This repository was archived by the owner on Nov 20, 2025. It is now read-only.
This repository was archived by the owner on Nov 20, 2025. It is now read-only.
BUG: invalid_grant: code_verifier or verifier is not needed (injected automatically) #2028
Description
Please make sure you have searched for information in the following guides.
- Search the issues already opened: https://github.com/GoogleCloudPlatform/google-cloud-node/issues
- Search StackOverflow: http://stackoverflow.com/questions/tagged/google-cloud-platform+node.js
- Check our Troubleshooting guide: https://github.com/googleapis/google-cloud-node/blob/main/docs/troubleshooting.md
- Check our FAQ: https://github.com/googleapis/google-cloud-node/blob/main/docs/faq.md
- Check our libraries HOW-TO: https://github.com/googleapis/gax-nodejs/blob/main/client-libraries.md
- Check out our authentication guide: https://github.com/googleapis/google-auth-library-nodejs
- Check out handwritten samples for many of our APIs: https://github.com/GoogleCloudPlatform/nodejs-docs-samples
A screenshot that you have tested with "Try this API".
googleapis/google-api-nodejs-client#3681 (comment)
/**
* Gets the access token for the given code.
* @param code The authorization code.
* @param callback Optional callback fn.
*/
getToken(code: string): Promise<GetTokenResponse>;
getToken(options: GetTokenOptions): Promise<GetTokenResponse>;
getToken(code: string, callback: GetTokenCallback): void;
getToken(options: GetTokenOptions, callback: GetTokenCallback): void;
getToken(
codeOrOptions: string | GetTokenOptions,
callback?: GetTokenCallback,
): Promise<GetTokenResponse> | void {
const options =
typeof codeOrOptions === 'string' ? {code: codeOrOptions} : codeOrOptions;
if (callback) {
this.getTokenAsync(options).then(
r => callback(null, r.tokens, r.res),
e => callback(e, null, e.response),
);
} else {
return this.getTokenAsync(options);
}
}
private async getTokenAsync(
options: GetTokenOptions,
): Promise<GetTokenResponse> {
const url = this.endpoints.oauth2TokenUrl.toString();
const headers = new Headers();
const values: GetTokenQuery = {
client_id: options.client_id || this._clientId,
code_verifier: options.codeVerifier,
code: options.code,
grant_type: 'authorization_code',
redirect_uri: options.redirect_uri || this.redirectUri,
};
code_verifier: options.codeVerifier,
code_verifier is returned regardless if code_verifier is used.
Link to the code that reproduces this issue. A link to a public Github Repository or gist with a minimal reproduction.
https://github.com/murtuzaalisurti/search-console-api
A step-by-step description of how to reproduce the issue, based on the linked reproduction.
Upgrade googleapis to v150
npm run dev
hit localhost:3000
try to login using your google account
A clear and concise description of what the bug is, and what you expected to happen.
A refresh token is to be returned alongside the access token without the code_verifier.
A clear and concise description WHY you expect this behavior, i.e., was it a recent change, there is documentation that points to this behavior, etc. **
There are no mentioning of any changes that code verifier must be set.