Google oAuth:redirect_uri_mismatch
[英]Google oAuth: redirect_uri_mismatch
問題描述
嘗試從Google獲取oAuth令牌時,我們收到“ redirect_uri_mismatch”錯誤:
[client 127.0.0.1:49892] {\n "error" : "redirect_uri_mismatch"\n}, referer: `http://localhost/oAuth/chess-login.html`
使用了兩個文件:Chess-login.html和plus.php(下面的代碼)。
Google API具有以下URI:
http://localhost/oAuth/chess-login.html
誰能指出解決方案?
plus.php:
<?php
$client_id = "XXX.apps.googleusercontent.com"; //your client id
$client_secret = "XXX"; //your client secret
$redirect_uri = "http://localhost/chess-login.html";
$scope = "https://www.googleapis.com/auth/plus.login"; //google scope to access
$state = "profile"; //optional
$access_type = "offline"; //optional - allows for retrieval of refresh_token for offline access
if(isset($_POST['results'])){
$_SESSION['accessToken'] = get_oauth2_token($_POST['results']);
}
//returns session token for calls to API using oauth 2.0
function get_oauth2_token($code) {
global $client_id;
global $client_secret;
global $redirect_uri;
$oauth2token_url = "https://accounts.google.com/o/oauth2/token";
$clienttoken_post = array(
"code" => $code,
"client_id" => $client_id,
"client_secret" => $client_secret,
"redirect_uri" => $redirect_uri,
"grant_type" => "authorization_code"
);
$curl = curl_init($oauth2token_url);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, $clienttoken_post);
curl_setopt($curl, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
$json_response = curl_exec($curl);
error_log($json_response);
curl_close($curl);
$authObj = json_decode($json_response);
if (isset($authObj->refresh_token)){
//refresh token only granted on first authorization for offline access
//save to db for future use (db saving not included in example)
global $refreshToken;
$refreshToken = $authObj->refresh_token;
}
$accessToken = $authObj->access_token;
return $accessToken;
}
?>
國際象棋的login.html:
<!DOCTYPE html>
<html>
<html itemscope itemtype="http://schema.org/Article">
<head>
<!-- BEGIN Pre-requisites -->
<script src="//ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js"></script>
<script type="text/javascript">
(function () {
var po = document.createElement('script');
po.type = 'text/javascript';
po.async = true;
po.src = 'https://plus.google.com/js/client:plusone.js?onload=start';
var s = document.getElementsByTagName('script')[0];
s.parentNode.insertBefore(po, s);
})();
</script>
<!-- END Pre-requisites -->
</head>
<body>
<div id="signinButton">
<span class="g-signin"
data-scope="https://www.googleapis.com/auth/plus.login"
data-clientid="XXX.apps.googleusercontent.com"
data-redirecturi="postmessage"
data-accesstype="offline"
data-cookiepolicy="single_host_origin"
data-callback="signInCallback">
</span>
</div>
<div id="result"></div>
<p id="onSignInText"></p>
</body>
<!-- Last part of BODY element in file index.html -->
<script type="text/javascript">
function signInCallback(authResult) {
if (authResult['code']) {
// Hide the sign-in button now that the user is authorized, for example:
$('#signinButton').attr('style', 'display: none');
//document.getElementById("onSignInText").innerHTML = "Sign in successful";
$.post("plus.php", {results: authResult['code']},
function(data){alert(data); });
// Send the code to the server
$.ajax({
type: 'POST',
url: 'plus.php?storeToken',
contentType: 'application/octet-stream; charset=utf-8',
success: function(result) {
// Handle or verify the server response if necessary.
// Prints the list of people that the user has allowed the app to know
// to the console.
console.log(result);
if (result['profile'] && result['people']){
$('#results').html('Hello ' + result['profile']['displayName'] + '. You successfully made a server side call to people.get and people.list');
} else {
$('#results').html('Failed to make a server-side call. Check your configuration and console.');
}
},
processData: false,
data: authResult['code']
});
} else if (authResult['error']) {
// There was an error.
// Possible error codes:
// "access_denied" - User denied access to your app
// "immediate_failed" - Could not automatially log in the user
// console.log('There was an error: ' + authResult['error']);
}
}
</script>
</html>
1 個解決方案
解決方案1
6 2014-11-09 07:25:12
您應該在服務器中設置redirect_uri以使其與客戶端中的data-redirecturi="postmessage"相匹配(您的流程不需要重定向 ,因此不會使用Google API控制台中的值...)
. . .
$clienttoken_post = array(
"code" => $code,
"client_id" => $client_id,
"client_secret" => $client_secret,
"redirect_uri" => "postmessage", // <== Change here!
"grant_type" => "authorization_code"
);
. . .
Google OAuth 2 - redirect_uri_mismatch錯誤,但API設置中的重定向URI是正確的
[英]Google OAuth 2 - redirect_uri_mismatch error but the redirect URI in API settings is proper
Google OAuth 2 auth - 錯誤:redirect_uri_mismatch甚至在注冊uri之后
[英]Google OAuth 2 auth - Error: redirect_uri_mismatch even after registered uri
當每個可能的 URI 都在控制台中時,Google OAuth2 PHP 客戶端 redirect_uri_mismatch
[英]Google OAuth2 PHP client redirect_uri_mismatch when every possible URI is in console
redirect_uri_mismatch oauth Google登錄artdarek / oAuth-4-laravel
[英]redirect_uri_mismatch oauth google login artdarek/oAuth-4-laravel
使用HybridAuth的PHP Web應用程序的Google Oauth2 redirect_uri_mismatch
[英]Google Oauth2 redirect_uri_mismatch for PHP Web Application Using HybridAuth
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.
相關問題
Google | OAuth 400 redirect_uri_mismatch
Google OAuth 2 - redirect_uri_mismatch錯誤,但API設置中的重定向URI是正確的
谷歌:“錯誤 400:redirect_uri_mismatch”
Google OAuth 2 auth - 錯誤:redirect_uri_mismatch甚至在注冊uri之后
當每個可能的 URI 都在控制台中時,Google OAuth2 PHP 客戶端 redirect_uri_mismatch
redirect_uri_mismatch oauth Google登錄artdarek / oAuth-4-laravel
使用HybridAuth的PHP Web應用程序的Google Oauth2 redirect_uri_mismatch
OAuth2-錯誤400:redirect_uri_mismatch
Google OAuth 2 重定向 URI 不匹配
Google Sheets PHP API redirect_uri_mismatch 錯誤
相關標簽