stackoom
  简体   繁体   中英

how to handle redirect_uri_mismatch error when Android app obtains offline access for Web back-end?

 原文  2015-05-12 15:00:26       android/ oauth-2.0/ google-oauth

Question

I wanted to implement a flow described in this question:

Authenticating with OAuth2 for an app *and* a website

Google solution for this requirement was described in here:

https://developers.google.com/identity/protocols/CrossClientAuth#offlineAccess

I followed this guide but unfortunately when I use the authorization code in backend to get access to the token and refresh the token from google, google throw this error: 

{
  "error": "invalid_request",
  "error_description": "Missing parameter: redirect_uri"
}

redirect_uri has no meaning for this situation because the client-side is android.

There is also some advice who they said use "postmessage" as redirect uri or use http://localhost as redirect uri or add server address in redirect URIs in your google app console, but none works for this flow.

3 answers

solution1
 3  2017-06-22 18:02:16

Spend two days and researched almost all issues on stackoverflow and google before deeply investigated AppAuth library ( https://openid.github.io/AppAuth-iOS/ and https://openid.github.io/AppAuth-Android/ ) and finally found an answer.

So, there are two rules I've found:

  1. redirect_uri should be one of :

    • your app bundle_id or package_name + :/ or :// + *your_path* (for example com.example.myapp://google_auth )
    • your client_id in reverse DNS form + :/ or :// + *your_path* (for example com.googleusercontent.apps.*account_id*:/my_path )

  2. redirect_uri in initial authorization code request ( https://accounts.google.com/o/oauth2/v2/auth ) and in authorization code exchange request ( https://www.googleapis.com/oauth2/v4/token ) must be totally the same

solution2
 1 ACCPTED  2015-05-12 15:00:26

I spend many times for solving this problem and this tool ( https://developers.google.com/oauthplayground ) has been provided by google makes me more miss lead because it was designed for main web flow and access token been generated by this tool was different and needs redirect uri. (even if using bearer token type and using client id and secret) after all I user empty string ("") as redirect url and finally I succeed to get access token through server side.

solution3
 1  2015-05-12 16:25:28

空白应该可用,或者您也可以使用已安装的应用重定向URI:'urn:ietf:wg:oauth:2.0:oob'-请参见https://developers.google.com/identity/protocols/OAuth2InstalledApp

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Goole Sign for iOS or Android with offline access, server always get redirect_uri_mismatch redirect_uri_mismatch error when enabling server side access to Google API how to correct this error "Error redirect_uri_mismatch"? Obtaining offline access for Web back-end using GoogleAuthUtil Weibo redirect_uri_mismatch Google+ login redirect_uri_mismatch error Google Oauth 2.0 : Error redirect_uri_mismatch flutter? What is the role of the redirect URI in the context of a mobile Android application using own back-end API? Android app with remote server back-end? redirect_uri_mismatch error during server authorization for Google Play Games
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM