Google login in redirect loop using HybridAuth

Question

I am using atticmedia/anvard package in laravel for social login. Login for the facebook works fine, but when I login using google, it stays in a redirect loop. The google login page is successfully shown and when i have given access it redirects back to http://domain.com/endpoint?hauth.done=Google&code=XXXX#

I have no idea why is this not working. Any help would be appreciated. Thanks.

Answer 1

Basic steps

Protocol Flow

 +--------+                               +---------------+
 |        |--(A)- Authorization Request ->|   Resource    |
 |        |                               |     Owner     |
 |        |<-(B)-- Authorization Grant ---|               |
 |        |                               +---------------+
 |        |
 |        |                               +---------------+
 |        |--(C)-- Authorization Grant -->| Authorization |
 | Client |                               |     Server    |
 |        |<-(D)----- Access Token -------|               |
 |        |                               +---------------+
 |        |
 |        |                               +---------------+
 |        |--(E)----- Access Token ------>|    Resource   |
 |        |                               |     Server    |
 |        |<-(F)--- Protected Resource ---|               |
 +--------+                               +---------------+

                 Figure 1: Abstract Protocol Flow

The abstract OAuth 2.0 flow illustrated in Figure 1 describes the interaction between the four roles and includes the following steps:

(A) The client requests authorization from the resource owner. The authorization request can be made directly to the resource owner (as shown), or preferably indirectly via the authorization server as an intermediary.

(B) The client receives an authorization grant, which is a credential representing the resource owner's authorization, expressed using one of four grant types defined in this specification or using an extension grant type. The authorization grant type depends on the method used by the client to request authorization and the types supported by the authorization server.

(C) The client requests an access token by authenticating with the authorization server and presenting the authorization grant.

(D) The authorization server authenticates the client and validates the authorization grant, and if valid, issues an access token.

(E) The client requests the protected resource from the resource server and authenticates by presenting the access token.

(F) The resource server validates the access token, and if valid, serves the request.

Answer

You must have redirected the user to authorisation and after authroisation user is redirected to callback url provided. Its your Callback URL for your application basically you have completed the step number 4 of Protocol Flow

Answer 2

Apparently you need to enable Google+ and Contacts API in the APIs google console. Wandered two days and this was the issue. I feel so stupid. But seems like this information isnt mentioned much in the internet.