I am using a custom local URL for development of a project that authenticates with both Google and Adwords using OAuth2.
The entry in my /etc/hosts file looks like:
127.0.0.1 sub.example.dev:3001
In the Google Cloud Platform console I have an OAuth 2.0 client ID setup with:
type: Web Application
Authorized JavaScript origin: http://sub.example.dev:3001
Authorized redirect URIs:
http://sub.example.dev:3001/auth/adwords/callback
http://sub.example.dev:3001/auth/google/callback
I authenticate with with both Google and Adwords separately. Previously I was using localhost:3001 instead of the custom URL which was working for both Google and Adwords. After switching to the custom local URL the Google auth still works, but when I try to authenticate with Adwords I get a redirect_uri_mismatch error.
The error page tells me that "The redirect URI in the request, sub.example.dev:3001/auth/adwords/callback, does not match the ones authorized for the OAuth client." The URI reported here is exactly the same as what I have as an authorized redirect URI (minus the protocol).
Why does this work with Google OAuth, but not Adwords? How can I get a custom local redirect URL to work with Adwords OAuth?
Thanks!
I found the issue, and there was a hint in the question itself. The redirect URL that I pass during the OAuth flow needs to contain the protocol and I had missed that in my config.
The redirect URL I was passing in the OAuth flow was sub.example.dev:3001/auth/adwords/callback
I changed it to http://sub.example.dev:3001/auth/adwords/callback and now it works! :D
Related
Authorization Error
Error 400: redirect_uri_mismatch
You can't sign in to this app because it doesn't comply with Google's OAuth 2.0 policy.
If you're the app developer, register the redirect URI in the Google Cloud Console.
The redirect uri sit he URI where you are telling the authorization server to return authorization to. This uri must be registered in Google developer console for your project.
So redirect uri miss match means that your application is telling the authorization server to return the authorization code to a uri that you have not configured in Google developer console. The easiest solution is to take the uri its telling you is missing and simply add it.
This video will show you how to add it. Google OAuth2: How the fix redirect_uri_mismatch error.
I can't get the client token code from google spreadsheet addon gravity forms. I have got the Client Id, the secret code and I have filled the domain, etc. But i dont know how to solve this issue.
Error: redirect_uri_mismatch
The redirect URI in the request, https://findoit.app/, does not match the ones authorized for the OAuth client. To update the authorized redirect URIs, visit: https://console.developers.google.com/apis/credentials/oauthclient/125591414320-20nvdkbr8cepaf436densffj569492bf.apps.googleusercontent.com?project=125591414320
How to set-up the redirection URI
Go to your cloud console
Choose a project
Go on APIs & Services -> Credentials
+Credentials
Create OAuth client ID
Choose Web Application
Specify Authorized redirect URIs
If required: add the URI to the authorized domains list before submitting
Create credentials
I have a webapp that uses google authentication. When I click on the login, it gets the following error:
The redirect URI in the request, http://campus-study-2019.appspot.com/oauth2callback, does not match the ones authorized for the OAuth client. To update the authorized redirect URIs, visit: https://console.developers.google.com/apis/credentials/oauthclient/477760217336-q6bdhcdqvsrf56kaa7k0ifennf775lug.apps.googleusercontent.com?project=477760217336
When I try to add
http://campus-study-2019.appspot-preview.com/oauth2callback to my Authorized redirect URIs in the Google Cloud platforms. I get the following:
Invalid Redirect: You are using a sensitive scope. URI must use https:// as the scheme.
Does anyone have any idea?
However, previously (1-2 months ago) I could easily add http in the list of authorized redirect URIs
Make sure to check the protocol "http://" or "https://" as google checks protocol as well. Better to add both URL in the list.
& or &?
trailing slash(/) or open ? (CMD/CTRL)+F, search for the exact match in the credential page. If not found then search for the missing one.
Wait until google refresh it. May happen in each half an hour if you are changing frequently or it may stay in the pool.
For your reference, please check the below link where you could check other options about your issue:
Google OAuth 2 authorization - Error: redirect_uri_mismatch
The error is due to there being at least one restricted scope added to the project where the OAuth client ID resides.
You can see the set scopes for Google APIs by going to your project in the Developers Console -> APIs & Services -> OAuth consent screen. To fix the error there are two options:
Remove the restricted scopes from the project (there will be a warning icon next to them on the OAuth consent screen page)
Add only HTTPS URLs as authorized restricted URIs (https://campus-study-2019.appspot-preview.com/oauth2callback in this case)
When i try get access token via oauth (oauth screen with Allow button) on my local machine it works, but when i do the same on test server: i get oauth screen, i press allow and it's redirects to callback uri with code, and then app asking for token (i use PHP lib):
$client->authenticate($request->get('code'));
$access_token = $client->getAccessToken());
and i get null in response and application does not get authorized and it's not in authorized apps in google account.
I've checked redirect URLs listed in Google APIs - everything matches!
And i don't get any errors from google, it's just redirects to callback url and not adds application to authorized apps list.
But it works on local with same credentials. Any one can help me and guide where the problem can be?
Solved. I did not set redirect url before $client->authenticate($request->get('code'));
This is from the google federated login description
"Once Google accepts the authentication request, the user is redirected to a Google authentication page. At this point the authentication sequence takes over. On successful authentication, Google redirects the user back to the URL specified in the openid.return_to parameter of the original request."
I assume my web app is responsible for the redirect 'to a Google authentication page' mentioned here? I dont see how google can make this redirect.
And If my webapp does the redirect, how do the openid request parameters get sent to google?
On reading some more, its only possible that once "Once Google accepts the authentication request", (I assume the requesting party gets a 200 http status), the requesting web application now adds the same parameters that had been posted to google login endpoint to a google authentication url and then redirects the user to this url