I am implementing OAuth 2.0 with Google API's, but the redirect Uri from Google is missing the hash (#) and path. Which causes my parsing to fail. I am building for Web Browsers.
My Request URI to Google:
https://accounts.google.com/o/oauth2/v2/auth?redirect_uri=http://localhost:4002/sso-callback&response_type=token&state=C2ubRxTMwv&client_id=...
The redirect_uri
decodes to http://localhost:4002/sso-callback
Google's Redirect URI:
http://localhost:4002/state=C2ubRxTMwv&access_token=...
Which is missing both the /sso-callback
path and the #
needed to distinguish the OAuth params when using response_type=token
Not sure if this is a config issue, or a Google issue.
CodePudding user response:
When I submit this URL by pasting it in the address bar in Chrome:
https://accounts.google.com/o/oauth2/auth?scope=https://mail.google.com/&response_type=token&client_id=111111-aaaaaaaa.apps.googleusercontent.com&state=1&redirect_uri=http://localhost:3000/callback
I receive a redirect to
http://localhost:3000/callback#state=1&access_token=ya29.A0ARrdaM-tPsT7jLIaCoVdhHo5vW71tYF1Z4ESfNNzNAh6SN7e_a4x24V0HVu4M427KF3bpWk8-Sm37oUxUHDpA-mMGJrAQPHgMlDA0suMVW2R0WBR_9vQiaPf8cMB8Tna8EH9wLSrm58PG3g30HJWUio1Ytyh&token_type=Bearer&expires_in=3599&scope=https://mail.google.com/
A few notes: Google auth server seems to only use the first redirect URI configured in Google Console. In your case it is
http://localhost:4002
Try placing your desired redirect URI
http://localhost:4002/sso-callback
in the first position in the Console.
CodePudding user response:
Turns out there was an SSR redirect that was breaking the urls that I did not know about. The answer by Delta George got me to try out a few other urls which made the issue clear.