I'm adding Google Oauth2 to a Rails app, but have been unable to get past the early stages. I've set up an app, and defined client ID and secret.But I'm getting <code>Invalid parameter value for redirect_uri: Non-public domains not allowed: http://localhost/path/to/callback</code> What does this mean? Is this because I'm testing on a local dev environment? Thanks for any ideas. EDIT This might be because the app's URI differs from the sending URI. But when I go to Google and try to authorize the path to my dev app, I get <code>OAuth2 redirect is invalid</code>. Is this a limitation of using a locally hosted app? EDIT 2 The request I'm generating looks like this: <pre class="prettyprint"><code>https://accounts.google.com/o/oauth2/auth?response_type=code&client_id=###########&redirect_uri=http%3A%2F%2Fmyapp.dev%2Fusers%2Fauth%2Fgoogle_oauth2%2Fcallback&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.profile&approval_prompt=&access_type=offline </code></pre> Is this correct. I've tried this with client_id including and excluding the <code>.apps.googleusercontent.com</code> section. Neither seems to work.

I was getting the redirect error for my python / tornado app running on ubuntu. Using localhost didn't work as the accepted answer highlighted. Google wants a public domain. My solution was to piggyback "example.com" which is public and create a sub domain in my /etc/hosts file. The sub domain would work on my local dev box and google would be happy with the example.com domain. I registering the redirects via the google console and the redirect worked successfully for me. I added the following to my /etc/hosts: <pre class="prettyprint"><code>192.168.33.100 devbox devbox.example.com </code></pre> In my case the IP was that of my machine. I could also have used 127.0.0.1 instead. My Google API console (https://code.google.com/apis/console) set up for a new client ID was: <ul> <li>"Application Type: Web Application". </li> <li>Via "Your site or hostname (more options)": <ul> <li>In "Authorized Redirect URIs" I entered http://devbox.example.com/ </li> <li>In "Authorized JavaScript Origins" I entered http://devbox.example.com/ </li> </ul> </li> </ul>

Why is Google Oauth returning `invalid redirect

I'm adding Google Oauth2 to a Rails app, but have been unable to get past the early stages.

I've set up an app, and defined client ID and secret.But I'm getting Invalid parameter value for redirect_uri: Non-public domains not allowed: http://localhost/path/to/callback

What does this mean? Is this because I'm testing on a local dev environment?

Thanks for any ideas.

EDIT

This might be because the app's URI differs from the sending URI. But when I go to Google and try to authorize the path to my dev app, I get OAuth2 redirect is invalid. Is this a limitation of using a locally hosted app?

EDIT 2

The request I'm generating looks like this:

https://accounts.google.com/o/oauth2/auth?response_type=code&client_id=###########&redirect_uri=http%3A%2F%2Fmyapp.dev%2Fusers%2Fauth%2Fgoogle_oauth2%2Fcallback&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.profile&approval_prompt=&access_type=offline

Is this correct. I've tried this with client_id including and excluding the .apps.googleusercontent.com section. Neither seems to work.

What is OAuth Redirect_uri?

The Redirect_uri is used when a Resource Owner grants Authorization to the OAuth Client. Following the successful Authorization by the Resource Owner at the Authorization Server for the OAuth Client for Resource Server the Resource Owner is redirected back to the OAuth Client's Redirect_uri.

What does Error 400 Redirect_uri_mismatch mean?

This is an error that comes up in the final step of adding the Client ID and Secret to SSA. This happens when the URL to your site is not typed in exactly right in the API console to the newly created Client ID and Secret. This is not your fault, Google is quite picky with the URL.

What is invalid redirect URI?

Invalid Redirect URI While working on a web based client, you have to ensure that the redirect URI passed while authentication, is the same as the one given during registration. If the redirect uri is not the one given during registration, an invalid redirect uri error will be thrown.

What is redirect URI in oauth2 Google?

The redirect URIs are the endpoints to which the OAuth 2.0 server can send responses. These endpoints must adhere to Google's validation rules. For testing, you can specify URIs that refer to the local machine, such as http://localhost:8080 .

I was getting the redirect error for my python / tornado app running on ubuntu. Using localhost didn't work as the accepted answer highlighted. Google wants a public domain.

My solution was to piggyback "example.com" which is public and create a sub domain in my /etc/hosts file. The sub domain would work on my local dev box and google would be happy with the example.com domain. I registering the redirects via the google console and the redirect worked successfully for me.

I added the following to my /etc/hosts:

192.168.33.100   devbox  devbox.example.com

In my case the IP was that of my machine. I could also have used 127.0.0.1 instead.

My Google API console (https://code.google.com/apis/console) set up for a new client ID was:

"Application Type: Web Application".
Via "Your site or hostname (more options)":
- In "Authorized Redirect URIs" I entered http://devbox.example.com/
- In "Authorized JavaScript Origins" I entered http://devbox.example.com/

Using xip.io you can provide a public url to redirect to like http://your_pow_app.192.168.0.1.xip.io/user/auth/google_oauth2/callback

Tested and working.

Why is Google Oauth returning `invalid redirect_urI` in my Rails app?

Tags:

ruby-on-rails

oauth

Andy Harvey

People also ask

2 Answers

Oisin

Happynoff

Recent Activity

Donate For Us