I'm trying to use oauth with Google in ASP.NET MVC 5.
In Google's developer console I put for the redirect uri:
www.mydomain.com/account/externallogincallback
and thought that this will do. But it didn't.
I put:
www.mydomain.com/signin-google
and it worked!
I tried to search the string "signin-google" in my project but couldn't find it anywhere.
Can someone tell me what is going on? why is that so? thanks.
I am too lazy to write a properly formatted answer, I placed these comments in code for myself to remember how to resolve this issue. It is not really an issue, just something I never bothered to read properly :) But this is what you can do to make it work. There 2 options how you can do it. I have tried both and both options work just fine. I went with the first one for now, it really doesnt matter. Here are my comments in Startup.Auth.cs file.
// My notes to resolve Google Error: redirect_uri_mismatch error
// By default GoogleOAuth2AuthenticationOptions has CallbackPath defined as "/signin-google"
// https://msdn.microsoft.com/en-us/library/microsoft.owin.security.google.googleoauth2authenticationoptions(v=vs.113).aspx
// But the real path should be Controller/Action: for this application it is "/Account/ExternalLoginCallback"
// There are 2 ways to define it properly:
// 1) Add a new route in RouteConfig.cs that will map "/signin-google" into "/Account/ExternalLoginCallback":
// routes.MapRoute(name: "signin-google", url: "signin-google", defaults: new { controller = "Account", action = "ExternalLoginCallback" });
// Remember, in Google Developers Console you must have your "/signin-google" redirect URI, since that is what your app sends to Google
// 2) Completely overwrite built-in "/signin-google" path.
// Owerwrite CallbackPath right here by adding this line after ClientSecret:
// CallbackPath = new PathString("/Account/ExternalLoginCallback")
// Remember, in Google Developers Console you must have "/Account/ExternalLoginCallback" redirect URI, since now that is what your app sends to Google
app.UseGoogleAuthentication(new GoogleOAuth2AuthenticationOptions()
{
ClientId = "xxxxxxxxxxxxxxxxxxxx",
ClientSecret = "xxxxxxxxxxxxxxxxxxxxxxxx"
});
googleOptions.CallbackPath needs to be registered with Google Cloud Console. It is used for OAuth middleware in .NET to listen to responses back from Google once the user is authenticated..NET is signin-google as mentioned by the answer above and the doc here: https://learn.microsoft.com/en-us/previous-versions/aspnet/dn800251(v=vs.113)Authorized redirect URIs. But in .NET this is called googleOptions.CallbackPath..NET RedirectUri. It serves the purpose of being called by the Google callBack Path..NET RedirectUri is different than googleOptions.CallbackPath, i.e. Authorized redirect URIs on Google Cloud Console, and does not need to be whitelisted on Google Cloud Console.Authorized redirect URIs in Google Cloud Console it takes minutes to even hours for it to take effect, so can be hard to tell which is which.
