Google OAuth 2.0 "error" : "redirect_uri_mismatch"

Unstaged picture Unstaged · Feb 4, 2015 · Viewed 63.7k times · Source

I spend already one day, crashed one glass and I am really angry about it, I do not understand what google want from me, and what is wrong.

I've enabled Google+ Api in developers console google_ api enabled , created new OAuth Client ID client id

    $ch = curl_init('https://accounts.google.com/o/oauth2/token');
curl_setopt($ch,CURLOPT_POSTFIELDS,'code=4%2FPp1GWqC6PIr3wNYrZ5kK4T9oitxBoo0fBqBrVNQfE-g.ElKDUjQ7E28SoiIBeO6P2m-0RPaolgI&grant_type=authorization_code&redirect_uri=https%3A%2F%2Fmyprivatedomain.local.com%2Foauth2callback&client_id=%mycliet_id%&client_secret=%mysecret%');
curl_setopt($ch,CURLOPT_POST,1);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'POST');
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HEADER, true);
var_dump(curl_exec($ch));

created all like in instructions here: https://developers.google.com/+/web/signin/server-side-flow, gplus button appear on page, and it successfully request access for authorized user. but when I made step 8 Step 8: Initialize the Google API client library and start the Google+ service my request every time get response "error" : "redirect_uri_mismatch"

I know, that this error appear when you do not registered redirect_uri in Google Console, or when you make a type mistake in it, but I registered it, and also just for testing tried to setup different urls (changed domain names, changed protocols from https to https), but it never working! I have no idea what else I can check, please advice at least something.

Answer

Hans Z. picture Hans Z. · Feb 4, 2015

The docs say in Step 1. https://developers.google.com/+/web/signin/server-side-flow#step_1_create_a_client_id_and_client_secret that there must be no redirect URIs configured, only "Authorized JavaScript origins". In the authorization request and the token exchange, the redirect_uri parameter value should be set to postmessage.

Edit: Prior art on this: Google OAuth 2 authorization - Error: redirect_uri_mismatch