Why is Google Oauth returning `invalid redirect_urI` in my Rails app?

ruby-on-rails oauth
Andy Harvey picture Andy Harvey · Apr 18, 2012 · Viewed 68.7k times · Source

I'm adding Google Oauth2 to a Rails app, but have been unable to get past the early stages.

I've set up an app, and defined client ID and secret.But I'm getting Invalid parameter value for redirect_uri: Non-public domains not allowed: http://localhost/path/to/callback

What does this mean? Is this because I'm testing on a local dev environment?

Thanks for any ideas.

EDIT

This might be because the app's URI differs from the sending URI. But when I go to Google and try to authorize the path to my dev app, I get OAuth2 redirect is invalid. Is this a limitation of using a locally hosted app?

EDIT 2

The request I'm generating looks like this:

https://accounts.google.com/o/oauth2/auth?response_type=code&client_id=###########&redirect_uri=http%3A%2F%2Fmyapp.dev%2Fusers%2Fauth%2Fgoogle_oauth2%2Fcallback&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.profile&approval_prompt=&access_type=offline

Is this correct. I've tried this with client_id including and excluding the .apps.googleusercontent.com section. Neither seems to work.

Answer

Oisin picture Oisin · Aug 17, 2012

I was getting the redirect error for my python / tornado app running on ubuntu. Using localhost didn't work as the accepted answer highlighted. Google wants a public domain.

My solution was to piggyback "example.com" which is public and create a sub domain in my /etc/hosts file. The sub domain would work on my local dev box and google would be happy with the example.com domain. I registering the redirects via the google console and the redirect worked successfully for me.

I added the following to my /etc/hosts:

192.168.33.100   devbox  devbox.example.com

In my case the IP was that of my machine. I could also have used 127.0.0.1 instead.

My Google API console (https://code.google.com/apis/console) set up for a new client ID was:

Related questions

where is devise implementation of "authenticate_user!" method?

Where is devise implementation of authenticate_user! method? I have been looking for it and have not found it so far.

Read More
Keep getting OAuth::Unauthorized error when using oauth and twitter ruby gems

I am using the ruby twitter gem and oauth to gain access to users twitter accounts. In my code, I have: unless @user.twitter_authd? oauth = Twitter::OAuth.new('token', 'secret') session[:twitter_request_token] = oauth.request_token.token session[:…

Read More
Refresh token using Omniauth-oauth2 in Rails application

I am using omniauth-oauth2 in rails to authenticate to a site which supports oauth2. After doing the oauth dance, the site gives me the following, which I then persist into the database: Access Token Expires_AT (ticks) Refresh token Is …

Read More