google redirect uri mismatch
Авторизация Google OAuth 2-Ошибка: несоответствие uri перенаправления
на сайте https://code.google.com/apis/console я зарегистрировал свое приложение, настроил сгенерированный идентификатор клиента: и Ключ в мое приложение и попытался войти в систему с помощью Google. К сожалению, я получил сообщение об ошибке:
что значит это сообщение и как я могу это исправить? Я использую камень omniauth-Google-на что OAuth2.
26 ответов
URI перенаправления (куда возвращается ответ) должен быть зарегистрирован в консоли API, и ошибка указывает, что вы не сделали этого или не сделали это правильно.
перейдите к консоли для вашего проекта и посмотрите в разделе доступ к API. Вы должны увидеть свой идентификатор клиента и секрет там, вместе со списком URI перенаправления. Если нужного URI нет в списке, нажмите кнопку Изменить параметры и добавьте URI в список.
в моем случае это был www и non-www URL-адрес. Фактический сайт имел www URL и Авторизованный Перенаправление URIs в консоли разработчика Google было non-www URL-адрес. Следовательно, было несоответствие в перенаправлении URI. Я решил это, обновив Authorized Redirect URIs в консоли разработчика Google для www URL-адрес.
другие общие несоответствия URI:
вот пошаговые скриншоты консоли разработчика Google, так что это было бы полезно для тех, кто получает его трудно найти страницу консоли разработчика для обновления перенаправления URIs.
Если вы используете кнопка Google + javascript, то вы должны использовать postmessage вместо фактического URI. Мне потребовался почти целый день, чтобы понять это, так как документы Google по какой-то причине не ясно заявляют об этом.
Google Error 400: redirect_uri_mismatch?
Ошибка авторизации
Ошибка 400: redirect_uri_mismatch
The JavaScript origin in the request, https://henty.loc, does not match the ones authorized for the OAuth client. Visit https://console.developers.google.com/apis/credent. to update the authorized JavaScript origins.
Подробнее…
Пробовал так же удалить все ссылки.
В доках нет или непонятно где закопано как протестировать с локальным доменом.
[Action Advised] Inactive registered OAuth URIs for your project(s) will be removed from Google Developer Console by July 12, 2021, for non-compliance with URI validation rules
Входящие
Google Developers
2 июн. 2021 г., 22:03
кому: я
Google logo
Hello Google Developer,
We are writing to let you know that you have inactive OAuth redirect URIs and JavaScript origins in your Google Cloud project that are not in compliance with Google’s OAuth URI validation rules.
On July 12, 2021, we will remove all inactive URIs that are invalid.
On September 13, 2021, we will remove all URIs that are not in compliance with redirect URIs and Javascript origins rules (including formerly inactive URIs trying to become active).
What do I need to do to be compliant?
If these inactive OAuth redirect URIs and JavaScript origins are no longer needed, you can remove them from your Google Cloud project. If they remain inactive, they will be automatically deleted after July 12, 2021.
If your app still needs to use these URIs, please update your app and OAuth configuration from the Google Developer Console to use redirect URIs or JavaScript origins that are compliant with the OAuth URI validation rules by September 13, 2021.
The following Google Cloud project(s), which has/have registered OAuth redirect URIs and JavaScript origins without usage for over 90 days, and which will be removed by July 12, 2021:
Project ID: ***
Client: ***
URI: https://localdomain.loc
If you have any questions or concerns regarding these changes, please review the documentation provided above in this email.
The Google Developer Team
© 2021 Google LLC 1600 Amphitheatre Parkway, Mountain View, CA 94043
You have received this mandatory service announcement to update you about important changes to Google services you use.
Google Analytics OAuth2: How to solve error: «redirect_uri_mismatch»?
In order to install the google api resources, I used composer with this command:
This installed the «vendor» folder in my root site folder. My index.php and oauth2callback.php files are located in the «public_html» folder.
Here’s a screenshot of my error when going to my site:
If I click on my only available Client ID, I can navigate to see the URI’s which I’ll screenshot below as well:
As you can see, under Authorized Javascript origins, I have http://localhost listed, and under authorized redirect URIs, I have my live site followed by the «oauthc2callback.php» file extension.
I don’t understand how to get rid of the error I’m getting. I’ve tried replacing the URI’s and putting in different JavaScript origins.
