Search code examples
phpgoogle-chromefirefoxoauth-2.0google-oauth

"redirect_uri_mismatch" error, automatically appended with "www" - Google OAuth2

I've setup a redirect_uri with publicly hosted domain name (not localhost). And it is working for most of the people, including me, but showing error "redirect_uri_mismatch" for my cousin.

  1. That’s an error.

Error: redirect_uri_mismatch

The redirect URI in the request, http://www.domainname.com/src/oauth2callback.php, does not match the ones authorized for the OAuth client. To update the authorized redirect URIs, visit: https://console.developers.google.com/apis/credentials/oauthclient/123456-9nq218mchl4n9dj474v0821g7umko6fp.apps.googleusercontent.com?project=123456

Learn more Request Details

That’s all we know.

Since I couldn't replicate the issue from my side,

  1. I asked him to clear cache from "All the time".
  2. Restarted the system and opened single session of the browser with incognito mode and tried to login.
  3. Tried with different device like from phone with different ISP.

None of the steps solved the issue. It's showing inconsistent behavior of succeeding few attempts.

What other reasons could it be to get "redirect_uri_mismatch" error? Is that an issue in my code or from Google. I'm using "php" for this application.

Thank you.

Update : Got the reason for error

I've built redirect URL like this.

$client->setRedirectUri('http://' . $_SERVER['HTTP_HOST'] . '/src/oauth2callback.php');

And have registered Redirect URL as

http://domainname.com/src/oauth2callback.php

But when my cousin clicks on login button, the Redirect URL has been built with "www" appended before domain name, like, http://www.domainname.com/src/oauth2callback.php.

He was using 63.0 version of Firefox. After updating firefox, it was 64.0 which is same as mine. Even though the Redirect URL was appended with "www". However adding another URL with "www" as http://www.domainname.com/src/oauth2callback.php solved the problem.

May I know the actual reason for this auto appending behavior which is not happening in my browser?

Thank you.

Solution

  • Found the reason. The same code

    $client->setRedirectUri('http://' . $_SERVER['HTTP_HOST'] . '/src/oauth2callback.php');

    was appending "www" before the domain name for my cousin,

    http://www.domainname.com/src/oauth2callback.php

    and the same was not appending "www" for me.

    http://domainname.com/src/oauth2callback.php

    And the redirect URL was registered without "www". Now I registered both URL's with and without "www" and it's working fine now.