简体繁体 English

使用 Google OAuth2 将 Node.js 应用程序部署到 Heroku 时出现 redirect_uri_mismatch

[英]I'm getting a redirect_uri_mismatch when deploying my Node.js app to Heroku using Google OAuth2

原文 2022-06-17 17:17:53 4 1 node.js/ google-oauth/ gmail-api

I'm tasked with making a server using Node.js which will read emails from a Google account and parse the content from those emails into data we can store in a database.我的任务是使用 Node.js 创建一个服务器，它将读取来自 Google 帐户的电子邮件并将这些电子邮件中的内容解析为我们可以存储在数据库中的数据。 I'm using Google's googleapis package (v103.0.0) in NPM to authenticate/authorize with whichever account we'd like to use.我在 NPM 中使用 Google 的googleapis包 (v103.0.0) 来验证/授权我们想要使用的任何帐户。

The issue comes when we try to switch accounts and have the user re-auth.当我们尝试切换帐户并让用户重新授权时，问题就出现了。 During development on a local machine, the Auth process works as expected:在本地机器上开发期间，Auth 过程按预期工作：

The client requests an Auth URL.客户端请求一个 Auth URL。
The server generates a new Auth URL and sends it back to the client.服务器生成一个新的 Auth URL 并将其发送回客户端。
The client redirects to that URL and the Google Consent Screen is shown.客户端重定向到该 URL 并显示 Google 同意屏幕。
The client is asked to choose between logged-in Google accounts.要求客户在已登录的 Google 帐户之间进行选择。
The client authorizes the application and is redirected back to the server with a code.客户端授权应用程序并使用代码重定向回服务器。
The server uses the code to generate/save a token, which allows it to use the Gmail API.服务器使用代码生成/保存令牌，从而允许它使用 Gmail API。

However, after deploying to Heroku, the Google Consent Screen no longer allows the user to select an account.但是，在部署到 Heroku 后，Google 同意屏幕不再允许用户选择帐户。 Instead, at step 3, it shows this message .相反，在第 3 步，它会显示此消息。 In just about every other question related to this error, there's always additional information below the error code/message, but nothing's there for me.在与此错误相关的几乎所有其他问题中，错误代码/消息下方总是有其他信息，但对我来说什么都没有。 I made sure: (1) the domain I'm using in Heroku is verified on the Google Cloud Console, and (2) the redirect_uri within the Node.js application is passing the correct domain to the Auth URL, even while in production.我确保：(1) 我在 Heroku 中使用的域在 Google Cloud Console 上得到验证，并且 (2) Node.js 应用程序中的 redirect_uri 将正确的域传递给 Auth URL，即使在生产中也是如此。

I can't provide the URL for privacy reasons, but let me know if there's any source code or Cloud Console info I should include.出于隐私原因，我无法提供网址，但如果我应该包含任何源代码或 Cloud Console 信息，请告诉我。

1 个解决方案

It didn't take long after posting this question, but I realized I was using an incorrect OAuth 2.0 Client ID type.发布此问题后不久，我意识到我使用了不正确的 OAuth 2.0 客户端 ID 类型。 I was attempting to use "Desktop" when I should've been using "Web application" instead.当我应该使用“Web 应用程序”时，我试图使用“桌面”。 Take a look at this image to see the difference.看看这张图片，看看有什么不同。

When you select "Web application", you're given some new options: Authorized JavaScript origins, and Authorized redirect URIs.当您选择“Web 应用程序”时，您会看到一些新选项：授权的 JavaScript 来源和授权的重定向 URI。 This is where you need to fill out the allowed URIs.这是您需要填写允许的 URI 的地方。 Here's a sample of what that should look like.这是应该是什么样子的示例。