search

googleapis / google-api-nodejs-client

Google's officially supported Node.js client library for accessing Google APIs. Support for authorization and authentication with OAuth 2.0, API Keys and JWT (Service Tokens) is included.
https://googleapis.dev/nodejs/googleapis/latest/
Apache License 2.0
11.36k stars 1.92k forks source link

redirect_uri_missmatch cant figure out what is wrong with url #3014

Open eduardojustos opened 2 years ago

eduardojustos commented 2 years ago

I am trying to create an automated login in Cypress. I already followed the tutorial in the docs; from this, I can retrieve the user and its information. The problem is that my API uses its own JWT, which I am trying to follow to log in. When I reach the same endpoint as the visual Google SSO callback does, I provide the authorization code hoping to be able to log in, but I keep getting redirect_uri_missmatch and not much more information in the getToken method.

error: {
      "response": {
        "config": {
          "method": "POST",
          "url": "https://oauth2.googleapis.com/token",
          "data": "code<REMOVED_AUTH_CODE>&client_id=<REMOVED_CLIENT_ID>-r0r4r63vqp40u0rvo12cn7tqras97nap.apps.googleusercontent.com&client_secret=<REMOVEDCLIENT_SECRET>&redirect_uri=http%3A%2F%2Flocalhost%3A3000%2Fpas%2Fauth%2Fcallback&grant_type=authorization_code&code_verifier=",
          "headers": {
            "Content-Type": "application/x-www-form-urlencoded",
            "User-Agent": "google-api-nodejs-client/7.8.0",
            "x-goog-api-client": "gl-node/16.13.2 auth/7.8.0",
            "Accept": "application/json"
          },
          "body": "code=<SOME_AUTH_CODE>&client_id=<SOME_CLIENT_ID>-r0r4r63vqp40u0rvo12cn7tqras97nap.apps.googleusercontent.com&client_secret=<REMOVED_CLIENT_SECRET>&redirect_uri=http%3A%2F%2Flocalhost%3A3000%2Fpas%2Fauth%2Fcallback&grant_type=authorization_code&code_verifier=",
          "responseType": "json"
        },
        "data": {
          "error": "redirect_uri_mismatch",
          "error_description": "Bad Request"
        },
        "headers": {
          "alt-svc": "h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000,h3-Q050=\":443\"; ma=2592000,h3-Q046=\":443\"; ma=2592000,h3-Q043=\":443\"; ma=2592000,quic=\":443\"; ma=2592000; v=\"46,43\"",
          "cache-control": "no-cache, no-store, max-age=0, must-revalidate",
          "connection": "close",
          "content-encoding": "gzip",
          "content-type": "application/json; charset=utf-8",
          "date": "Mon, 27 Jun 2022 19:34:03 GMT",
          "expires": "Mon, 01 Jan 1990 00:00:00 GMT",
          "pragma": "no-cache",
          "server": "scaffolding on HTTPServer2",
          "transfer-encoding": "chunked",
          "vary": "Origin, X-Origin, Referer",
          "x-content-type-options": "nosniff",
          "x-frame-options": "SAMEORIGIN",
          "x-xss-protection": "0"
        },
        "status": 400,
        "statusText": "Bad Request",
        "request": {
          "responseURL": "https://oauth2.googleapis.com/token"
        }
      },

As far as I know, I need to insert in the console the URL that is making the POST, which I did. Also, I know that from the visual login I get the current URL, so I can add it in the console, but not that much from this.

And this starts with a GET from localhost:3000/pas/auth/callback?, so I believe I am missing a small thing here

So far I have localhost:3000 and localhost:3000/pas/auth/callback in the allow list

vhiepp commented 1 year ago

ok

twelve17 commented 1 year ago

@eduardojustos are you using the javascript API to get the oauth code, which then you are using in your example? If so, the redirect url should be the literal "postmessage". Found out about it here: https://stackoverflow.com/questions/11485271/google-oauth-2-authorization-error-redirect-uri-mismatch/48121098#48121098