2

I'm implementing social login on my website. I was able to implement the "One tap" flow, but I need to have an alternative to handle the "cooldown" which prevents the popup from appearing, if the user blocked it or closed it. So I followed the "Authorization" flow on Google documentation. Until yesterday morning everything was working fine and I succesfully exchanged the code with a token by calling

https://oauth2.googleapis.com/token

or

https://accounts.google.com/o/oauth2/token

sending secret and everything. In a first instance I used Postman, then I made a sample code in a Spring project, before preparing the final code in another Spring project.

The first run in the final project I started getting a 400 error, with the redirect_uri_mismatch error key.

And then I was never able to do the exchange anymore, I get the same error from Postman as well.

The config is correct (It never changed from when it was working).

How can I solve this??

Here's some code

FRONTEND

 this.client = google.accounts.oauth2.initCodeClient({
                client_id: this.clientId,
                scope: "openid profile email",
                ux_mode: "popup",
                redirect_uri: this.redirectUri,
                callback: (response) => {
                    debugger;
                    this.submitFakeForm({
                        clientId: this.clientId,
                        code: response.code
                    });
                }
            });
this.client.requestCode();

POSTMAN PARAMS

this.redirectUri is identical to the one passed here and set up on Google credentials

enter image description here

FOR THE MOST SKEPTICAL, THE AUTHORIZED REDIRECTS :)

They're repeated in couples, because one is for local development, one is for the integration environment. And of course the production config is on another credential.

enter image description here

OtaconKiko
  • 186
  • 10
  • I don't think the redirect uri is the same, because you cant set up a redirect uri in google cloud console with url parms. Please show me what you have configured in google cloud console. – Linda Lawton - DaImTo Nov 05 '22 at 17:52
  • If you say so you know nothing about the OAuth protocol. Don't worry I just solved it. – OtaconKiko Nov 05 '22 at 17:56

1 Answers1

1

Nowhere in the docs is this, but I came across this answer here on stackoverflow and it's basically suggesting not to pass the real redirect_uri, but to use a fixed string postmessage.

I want to point up again that I was using the real redirect_uri yesterday and it worked. I will do some tests again in the future and update here if something changes.

For now just know that using postmessage fixed the issue for me

also I will be using https://oauth2.googleapis.com/token as endpoint, since it's the one mentioned in the (awful) docs, although https://accounts.google.com/o/oauth2/token works just as well.

enter image description here

OtaconKiko
  • 186
  • 10