How to add multiple redirect URIs for Google OAuth

2019-02-02 23:52发布

问题:

I am trying to make Google OAuth 2 authentication work with a toy app I am running on my computer (at localhost:8080) using Social Auth for Java.

However when my app connects to Google to authenticate the user, Google responds with this error page:

My app, named "My Hobby App", is configured in the Developer Console as such:

In the Google OAuth 2 docs, it is specified that:

redirect_uri: One of the redirect_uri values listed for this project in the Developers Console.

Determines where the response is sent. The value of this parameter must exactly match one of the values listed for this project in the Google Developers Console (including the http or https scheme, case, and trailing '/').

I have a couple of questions:

  • How can I add multiple redirect_uris to my app?
  • Why is Google identifying my app as "Project Default Service Account" rather than "My Hobby App"?

回答1:

It's actually easier than you think, unfortunately it took me a couple of hours to figure it out.

How can I add multiple redirect_uris to my app?

Normally when you add multiple link to something on Google or elsewhere you separate it by , or ; but with Redirect URIs you have to use a new line, it's actually not very intuitive. So when you press Edit Settings button, you can add to the URI and/or Origins if you have a couple more links, separated by newlines (enter).

No need for complicated app configurations or new keys.

Why is Google identifying my app as "Project Default Service Account" rather than "My Hobby App"?

On your second question: You have to go to the "Consent Screen" tab to change your app info such as your PRODUCT NAME, HOMEPAGE, LOGO, etc.



回答2:

This answer may not be an exact answer to the question, but I think this might help those who are using Google OAuth for the first time and are wondering why their multiple URIs are not being recognized.

We use the redirect URI at 2 places in the code. First time, while fetching the auth code and a second time, when exchanging this code for an access token.

In the Google docs, it is clearly mentioned that the response for the auth code request(1st request) will be sent to the redirect URI. So, if you make the request from an endpoint A and specify the rediredt URI as endpoint B, Google will send the auth code to endpoint B. This is clear and worked fine without any errors.

Coming to the second request, the documentation is somewhat ambiguous. The redirect_URI parameter is described as below:

redirect_uri: The URI that you specify in the API Console, as described in Set a redirect URI.

This is where I made a mistake in understanding how this works. Following a similar approach to the first call, I used a third endpoint C and passed this endpoint C in the redirect_URI parameter while making the second call. I got a URI mismatch error although my endpoints B and C are specified in the API console.

The problem is that, unlike in the case of first call, the response to the second call comes to the same endpoint from where the request is made. I made a request in python like below:

r = requests.post(token_endpoint, params)

r has the response with the token.

I was getting a URI mismatch because, I am supposed to use the same redirect_URI in both the calls.

So, for a single OAuth request, we need to use a single redirect_URI.

But then, that brings up the question, why are multiple redirect_URIs allowed in the API console for a single app. I am assuming that if we need to make multiple pairs of authCode-token calls in the same app, we have the leeway of using multiple redirect_URIs.