redirect_uri_mismatch
2,954 views
Skip to first unread message
Dmitry Shelestov
Dec 8, 2011, 5:05:13 AM12/8/11
to oauth...@googlegroups.com
Hello!
I successfully implemented OAuth 2.0 on my test (beta) webserver, but having a trouble on a production.
BETA
This is a redirect URI:
And then request for token:
'_content' => 'grant_type=authorization%5Fcode&redirect_uri=http%3A%2F%2Fbeta%2Eride%2Dnow%2Eru%2Fgallery%2Ftie%2F%3Fstep%3Dcb&client_secret=<...>&client_id=992659371264%2Eapps%2Egoogleusercontent%2Ecom&code=kAcAH%2B1Ng2BfOPR0TaQcdjn2jtaY%2FMw9CvVR2ySpzuBxi4St%2FdJdxG2RhT73%2FYtmYdAxaTZeHe4Y1PDza2GfQkmwdMmElSV23VwWGX4tpcypaiOUryKK9zIncI%3D',
result is 200
BUT
on my production server
thing is like
token request:
'_content' => 'grant_type=authorization%5Fcode&redirect_uri=http%3A%2F%2Fwww%2Eride%2Dnow%2Eru%2Fgallery%2Ftie%2F%3Fstep%3Dcb&client_secret=<...>&client_id=992659371264%2Eapps%2Egoogleusercontent%2Ecom&code=kAcAH%2B1Ng2hy2WVTyfPC1kuT2mMEhUZgX0Yd%2B19pI5iVBDkCnpzAxYJx0p7ED3hemelsFaNbhuKkyflYLUfW2pG37mdwSu15RzW0V5ZTAwvks%2BlhzTA0ZaNqPo%3D',
answer is 400 "error" : "redirect_uri_mismatch" though both redirect URI's registered in APIs Console.
Maybe the reason is that www.ride-now.ru is only a CNAME for ride-now.ru?
Thank you!
Dmitry Shelestov
Dec 8, 2011, 5:13:20 AM12/8/11
to oauth...@googlegroups.com
btw I tried different encoding options (including don't encode content at all) and almost in every cases it works perfect at beta.domain, but never works on www.domain
Dmitry Shelestov
Dec 8, 2011, 5:17:01 AM12/8/11
to oauth...@googlegroups.com
and I'm sorry for incorrect data. www.ride-now.ru is not a CNAME its an "A" record in DNS....
Dmitry Shelestov
Dec 8, 2011, 5:48:29 AM12/8/11
to oauth2-dev
Problem resolved.
I created two different APIs accounts
I created two different APIs accounts
myitcv
Dec 12, 2011, 4:39:20 PM12/12/11
to oauth...@googlegroups.com
Hoping someone can put me right here. I am following these excellent instructions:
Here is where I am:
I have a registered application within https://code.google.com/apis/console/
I can successfully request a CODE ('Forming the URL' section of Link 2) but then in 'Handling the Response' I always receive redirect_uri_mismatch
So with the code that I have, I then try a post to the following URL: https://accounts.google.com/o/oauth2/token
'code':<the code>,
'client_id':<CLIENT_ID>,
'client_secret':<CLIENT_SECRET>,
'redirect_uri': 'http://localhost:8080/code',
'grant_type':'authorization_code'
http://localhost:8080/code is registered as a redirect URI under my Google APIs console. Indeed if I intentionally change the client ID to something incorrect I get an 'invalid client' error. So I'm confident that with my actual client ID and secret this should work.
Any ideas? Is there a good way to debug this?
THanks
Message has been deleted
myitcv
Dec 12, 2011, 5:44:23 PM12/12/11
to oauth...@googlegroups.com
Ok, so with a bit more digging this does appear to be related to the use of :8080
If I portforward and instead register simply http://localhost/code as a redirect URI this works.
Perhaps someone from Google could comment on the 'bug' of fully qualified port URIs not working?
Justin Smith
Dec 12, 2011, 8:19:59 PM12/12/11
to oauth...@googlegroups.com
We just deployed an update to the service that impacts redirect_uri matching.
That might have fixed the problem - can you try again?
You can register ports in the API Console, so at first glance it seems like you are doing the right thing (most of my local test apps are using ports on localhost).
myitcv
Dec 13, 2011, 3:20:11 AM12/13/11
to oauth...@googlegroups.com
Yep, that has fixed the problem, thanks.
Is there a list we can sign up to for notifications of these sorts of updates?
Breno de Medeiros
Dec 13, 2011, 12:23:07 PM12/13/11
to oauth...@googlegroups.com
The changes were announced in oauth2-dev:
https://groups.google.com/group/oauth2-dev/browse_thread/thread/a0d7ad55f16b9bd4/c4dc01adfd51d8b3?lnk=gst&q=changes#c4dc01adfd51d8b3
--
--Breno
Reply all
Reply to author
Forward
0 new messages