Google Oauth Error: redirect_uri_mismatch

Question

I'm trying to use google Oauth 2 to authenticate with google calendar API for a web server running on AWS EC2.

When I generated the credentials I selected 'OAuth Client ID' and then 'Web Application'. For the Authorised redirect URIs I have entered:

http://ec2-XX-XX-XX-XXX.eu-west-1.compute.amazonaws.com (I've blanked out the IP of my EC2 instance). I have checked this is the correct URL that I want the callback to go to.

The link that is generated in the server logs is of the form:

https://accounts.google.com/o/oauth2/auth?access_type=offline&client_id=XXXXXXXXXXXX-XXXXXXXXXXXXXX.apps.googleusercontent.com&redirect_uri=http://localhost:47258/Callback&response_type=code&scope=https://www.googleapis.com/auth/calendar.readonly

When I follow the link I get the error 'Error: redirect_uri_mismatch'.

I've read this SO question and have checked that I am using HTTP and there is no trialing '/'

I suspect that the URL generated should not have 'localhost' in it but I've reset the client_secret.json several times and each time I restart tomcat with the new client secret I still get a link with localhost but just over a different port.

Locally, I had selected Credentials type of 'other' previously and was not given an option for the Authorised redirect URI. I did try this for the EC2 instance but this won't give me the control I want over the redirect URI and sends the redirect over localhost.

Answer 1

Google throws redirect_uri_mismatch when the uri (including ports) supplied with the request doesn't match the one registered with the application.

Make sure you registered the Authorised redirect URIs and Authorised JavaScript origins on the web console correctly.

This is a sample configuration that works for me.