redirect uri mismatch in fastapi

Question

I hope everyone is fine. I am trying to implement google sso on my fastapi app. after entering the user credentials is entered and it gets redirected while redirecting i am getting this error

google_sso = GoogleSSO("client-id", "client-secret", "http://127.0.0.1:8000/google/callback/")

@app1.get("/google/login")
async def google_login():
    """Generate login url and redirect"""
    return await google_sso.get_login_redirect()


@app1.get("/google/callback")
async def google_callback(request: Request):
    """Process login response from Google and return user info"""
    user = await google_sso.verify_and_process(request)
    print("Hellooooooooooooooo")
    print(user, "11111111111111")
    return {
        "id": user.id,
        "picture": user.picture,
        "display_name": user.display_name,
        "email": user.email,
        "provider": user.provider,
    }

I have shared the URL configuration in google dashboard in below screenshot

enter image description here

the error i have mentioned below

oauthlib.oauth2.rfc6749.errors.CustomOAuth2Error: (redirect_uri_mismatch) Bad Request

S_Koen · Answer 1 · 2021-07-14T08:27:49.667

The problem could lay in the process_login() function which is getting called in the verify_and_process() function in your /callback api.

Let's take a look inside the process_login() function (https://tomasvotava.github.io/fastapi-sso/sso/base.html#fastapi_sso.sso.base.SSOBase.verify_and_process):

async def process_login(self, code: str, request: Request) -> Optional[OpenID]:
"""This method should be called from callback endpoint to verify the user and request user info endpoint.
This is low level, you should use {verify_and_process} instead.
"""
url = request.url
current_url = str(url).replace("http://", "https://")
current_path = f"https://{url.netloc}{url.path}"

I guess the (redirect_uri_mismatch) error is because you are using a HTTP redirect_url in your GoogleSSO() call:

google_sso = GoogleSSO("client-id", "client-secret", "http://127.0.0.1:8000/google/callback/")

Inside the process_login() function the HTTP of the redirect url inside the url of your request is replaced with HTTPS:

url = request.url    
current_url = str(url).replace("http://", "https://")

After that replacement you have a mismatch with your redirect url, because

https://127.0.0.1:8000/google/callback/ 

is not

http://127.0.0.1:8000/google/callback/

They are two different urls.

Solution could be that you secure your server with HTTPS via self signed certificates. (That one is very simple: https://dev.to/rajshirolkar/fastapi-over-https-for-development-on-windows-2p7d)

Btw. did you register you app in the google cloud (https://developers.google.com/identity/sign-in/web/sign-in)? Because you are using "client-id" and "client-secret" as parameters.

score 0 · Answer 2 · answered Jun 18 '21 at 13:51

0

try it use 127.0.0.1:8000/google/callback #remove /

or

fix url @app1.get("/google/callback/") #add /

answered Jun 18 '21 at 13:51

Ponlawat Sitthiwet

7
2

the url which is coming from redirected google is very long – Sagabarnisa S Jun 18 '21 at 13:53
i tried both you mentioned in @app1.get() but both are not working – Sagabarnisa S Jun 18 '21 at 13:54

score 0 · Answer 3 · answered Sep 08 '21 at 00:08

This is because the port number is changing in the redirect URI, everytime you run the application. So everytime you run it it becomes:

http://localhost:65280/
http://localhost:65230/
http://localhost:63280/

And so forth. I dont have a solution for you yet. Working on it myself right now.

redirect uri mismatch in fastapi

3 Answers3