Also, for some reason on that last screenshot, it says that I don’t have permission to edit this OAuth client, but I can make edits.
The code I have for index.php:
The code I have for «oauth2callback.php»:
All of this code was taken from the first website example, except with a few minor additions to make it match my system.
Anyone know how I can get rid of this error? What am I doing wrong?
Google Data API Authorization Redirect URI Mismatch
Authenticating with Google’s APIs seems impossible! I have done the following:
However, when I attempt to authenticate with Google’s APIs, I recieve the following error:
The redirect URI in the request, http://127.0.0.1:63354/authorize/, does not match the ones authorized for the OAuth client.
Problem
So now, for the problem. The only thing I can find when searching for a solution for this is people that say
just put the redirect URI in your approved redirect URIs
Unfortunately, the issue is that every single time my code attempts to authenticate with Google’s APIs, the redirect URI it is using changes (the port changes even though I set a static port in the project’s properties). I cannot seem to find a way to get it to use a static port. Any help or information would be awesome!
NOTE: Please don’t say things like «why don’t you just do it this other way that doesn’t answer your question at all».
The code
client_id.json
Method That Is Attempting to Use API
Project Properties
4 Answers 4
The Original Answer works, but it is NOT the best way to do this for an ASP.NET Web Application. See the update below for a better way to handle the flow for an ASP.NET Web Application.
Original Answer
So, I figured this out. The issue is that Google thinks of a web app as a JavaScript based web application and NOT a web app with server side processing. Thus, you CANNOT create a Web Application OAuth Client ID in the Google Developer Console for a server based web application.
The solution is to select the type Other when creating an OAuth Client ID in the Google Developer Console. This will have Google treat it as an installed application and NOT a JavaScript application, thus not requiring a redirect URI to handle the callback.
Feb 16, 2018 Updated Better Answer:
Note: Google does have a Google.Apis.Auth.MVC package to help simplifiy this OAuth 2.0 flow, but unfortunately it’s coupled to a specific MVC implementation and does not work for ASP.NET Core or Web API. So, I wouldn’t use it. The example I’ll be giving will work for ALL ASP.NET applications. This same code flow can be used for any of the Google APIs you’ve enabled as it’s dependent on the scopes you are requesting.
Also, I am assuming you have your application set up in your Google Developer dashboard. That is to say that you have created an application, enabled the necessary YouTube APIs, created a Web Application Client, and set your allowed redirect urls properly.
redirect_uri_mismatch the redirect URI in the request does not match the ones authorized for the OAuth client
I have following client secret
«Error: redirect_uri_mismatch The redirect URI in the request, http://127.0.0.1:8414/authorize/, does not match the ones authorized for the OAuth client.
To update the authorized redirect URIs, visit:». Could you please suggest, how to fix it.
3 Answers 3
When you are creating your credentials in https://console.developers.google.com:
After cliking on Create credentials by choosing OAuth client ID :
Choose Other as Aplication type:
.
You should have this format of credentials:
Now your OAuth2 link should works whatever your port in redirection_uri paramater as http://localhost:8414 for example (with 8414 as random port). And you are no more this error:
Error: redirect_uri_mismatch The redirect URI in the request, http://localhost:8414/authorize/, does not match the ones authorized for the OAuth client.
I just ignored the port in the error message when adding as an Authorized redirect URL.
The redirect uri is the URL where you want Google to return the authencation to. This should be the file that you have set up to handle the Oauth response.
When you created your project in Google Developer console you should have supplied a redirect uri to google that states where you will be sending from and where you would like the response to be returned to.
«Error: redirect_uri_mismatch The redirect URI in the request, http://127.0.0.1:8414/authorize/, does not match the ones authorized for the OAuth client.
means that you are sending from http://127.0.0.1:8414/authorize/ however this is not one of the redirect uris that you have added in Google developer console. Go back to the developer console and add this http://127.0.0.1:8414/authorize/ or http://localhost:8414/authorize/ you may or may not need the ending / as well
Bypass Login
What you need to understand is that most of Googles api data is private user data. In order to access private user data you must have the consent of the user who owns that. We use Oauth2 to request from the user consent for our application to access their data. There is no way to by pass an oauth2 consent.
Unfortunately there is no other way to access the YouTube api. If you want to access private user data you will always have to ask the user for consent at least once and then save the credentials as you are doing now using file data store.