OAuth 2.0 not working for server-side web application

I am trying to get gmail contacts using Google contacts api. For this i am using OAuth 2.0. For this i read their guide for using OAuth 2.0 here. Broadly i followed these steps

1. Register my app with google and get a client id and client secret and registered my redirect uri with them
2. now i first created a file called sample.php on which if the user clicks on get contacts he is redirected to google confirmation page
3. now google asks for confirmation and if the user agrees to provide its contact details then he is redirected to the redirect uri with a code.
4. now i extract the code and make a post request to get the OAuth token and if i get the token i make a request for the contacts.

The code for the sample.php looks like this

<?php
$client_id="my client id";
$redirect_uri="http://localhost/htdocs/contacts/redirect.php";
echo <<<doc
<html>
<body>
<a href="http://accounts.google.com/o/oauth2/auth?client_id=$client_id&redirect_uri=$redirect_uri&scope=https://www.google.com/m8/feeds/&response_type=code">
get contacts
</a>
doc;
echo <<<doc
</body>
</html>
doc;
?>

the code for the redirect.php looks like this

<?php
$client_id="my client id";
$client_sec="my client secret ";  
$redirect_uri="http://localhost/htdocs/contacts/redirect.php";
$code=$_GET['code'];
$post="code=$code&client_id=$client_id&client_secret=$client_sec&redirect_uri=$redirect_uri&grant_type=authorization_code";
$post=urlencode($post);
 //the following curl request is made to get the authorization token
$ch=curl_init();
$url="https://accounts.google.com/o/oauth2/token";
curl_setopt($ch,CURLOPT_URL,$url);
curl_setopt($ch,CURLOPT_FOLLOWLOCATION,1);
curl_setopt($ch,CURLOPT_AUTOREFERER,1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER,false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch,CURLOPT_POST,1);
curl_setopt($ch,CURLOPT_POSTFIELDS,$post);
curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
$json=curl_exec($ch);
curl_close($ch);
echo $json;     // this is showing Required parameter is missing: grant_type Error 400
$res=json_decode($json,true);
print_r($res);   // this is just for debugging
$token=$res['access_token'];
echo $token;   // this is just开发者_如何学Go for debugging
$url="https://www.google.com/m8/feeds/contacts/default/full?oauth_token=$token";
  //the following curl request is made to get the contacts
$ch=curl_init();
curl_setopt($ch,CURLOPT_URL,$url);
curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch,CURLOPT_FOLLOWLOCATION,1);
curl_setopt($ch,CURLOPT_AUTOREFERER,1);
$xml=curl_exec($ch);
echo $xml;
curl_close($ch);
$dom= new DOMDocument();
$dom->loadXML($xml);
$xpath=new DOMXPath($dom);
$path='//gd:email';
$nodes=$xpath->query($path);
echo $nodes->length."<br />";
foreach($nodes as $node)
{
$email=$node->attributes->getNamedItem('address')->nodeValue;
echo $email."<br />";
}
?>

now the problem is that step 4 fails. It goes well till the confirmation step and when i click Allow access i am redirected to my redirect uri but its saying

Required parameter is missing: grant_type Error 400

now i dont understand this because i am providing the grant_type parameter. i looked in firebug and found out that a post request is being made but not the one which i intended. the post request that is being made is this

https://accounts.google.com/o/oauth2/approval?xsrfsign=AC9jObYAAAAATkfm3uvx0sfsW7WVmB_FeRqVPLjDcTLz and the status says 302 moved Temporarily. I dont understand whats going on. have they changed something in the OAuth workflow? Need some help

Edit As suggested bu Ikke i removed the space before grant_type and it worked. Now i can get the access token but still i am unable to get the contacts.(i get an error as Empty string supplied as input in htdocs\contacts\redirect.php on line 35 and line 35 refers to $dom->loadXML($xml); so it seems that the get request is not being made) Moreover i am not able to see the post request being made in firebug (but surely its being made because i get the access token as the response). i also dont see the get request in firebug which i make after post request whats wrong?

Update: the problem was that the request was on https and i was not using the appropriate headers for https. I used the correct headers and it worked.Problem solved? Maybe. Because i still dont understand why i am unable to see those get and post requests in firebug's' net` tab

There is a space between the & and the grant_type. That could cause google not to recognize the parameter.

"Because i still dont understand why i am unable to see those get and post requests in firebug's'net` tab"

I assume since you are requesting stuff with curl, it has nothing to do with firefox, since curl is a server-side library, therefore POSTs made by curl do not go through browser and firebug cannot see them.

You're passing an already urlencoded string to PHP's urlencode():

$post="code=$code&client_id=$client_id&client_secret=$client_sec&redirect_uri=$redirect_uri&grant_type=authorization_code";
$post=urlencode($post);

This messes up the value, Google's server can't properly parse it and therefore reports a missing parameter. Remove the $post=urlencode($post); line and see if it works better.