Failed to launch browser access denied after hosting to IIS

Question

I am using the Google.net client library to authenticate to a Google API this code works locally but when I uploaded it to my server I get this error

"Failed to launch browser with \"https://accounts.google.com/o/oauth2/v2/auth?access_type=offline&response_type=code&client_id=123&redirect_uri=http%3A%2F%2Flocalhost%3A54597%2Fauthorize%2F&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fdrive\" for authorization. See inner exception for details."

my code

       Google.Apis.Drive.v3.DriveService service = null;
        try
        {
            UserCredential credential;
           // string strUploadFolder = ConfigurationManager.AppSettings["UploadFolder"];

            string credPath = AppDomain.CurrentDomain.BaseDirectory;
            credPath = Path.Combine(credPath, ".credentials/drive-dotnet-quickstart.json");
            credential = GoogleWebAuthorizationBroker.AuthorizeAsync(
               new ClientSecrets
               {
                   ClientId = ConfigurationManager.AppSettings["client_id"],
                   ClientSecret = ConfigurationManager.AppSettings["client_secret"],
               },
                    Scopes,
                    "user",
                    CancellationToken.None,
                    new FileDataStore(credPath, true)).Result;

            // Create Drive API service.
            service = new Google.Apis.Drive.v3.DriveService(new BaseClientService.Initializer()
            {
                HttpClientInitializer = credential,
                ApplicationName = ApplicationName,
            });
        }
        catch (Exception ex)
        {
            throw;
        }
        return service;

Provide required details to this. If possible add some code snippet you have tried with. — I Love Stackoverflow, Mar 03 '18 at 10:13

score 0 · Answer 1 · answered Mar 03 '18 at 19:24

The code you are useing is for installed applications. with install application the browser window is open on the machine.

with web application the browser window for user consent needs to be opened on the users machine

documentation on mvc authentication

using System;
using System.Web.Mvc;

using Google.Apis.Auth.OAuth2;
using Google.Apis.Auth.OAuth2.Flows;
using Google.Apis.Auth.OAuth2.Mvc;
using Google.Apis.Drive.v2;
using Google.Apis.Util.Store;

namespace Google.Apis.Sample.MVC4
{
    public class AppFlowMetadata : FlowMetadata
    {
        private static readonly IAuthorizationCodeFlow flow =
            new GoogleAuthorizationCodeFlow(new GoogleAuthorizationCodeFlow.Initializer
                {
                    ClientSecrets = new ClientSecrets
                    {
                        ClientId = "PUT_CLIENT_ID_HERE",
                        ClientSecret = "PUT_CLIENT_SECRET_HERE"
                    },
                    Scopes = new[] { DriveService.Scope.Drive },
                    DataStore = new FileDataStore("Drive.Api.Auth.Store")
                });

        public override string GetUserId(Controller controller)
        {
            // In this sample we use the session to store the user identifiers.
            // That's not the best practice, because you should have a logic to identify
            // a user. You might want to use "OpenID Connect".
            // You can read more about the protocol in the following link:
            // https://developers.google.com/accounts/docs/OAuth2Login.
            var user = controller.Session["user"];
            if (user == null)
            {
                user = Guid.NewGuid();
                controller.Session["user"] = user;
            }
            return user.ToString();

        }

        public override IAuthorizationCodeFlow Flow
        {
            get { return flow; }
        }
    }
}

In the case of web applications, you need to specify redirect URLs in Dev Console. If an application lacks constant IP address/URL, what would be suggested way for using Google APIs? For example, my application can be launched as localhost/appname or some serveripaddress/appname. Since access origin/redirect URL cannot be determined in my case, I went with installed applications option. But it causes "Failed to launch browser" error. Any workaround available for such scenarios? Thanks. — pradeep, Mar 30 '21 at 11:55
if its a web application then it needs to have a static IP location. In your case i would add both to as redirect uris. but i would not run add localhost if this is a production environment, it would be a security risk you need to have a static location to host your application. Installed application wont work because it opens the web browser on the machine its running on in this case your web server. Your solution is to create a static hosting location for your application. There are no work arounds for user security there are reasons that things are done this way. — Linda Lawton - DaImTo, Mar 30 '21 at 12:55
@DalmTo Thanks for the idea. How about moving the Google auth API function call from controller to a windows service? When user clicks sign-in button, controller will receive the control and controller would send it to a windows service which would launch "installed application" Google auth API function call? Such design will still have to face "Failed to launch browser" error? — pradeep, Mar 30 '21 at 18:36

Failed to launch browser access denied after hosting to IIS

1 Answers1