1

I have an asp net core + angular application with Google OAuth support. Google OAuth works perfectly locally, but when I deploy it to heroku and try to log in,I get

"Error 400: redirect_uri_mismatch": If you’re the app developer, make sure that these request details comply with Google policies. redirect_uri: https://boost-project.herokuapp.com/signin-google

My Startup.cs code:

  services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
            .AddGoogle(options =>
            {
                var googleAuthNSection = configuration.GetSection("Google");

                options.ClientId = googleAuthNSection["ClientId"];
                options.ClientSecret = googleAuthNSection["ClientSecret"];
                options.SignInScheme = IdentityConstants.ExternalScheme;
            })

My controller code:

[ApiController]
[Route("api/[Controller]")]
public class AccountController : ControllerBase
{
    [HttpGet("signin-google")]
    public IActionResult GoogleLogin()
    {
        return OAuthLogin("Google");
    }

    private IActionResult OAuthLogin(string providerName)
    {
        // actually boost-project.herokuapp.com for run on heroku
        var host = _configuration["Host"];

        var redirectUrl = Url.Action("OAuthResponse", "Account", null, "https", host).ToLower();

        var properties = _signInManager.ConfigureExternalAuthenticationProperties(providerName, redirectUrl);

        return new ChallengeResult(providerName, properties);
    }

    [HttpGet("oauth-response")]
    public async Task<IActionResult> OAuthResponse()
    {
        var info = await _signInManager.GetExternalLoginInfoAsync();

        if (info == null)
            return BadRequest();

        var result = await _signInManager.ExternalLoginSignInAsync(info.LoginProvider, info.ProviderKey, false);

        // redirect to main page angular app
        if (result.Succeeded)
            return Redirect(_clientUrlOptions.MainPageUrl);

        var user = new AppUser
        {
            Email = info.Principal.FindFirst(ClaimTypes.Email).Value,
            UserName = info.Principal.FindFirst(ClaimTypes.Email).Value
        };

        var identResult = await _userManager.CreateAsync(user);
        if (identResult.Succeeded)
        {
            identResult = await _userManager.AddLoginAsync(user, info);
            if (identResult.Succeeded)
            {
                await _signInManager.SignInAsync(user, false);

                // redirect to main page angular app
                return Redirect(_clientUrlOptions.MainPageUrl);
            }
        }

        return BadRequest();
    }
}

I've double checked my authorized redirect URIs, it's ok. Authorized redirect URIs

Redirect uri from error message are pretty match that i've point in my authorizred uri in google console cloud Google signin error

I am also verified my domain Domain verification

Any type of support/help is appreciated

Thanks

Improve this question

1 Answer 1

Reset to default
0

The redirect Uri must exactly match one that you have set in Google cloud console. Go to Google cloud console and add this as a redirect uri.

https://boost-project.herokuapp.com/signin-google

Make sure there is no trailing slash or trailing space when you add it. for example

https://boost-project.herokuapp.com/signin-google is not the same as https://boost-project.herokuapp.com/signin-google/

Make sure that you have not added http://boost-project.herokuapp.com/signin-google it is not the same as https://boost-project.herokuapp.com/signin-google

This video may help you to understand the error and exactly how to fix it. Google OAuth2: How the fix redirect_uri_mismatch error. Part 2 server sided web applications.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.