does it work?
Explain clones info in Github's Traffic tab
How to efficiently compute average on the fly (moving average)?
What is exports and prototype in Javascript?