{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 啃猪蹄的小仙女 的问题《Google Sign In API OAuth2- Error: invalid_request》','https://www.manongdao.com/q-742906.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I am having problems with the google Sign In API. I followed the tutorial to configure it from the Google Dev. console. Looked pretty simple... I read some similar questions on Stack Overflow, but all I could find is : Add your authorized origins... (By the way what is the 'Authorized origins' ?)
Here is the code I inserted into my PHP web page :
<head>
<title>CrateBoxStudio</title>
<meta name="google-signin-client_id" content="**MYCODE**-nk3amkhq4disgfjmcsd53gku38bk6rpv.apps.googleusercontent.com">
<script src="https://apis.google.com/js/platform.js" async defer></script>
</head>
I did not include the button and the javacript functions in the above code, as I think it is not important for my problem. I also excluded boostrap and jQuery stuff and other unrelated tags.
The error simple description : Permission denied to generate login hint for target domain.
Full error detail (Requested details):
redirect_uri=storagerelay://http/192.168.0.111?id=auth885739
response_type=permission id_token
scope=email profile openid
openid.realm=
client_id=**MYCODE**-nk3amkhq4disgfjmcsd53gku38bk6rpv.apps.googleusercontent.com
ss_domain=http://192.168.0.111
fetch_basic_profile=true
gsiwebsdk=2
192.168.0.111 is the local IP of my server. It is my server local IP because I am testing it locally. It would be my router IP if it was accessed outside my home. (We can't use numeric IPs in the Authorized origins, could this be related?)
Above is the error I get when I click the Sign in button on my website home page (I only have 1 page for now, index.php) See by yourself : http://crateboxstudio.com (This URL was added to the Authorized JavaScript origins from the Google Console. The URL brings us to my index.php page.).
So,
This domain name is hosted by GoDaddy.
My server is running on Apache2 with Ubuntu Server.
The Google sign in button throws the error above
I only have 1 page (index.php). It is where the Sign in button is.
My domain name redirects to my router IP on port 8080, hidden by the URL.
I added crateboxstudio.com and lan.crateboxstudio.com to the allowed domains of the Domain verificatiion in the console.
I did nothing else than what is mentioned above.
Authorized JavaScript origins :
http://www.lan.crateboxstudio.com (This is just so I can use a subdomain at home)
Authorized redirect URIs: -Nothing...
Anyone has an idea how I could get more info about my error or how to fix it?
P.S. I am not much familiar with questions on stack overflow, excuse me if I do not respect some standard. Feel free to comment.
Thank you, Cratebox
You have to add the local domain (which you use for testing) to the list of allowed domains in your Google project in Developer Console. Google will reject authentication requests from any domain(s) which are not listed there.
After all, I found out there was a problem with my goDaddy domain name configuration. I switched to Google Domain (to make things simpler, the interface is so clear and simple) and I figured out that I was trying to forward my domain to my server IP.
This is incorrect. The API does not support forwarded domain. It had to be a A record (Or whatever type maybe I don't know much about these)
My domain settings from Google Domains:
In the picture above, I created 2 A (or whatever types maybe, I don't know much about these) records. The @ (shortcut for the current domain name, AKA crateboxstudio.com) is for my public IP.
The second, lan, is my subdomain for local testing (lan.crateboxstudio.com).
The area with big blue X is the equivalent section on goDaddy where I was trying to forward my domain to a certain IP. Couldn't do that... Not sure why however.
My credential settings from Google API Console:
The www and the not www are required in the picture above.
Works well finally! However, my ISP blocks port 80, so I can't just type crateboxstudio.com, I need to type crateboxstudio.com:8080...