0

I'm trying to setup a simple Rails application with OmniAuth using google auth.

When running the application on heroku, I get the following error when I try to access the oauth route, either directly or via redirect:

redirect_uri_mismatch

Request details:

access_type=offline
client_id=631910956855-pbglluk1ofb6vjmub9a0fucs8b0r5map.apps.googleusercontent.com
redirect_uri=http://stock-scraper-rails.herokuapp.com/auth/google_oauth2/callback
response_type=code
scope=email profile
state=94be59d4d241b70c83406ce59c36e7fc8d50279c

Works perfectly fine locally. I tried using a ngrok tunnel, and it also works.

Full url: https://accounts.google.com/o/oauth2/auth?access_type=offline&client_id=631910956855-pbglluk1ofb6vjmub9a0fucs8b0r5map.apps.googleusercontent.com&redirect_uri=https%3A%2F%2Fstock-scraper-rails.herokuapp.com%2Fauth%2Fgoogle_oauth2%2Fcallback&response_type=code&scope=email+profile&state=ac4cf27b4e2b534d854136ad25a102e2c1ff772d07dc84b8

My app is hosted on http://stock-scraper-rails.herokuapp.com You could go to /auth/google_oauth2 to see the error yourself.

I've search a bit but couldn't solve the problem. Here's what I already tried/did, but didn't solve the problem:

  • added domain to authorized domains
  • some answers to similar problems suggested waiting, because sometimes it takes google a while for google to update changes to domain. However, I have waited several hours already and the error persists
  • double/triple checked if my environment variables where correct on Heroku
  • checked Heroku log; there's no error there
  • setting OmniAuth.config.full_host manually

Callback route:

get '/auth/google_oauth2/callback', to: 'auth#oauth_callback'

I'm not using devise, by the way. Currently I simply want the controller do store some data in the session:

class AuthController < ApplicationController

  def oauth_callback
    authentication_google_data = request.env['omniauth.auth'].except(:extra)
    user_email = authentication_google_data['info']['email']
    # rest ommited
  end
end

OmniAuth configuration:

Rails.application.config.middleware.use OmniAuth::Builder do
  provider :google_oauth2, ENV['GOOGLE_CLIENT_ID'], ENV['GOOGLE_CLIENT_SECRET']
end

Relevant gems versions:

  • rails (6.0.2.1)
  • omniauth (1.9.0)
  • omniauth-google-oauth2 (0.8.0)
  • omniauth-oauth2 (1.6.0)

Also tried to downgrade omniauth-oauth to 1.3.1, because read that there was a version causing a similar issue, with no success.

Any other ideas on what I could try would be very helpful :)

Improve this question

1 Answer 1

Reset to default
0

I figured out what the problem was. On the google developer console for my app, on OAuth 2.0 Client IDs, I had created an ID with type "Other" instead of "Web application".

Creating a new one on https://console.cloud.google.com/apis/credentials?project=myproject with the type "Web application" and adding the callback url (both http and https) to Authorized redirect URIs solved the problem.

enter image description here

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.