OAuth2 Error

[Minas Gratas]

Hello there,

My application works perfectly on my localhost (http://localhost:8888/app). When I deploy the app, on  OAuth step I get an error.

400. That’s an error.
Error: redirect_uri_mismatch

I am using PHP Lib. So Refresh token is fetched by the library.

My OAuth 2.0 client ID is "Other" type.

I also created a Web Application (OAuth Client ID) because it has a redirect URL to specify, then when I use it library does not fetch the RefreshToken as it does with "Other" type.

Curious why it works on localhost but fails on the server. Am I missing a step?

[Joyce Lava]

Hello,

If you are doing the web app flow, you should follow the steps for the web app flow which includes entering the JavaScript origins, redirect URIs or both.

You can use the local machine as the URI for testing purposes, however, you should specify your authorized URI so you can use OAuth2. You may find this documentation helpful.

Regards,

Joyce, AdWords API Team

[Minas Gratas]

@Joyce,

Thank you for your response!

Yes, I am using a Web App flow.

First, I generated OAuth Credentials as "Other" type and used the sample code from GitHub on my localhost. Worked fine! I could authorise with different users. When I uploaded it did not work, got URI Mismatch error.

So then I created a OAuth Credentials as explained here and used Authorised redirect URIs with my domain (ie. www.domain.com/app/oauth) . This time the code from the sample (pasting below) does not redirect my to User Consent Screen at all. Therefore there is no refresh_token  in $authToken.

P.S: This code snippet works perfectly on my localhost if I use this combination;

1.OAuth Client ID Type : "Other"

2. redirectUri in the code: http://localhost:8888/app/oauth

Then I am redirected to consent screen and get a refresh token.

When I change the redirectUri and upload to my server, it does not work.

Also;

1.OAuth Client ID Type : "Web Application"

2. Authorised redirect URIs -> http://localhost:8888/app/oauth

3. redirectUri in the code : http://localhost:8888/app/oauth

I am not redirected to Consent Screen, therefore do not have a refresh_token.

use Google\Auth\OAuth2;

session_start();

$oauth2 = new OAuth2([
    'authorizationUri' => 'https://accounts.google.com/o/oauth2/v2/auth',
    'tokenCredentialUri' => 'https://www.googleapis.com/oauth2/v4/token',
    'redirectUri' => '****',
    'clientId' => '****',
    'clientSecret' => '****',
    'scope' => '****'
]);
if (!isset($_GET['code'])) {
  // Create a 'state' token to prevent request forgery.
  // Store it in the session for later validation.
  $oauth2->setState(sha1(openssl_random_pseudo_bytes(1024)));
  $_SESSION['oauth2state'] = $oauth2->getState();

  // Redirect the user to the authorization URL.
  $config = [
    // Set to 'offline' if you require offline access.
    'access_type' => 'online'
  ];
  header('Location: ' . $oauth2->buildFullAuthorizationUri($config));
  exit;
}elseif (empty($_GET['state'])
    || ($_GET['state'] !== $_SESSION['oauth2state'])) {
  unset($_SESSION['oauth2state']);
  exit('Invalid state.');
} else {
  $oauth2->setCode($_GET['code']);
  $authToken = $oauth2->fetchAuthToken();

  // Store the refresh token for your user in your local storage if you
  // requested offline access.
  $refreshToken = $authToken['refresh_token'];
  
}

[Joyce Lava]

Hello,

If you don't require call back URLs, then you should be able to use the installed app flow (recommended). If so, let's try to focus on making it work with the installed app flow (app type = "Other").

Please make sure that you perform these steps to follow the installed app flow. Second thing is to run the GetRefreshToken.php example code as you can see here (make sure that you run it in the command line). You do not need to change anything from the GetRefreshToken.php example code now that we're trying to use the installed app flow. Please let me know if this helps.

If you confirm, however, that what you need is to have a call back URL (web app), could you send to me (reply privately to author) the complete logs you are encountering when you tried the web app flow?