跨客户端单点登录的Google OAuth 2.0 redirect_uri_mismatch错误 [英] Google OAuth 2.0 redirect_uri_mismatch error for cross-client single-sign on

查看：119 发布时间：2020/11/19 6:57:46 oauth single-sign-on google-oauth

本文介绍了跨客户端单点登录的Google OAuth 2.0 redirect_uri_mismatch错误的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！

问题描述

我们正尝试实现Google的OAuth 2.0跨客户端登录功能，以便我们的服务器保留令牌并将其与用户相关联，如以下流程图所示:

We are trying to implement Google's OAuth 2.0 cross-client sign-on functionality so that our server keeps the tokens and associates them with users, as shown in the diagram for the flow here: Google OAuth 2.0 Server-Side Flow

我能够在客户端应用程序上成功检索一次性访问代码.然后，我通过" http://example.com/oauth2callback/code= "

I am able to successfully retrieve a one-time access code on the client app. I then send that code to the server via a post to "http://example.com/oauth2callback/code="

到服务器就可以了.然后，服务器尝试向POST发送至Google，如下所示:

It gets to the server just fine. The server then attempts a POST to Google that looks like this:

POST /o/oauth2/token HTTP/1.1
Host: accounts.google.com
Content-Type: application/x-www-form-urlencoded

code={My Code}&
client_id={My Client ID}&
client_secret={My Client Secret}&
redirect_uri="http://example.com/oauth2callback"&
grant_type=authorization_code

但是，每次服务器返回错误:redirect_uri_mismatch."

However, each time the server is returning "Error: redirect_uri_mismatch."

我们已经尝试了一切.我们在Google控制台中仔细检查了redirect_uri是否完全匹配，并且客户端ID和客户端密码正确无误.它仍然不起作用.有什么想法吗?

We have tried everything. We double-checked the redirect_uri matches EXACTLY in the Google console and the client ID and client secret are correct. It still doesn't work. Any ideas?

推荐答案

我们最终解决了这个问题，但是我想在这里发布它，以便其他人可以找到它.事实证明，如果您要通过自己的服务器与Google的服务器进行通信，将一次性访问代码交换为访问令牌，则不应该指定重定向URI.相反，它应如下所示:

We figured this out eventually, but I wanted to post this here so that others can find it. It turns out that you should NOT specify a redirect URI if you are exchanging a one-time access code for an access token via communicating with Google's servers from your own server. Instead, it should look like this:

POST /o/oauth2/token HTTP/1.1
Host: accounts.google.com
Content-Type: application/x-www-form-urlencoded

code={My Code}&
client_id={My Client ID}&
client_secret={My Client Secret}&
redirect_uri=''&
grant_type=authorization_code

这篇关于跨客户端单点登录的Google OAuth 2.0 redirect_uri_mismatch错误的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！

查看全文

跨客户端单点登录的Google OAuth 2.0 redirect_uri_mismatch错误 [英] Google OAuth 2.0 redirect_uri_mismatch error for cross-client single-sign on

问题描述

推荐答案

相关文章

其他开发最新文章

热门教程

热门工具

登录关闭

跨客户端单点登录的Google OAuth 2.0 redirect_uri_mismatch错误 [英] Google OAuth 2.0 redirect_uri_mismatch error for cross-client single-sign on

问题描述

推荐答案

相关文章

其他开发最新文章

热门教程

热门工具

登录 关闭

登录关闭