Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Google: Permission denied to generate login hint for target domain NOT on localhost

I am trying to create a Google sign-in and getting the error:

Permission denied to generate login hint for target domain

Before you mark this a duplicate, this is not the same as the question asked at Google sign in website Error : Permission denied to generate login hint for target domain because in that case the questioner was on localhost, whereas I am getting this error on the server.

Specifically, I have included the url of the server in the Authorized Javascript Origins, as in the following image: Javascript origins

and when I get the error, the request shows that the same url was sent, as in the following image: Invalid request page

Is there something else I should be putting in my Restrictions page? Is there any way to figure out what is going on here? Is there a log at the developer console that can tell me what is happening?

like image 241
jimboweb Avatar asked Mar 15 '16 19:03

jimboweb


2 Answers

Okay, I figured this out. I was using an IP address (as in "http://175.132.64.120") for the redirect uri, as this was a test site on the live server, and Google only accepts actual urls (as in "http://mycompany.com" or "http://localhost") as redirect uris.

Which, you know, THEY COULD HAVE SAID SOMEWHERE IN THE DOCUMENTATION, but whatever.

like image 100
jimboweb Avatar answered Nov 03 '22 06:11

jimboweb


I know this is an old question, but it's the first result when you look for the problem via Google, so I'll share my solution with you guys.

When deploying Google OAuth service in a private network, namely some IP that can't be accessed via the Internet, you should use a magic DNS service, like xip.io that will give you an URL that your browser will resolve to your internal IP. You see, Google needs to be able to reach your authorized origin via your browser, that's why setting localhost works if you're serving it on your computer, but it won't work when you're deploying outside the Internet, as in a VPN, intranet, or with a tunnel.

So, the steps:

  1. get your IP address, the one you're deploying at and it's not a public domain, let's say it's 10.0.0.1 as an example.
  2. add http://10.0.0.1.xip.io to your Authorized Javascript Origins on the Google Developer Console.
  3. open your site by visiting http://10.0.0.1.xip.io
  4. clear your cache for the site, if necessary.
  5. Log in with Google, and voilà.

I got to this solution using this answer in another question.

like image 48
fixmycode Avatar answered Nov 03 '22 07:11

fixmycode