Google授权的重定向URI [英] Google Authorized redirect URIs

问题描述

假设我的应用的主域位于 https://www.example.com

Let's say my app's main domain is at https://www.example.com

应用将有很多实例，即

https://www.example.com/client1

https://www.example.com/client2

https://www.example.com/client3

< ..>

为了对我的应用进行OAuth2身份验证，我目前具有这样的重定向URI:

In order to have OAuth2 authentication against my app, I currently have redirect URIs as such:

https://www.example.com/client1/SignInGoogle

https://www.example.com/client2/SignInGoogle

是否可以为所有这些客户端添加一个授权的重定向URI?即

Is there a way to add one Authorized redirect URI for all of these clients? i.e.

https://www.example.com/ *

或

https://www.example/com/ */SignInGoogle

https://www.example/com/*/SignInGoogle

还是这个URI必须与 exact 完全匹配?

Or does this URI has to be the exact match?

推荐答案

如果您查看Google Developer Console

If you look at the Google Developer console

1. 必须具有协议(HTTP/HTTPS)
2. 不能包含URL片段(#)
3. 不能包含相对路径.
4. 不能是公共IP地址.

Relitve与绝对URI的示例

Examples of Relitve vs Absolute URIs

Relative URI    Absolute URI
about.html      http://WebReference.com/html/about.html
tutorial1/          http://WebReference.com/html/tutorial1/
tutorial1/2.html    http://WebReference.com/html/tutorial1/2.html
/                   http://WebReference.com/
//www.internet.com/ http://www.internet.com/
/experts/           http://WebReference.com/experts/
../                 http://WebReference.com/
../experts/         http://WebReference.com/experts/
./about.html    http://WebReference.com/html/about.html

您想要做的是相对URI.您需要记住的是，身份验证服务器不过是Web服务.如果您无法从普通的Web浏览器访问重定向URI，则身份验证服务器也无法.

What you want to do is something like a Relative URI. What you need to remember is that an Authentication server is nothing but a web service. If you cant access the redirect URI from a normal web browser the authentication server cant either.

因此，您不能完全匹配它.

So no you cant do that it has to match exactly.

这篇关于Google授权的重定向URI的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！