0

I am getting Signet::AuthorizationError in LoginController#callback and Authorization failed. Server message: { "error" : "redirect_uri_mismatch" } on the line auth_client.fetch_access_token! when I click "Allow" on the OAuth screen and execute my callback method during the OAuth process.

I have checked out this: Google OAuth 2 authorization - Error: redirect_uri_mismatch, but I still can't figure it out.

I am trying to get a login with Google set up like this:

  1. User goes to /login and clicks on the "sign in with google" button.
  2. The Google login prompt comes up, user signs in with Gmail, and then gets redirected to /home.

I have the following uris in my web application credentials in Google consoles:

  1. http://localhost:3000
  2. http://localhost:3000/login/callback
  3. http://localhost/login/callback
  4. http://localhost

routes.rb

get '/home' => 'home#index'
get '/login' => 'login#prompt'
get '/login/callback' => 'login#callback'

login_controller.rb

require 'google/api_client/client_secrets'

class LoginController < ApplicationController
  GOOGLE_CLIENT_SECRET_FILE = Rails.root.join('config/google_oauth2_secret.json')

  def prompt
    if session[:credentials]
      redirect_to '/home'
    else
      auth_client = get_auth_client
      auth_client.update!(
        :scope => ['profile', 'email'],
        :redirect_uri => 'http://localhost:3000/login/callback'
      )
      @auth_uri = auth_client.authorization_uri.to_s
      render layout: false
    end
  end

  def callback
    auth_client = get_auth_client
    auth_client.code = request['code']
    auth_client.fetch_access_token!
    auth_client.client_secret = nil
    session[:credentials] = auth_client.to_json
    redirect_to '/home'
  end

  private

  def get_auth_client
      Google::APIClient::ClientSecrets.load(GOOGLE_CLIENT_SECRET_FILE).to_authorization
  end
end

I also have a concern. In my prompt method, how do I verify that session[:credentials] is the correct session code? Couldn't anyone just put some bogus string into the credentials session and gain access?

I have been following this guide: https://developers.google.com/api-client-library/ruby/auth/web-app

Improve this question

2 Answers 2

Reset to default
1

This happens because localhost is not a valid domain name. Instead of using localhost, you need to use lvh.me

In Google consoles the url will become 

http://lvh.me:3000

http://lvh.me:3000/login/callback

Trying accessing your application in the browser using http://lvh.me:3000 instead of http://localhost:3000

lvh.me is a valid domain name with is pointing to 127.0.0.1

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

I realize the issue is I am setting the scope in the prompt function when I am generating the auth uri but in my callback function, I am not setting the scope.

It should be like this:

  def callback
    auth_client = get_auth_client
    auth_client.update!(
      :scope => ['profile', 'email'],
      :redirect_uri => 'http://localhost:3000/login/callback'
    )
    auth_client.code = request['code']
    auth_client.fetch_access_token!
    auth_client.client_secret = nil
    session[:credentials] = auth_client.to_json
    redirect_to '/home'
  end
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.