Google OAuth throwing edirect_uri_mismatch error - django

I am attempting to add Google Authentication to my Django project. I have been able to configure my project to work with my app on Heroku using a different Oauth client object but I can't seem to get it to work for my development server.
I keep getting the error:
Error: redirect_uri_mismatch
The JavaScript origin in the request, http://localhost:8000, does not match the ones authorized for the OAuth client.
from Google.
My Authorized Javascript origin is:
https://localhost:8000
http://localhost:8000
My Authorized Redirect URIs are:
https://localhost:8000
https://localhost:8000/
https://localhost
http://localhost:8000
http://localhost:8000/
http://localhost
(I tried all of these combos based on comments from similar questions.)
Any help or advice would be much appreciated as I can't seem to find the answer to this anywhere in the API docs.

Each time I changed the Client in the developer console I neglected to make the corresponding update in the Django template. I was using the wrong client the whole time - careless mistake.

Related

Tapkey Web API - Problem when Registering OAuth clients [Tapkey]

I am trying to register OAuth client, following the docs, but none of the links containing /developers in the path are working for me. I am either getting redirected to the https://my.tapkey.com/AdminUI/ and infinite load, until i refresh the page, or getting status code 502 Bad Gateway.
The ones I am having problems with are:
https://my.tapkey.com/AdminUI/developers/oauth-clients
https://my.tapkey.com/AdminUI/developers/identity-providers.
I tried on different OS's, using proxy, but nothing worked for me.
I am trying to register OAuth client, and explore more of the TapKey web api, but this one is a blocker for me.
You caught us here - we have changed the website a bit, and updated documentation is on its way but not yet published. We are working on it right now.
Developer section has moved to Tapkey Integrator Portal available on https://portal.tapkey.io .
Use the same login credentials you are using with Tapkey.

Django Google log-in/sign up not working even though django-oauth

Following this guide to add google sign-in/sign-up to my django app.
Added all the code and it all seemed to be working until the very end when I got this error.
Error 400: redirect_uri_mismatch
The redirect URI in the request, http://127.0.0.1:8000/accounts/google/login/callback/, does not match the ones authorized for the OAuth client. To update the authorized redirect URIs, visit: https://console.developers.google.com/....
However, i visit my credential screen I do see the url correctly reported. What am i doing wrong?
problem solved itself after 1h. Probably google taking time to deploy changes in credentials

Getting Error 400: redirect_uri_mismatch in cognito idp settings

I am following this cognito add social auth to add google auth into one of my app for testing. Completed all steps as listed, but when I am testing that using this
https://<your_user_pool_domain>/login?response_type=code&client_id=<your_client_id>&redirect_uri=https://www.example.com , I am getting an error
Error 400: redirect_uri_mismatch
The redirect URI in the request, https://xxxx-xxxx.auth.ap-south-1.amazoncognito.com/oauth2/idpresponse, does not match the ones authorized for the OAuth client. To update the authorized redirect URIs, visit:
initially the redirect uri and callback url in cognito app client settings were different but i changed those, also I tried changing my redirect url to simple https://google.com, but still not working. I did some research regarding the same, found out that it might take some time to reflect the changes in google oauth setings, its been 2 hrs since I have changed the same, should I wait or is there some other work around this.
Also, I setup facebook login following same doc, it is working fine.
please help!
In my experience this mismatch refers to the difference between your constructed URL and the setting in Cognito Pool. In the pool config, the redirect_uri is called Callback URL. Make sure those two have the same URL.
You can set it in Cognito UI here: App Integration > App Client Settings > Sign in and sign out URLs > Callback URL(s)
or you can specify the URL(s) in your code if you are using CDK.
new cognito.UserPoolClient({
oAuth: {
callbackUrls: ['https://www.example.com', '<url2>'],
}
...
}
Finally I got the solution, redirect url in google auth credentials needs to be your **domainName+/oauth2/idpresponse** .
its has something to do with your uri, whether in google cloud or cognito ,double check if the uri entered is a match

Facebook auth setup

How can I setup PAW to work with Facebook locally for development? Or even at all for that matter?
I have a node.js backend that I'm setting up with Facebook Auth. Every one of my routes needs the user to be logged in. I have two endpoints related to FB Auth. localhost:3000/api/v1/loginFB and localhost:3000/api/v1/callbackFB. Both of these work great in a web browser.
loginFB simply returns this string... https://www.facebook.com/dialog/oauth?client_id=523534457345&redirect_uri=https://localhost:3000/api/v1/callbackFB&scope=email,public_profile,user_friends.
When I call that URI in a browser, it returns a code=blahblah which my callbackFB endpoint uses to fire off another request to get the access token. All good.
So now in PAW I'm confused by the difference between the request URI and the Authorization URL text field? Should I use the loginFB URI for my request URI? And then https://www.facebook.com/dialog/oauth in the Authorization URL textfield?
Basically what's happening is that when I click Get Access Token, it returns the code but my callbackFB endpoint 500's by saying "This authorization code has been used." The code that it's getting returned is definitely different each time I Get Access Token.
This is where I'm at with this thing (Client ID and Client Secret are actually my App ID and App Secret from fb's dev management site, and the Access Token URL is actually set to https://graph.facebook.com/v2.3/oauth/access_token which I'm 99% sure is the correct URI):
This is the error I get when I click Get Access Token button:
It would be awesome to get some advice from anyone with experience with this issue. Thanks.
Re: #MichaMazaheri
tl;dr Fixed in version 2.2.2
Sorry for the super late follow-up. We actually fix this exact issue in Paw 2.2.2, which is already released on our website, and pending review for the Mac App Store. (It was some JSON vs. Form URL-Encoded parsing issue). Thanks for reporting.

How can I make Google OAuth2 authentication work?

I'm using the excellent Django Social Auth app to handle logins from a variety of services. This works nicely with Twitter, Facebook and LinkedIn but I can't figure out why it will not work with Google. I have got this message numerous times trying all the options that I can think:
Error: redirect_uri_mismatch
Request Details
scope=https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email
response_type=code
access_type=offline
redirect_uri=http://dev.mysite.com/complete/google-oauth2/
next=/close_login_popup/
state=OHZtGyZPyrM0XUjzEsf8dv22VAZGXSY6
display=page
client_id=820357455247-4levikqugduodacfc8j3b5dhsvmbbnnb.apps.googleusercontent.com
To create the API key, I went to https://code.google.com/apis/ then filled out the form using the following steps:
Then, I chose 'Installed Application' which I don't fully understand but most documentation suggest this option. I have tried both other options without success:
If I try creating a Web Application specifying http://.dev.mysite.com I get the following error:
Error: redirect_uri_mismatch
The redirect URI in the request: http://dev.mysite.com/complete/google-oauth2/ did not match a registered redirect URI
Learn more
Request Details
scope=https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email
response_type=code
access_type=online
redirect_uri=http://dev.mysite.com/complete/google-oauth2/
next=/close_login_popup/
state=xcpu93i7XJJmYlwXnRbkfgEwsbbR1O7c
display=page
client_id=606300275392.apps.googleusercontent.com
My objective is to have a link that someone can click on, give permissions to Google and then log in to my site. I'm testing this on the actual site, wwww.dev.mysite.com and when trying the other options for key generation I specified dev.mysite.com. I would appreciate any suggestions of what to try next as I've run out of ideas.