Why is Google Oauth returning `invalid redirect_ur

2019-01-10 08:41发布

问题:

I'm adding Google Oauth2 to a Rails app, but have been unable to get past the early stages.

I've set up an app, and defined client ID and secret.But I'm getting Invalid parameter value for redirect_uri: Non-public domains not allowed: http://localhost/path/to/callback

What does this mean? Is this because I'm testing on a local dev environment?

Thanks for any ideas.

EDIT

This might be because the app's URI differs from the sending URI. But when I go to Google and try to authorize the path to my dev app, I get OAuth2 redirect is invalid. Is this a limitation of using a locally hosted app?

EDIT 2

The request I'm generating looks like this:

https://accounts.google.com/o/oauth2/auth?response_type=code&client_id=###########&redirect_uri=http%3A%2F%2Fmyapp.dev%2Fusers%2Fauth%2Fgoogle_oauth2%2Fcallback&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.profile&approval_prompt=&access_type=offline

Is this correct. I've tried this with client_id including and excluding the .apps.googleusercontent.com section. Neither seems to work.

回答1:

I was getting the redirect error for my python / tornado app running on ubuntu. Using localhost didn't work as the accepted answer highlighted. Google wants a public domain.

My solution was to piggyback "example.com" which is public and create a sub domain in my /etc/hosts file. The sub domain would work on my local dev box and google would be happy with the example.com domain. I registering the redirects via the google console and the redirect worked successfully for me.

I added the following to my /etc/hosts:

192.168.33.100   devbox  devbox.example.com

In my case the IP was that of my machine. I could also have used 127.0.0.1 instead.

My Google API console (https://code.google.com/apis/console) set up for a new client ID was:

  • "Application Type: Web Application".
  • Via "Your site or hostname (more options)":
    • In "Authorized Redirect URIs" I entered http://devbox.example.com/
    • In "Authorized JavaScript Origins" I entered http://devbox.example.com/


回答2:

Using xip.io you can provide a public url to redirect to like http://your_pow_app.192.168.0.1.xip.io/user/auth/google_oauth2/callback

Tested and working.



回答3:

I used my public hostname. It helps if you have a static IP address. I used http://www.displaymyhostname.com/ to get my hostname. I plugged it straight into the Authorized JavaScript origins field when I created a new Web Application Client ID.

P.S. My hostname looked something like this: 111.111.111.111.static.exetel.com.au

This is my answer to a related question https://stackoverflow.com/a/23517146/1320083



回答4:

For anyone else finding this, my problem was combination of several things.

  1. I could not get callbacks to work on a local machine. The console API console suggests it is possible, but I couldn't get it working. Not sure of this is down to the service, or to my network/ connection/ firewall/ etc.

  2. In the API console you must specify the full redirect URI, not just the root url back to your app.

  3. Google lists scope parameters here https://developers.google.com/gdata/faq#AuthScopes. It seems this information is outdated, and the correct format for these is now https://www.googleapis.com/auth/plus.me, https://www.googleapis.com/auth/youtube, etc. Maybe someone else can confirm this?

I had a few other things going on as well. I had written a full explanation on another of my questions here on SO. Unfortunately my comments were deleted instead of moved by a moderator because I posted in the wrong place. I can't now remember all that I wrote. For others facing similar issue, feel free to comment, it may jog my memory so I can offer some ideas.



回答5:

Error redirect_uri_mismatch - This error can occur when you entered an incorrect bundle ID in your Google Developers Console project that does not match your app's bundle ID. Check that your client ID and bundle ID match the values that are displayed in the Developers Console.



回答6:

For me it was the function that built up the google url. I put line breaks in the string, once I removed the line breaks the url worked again.



回答7:

I faced this issue but found it was really not an issue. As explained in my blog you can use the public redirect URI even when you are working on your localhost development machine. Google will just return the authorization code to the public URI where you can cut and paste it to your local machine.