How to use Google OAuth2.0 without out-of-band (OOB)
I have created new OAuth 2.0 Client IDs (application type = Desktop app). Then downloaded the OAuth client JSON file. Put the file into the folder where my code is looking. When I run the code locally on my PC it`s try to open following URL:
https://accounts.google.com/o/oauth2/auth?client_id={my_client_id}&redirect_uri=http%3A%2F%2Flocalhost%3A8080%2F&scope={my_scope}&access_type=offline&response_type=code
and that is what I expect. Since the downloaded OAuth client has the parameter "redirect_uris":["http://localhost"]. So I expected the same thing when I ran this same code on the ubuntu server, but nope. The URL it proposes me visit is
https://accounts.google.com/o/oauth2/auth?client_id={my_client_id}&redirect_uri=urn%3Aietf%3Awg%3Aoauth%3A2.0%3Aoob&scope={my_scope}&access_type=offline&response_type=code
And here is the problem, I don't understand what I have to do to make my server pass this authorization.
I already tried to manually change this parameter of redirect_uris before visiting the destination to the same one I had on my local computer - to http%3A%2F%2Flocalhost%3A8080%2F, but I got this error in the browser:
Who can help me? What should I do?
Developers using installed applications need to stitch to using IP flow.
Loopback IP address (macOS, Linux, Windows desktop)
A key point on that page is
To receive the authorization code using this URL, your application must be listening on the local web server.
So as directed you would use http://127.0.0.1:port or http://[::1]:port The fact that you are getting a page not found is working as intended as you just have not set up the local web server as directed in the documetnation.
The authorization code needed for authorization can still be found in the URL browser. Currently this is the only information we have from Google and there is no other solution.
- Error 400: invalid_scope with Postman and Google OAuth2
- Issues Adding SMTP.Send Permission to Azure Application for Office 365 SMTP
- PHP - How to get OAuth 2.0 Token
- UPS Outh Rating API return Invalid Authentication Information
- How to store sensitive data in React Native or expo code ? ( with Keychain and Keystore )
- How to get Optum sandbox to authenticate with OAuth 2.0 using Java and okhttp
- Spring Boot redirection back to login page
- New Google place api using google OAuth, ask failed to refresh token
- Getting OAuth code challenge on loopback server
- How do I solve audience (aud) invalid claim error for downstream api service?
- oauth 2 parameters can only have a single value: scope
- #oauth2 security expressions on method level
- Calling spring authorization server OAuth2 REST endpoints
- Google AdWords API authorization raising AdsCommon::Errors::AuthError
- Google OAuth 2 Error 400: redirect_uri_mismatch but redirect uri is compliant and already registered in Google Cloud Console
- Passport - Node.js not returning Refresh Token
- AWS Cognito: Missing Scopes in Access Token with Custom UI and Device Remember Functionality for MFA
- Cross-client Google OAuth: Get auth code on iOS and access token on server
- How to generate GOOGLE_CLIENT_ID and GOOGLE_CLIENT_SECRET without a domain?
- Spring Gateway and OAuth
- OAuth Client Credential Flow - Refresh Tokens
- Django OAuth2 Authentication Failing in Unit Tests - 401 'invalid_client' Error
- Add OAuth authentication for HTTP request triggers
- OAuth2 implementation and user management Django
- How to enable a submit button if form fields are auto-filled by the browser using saved credentials on page load?
- AADSTS70000 Error When Requesting for Access Token
- Is storing an OAuth token in cookies bad practice?
- Spring OAuth2 client performs Back-Channel Logout with an expired ID token
- I/O error on GET request for "https://localhost/application/o/{name}/.well-known/openid-configuration": Connection refused
- Restrict Microsoft Azure App OAuth2.0 to Internal Users