We are using google as OAuth2 client in our application which is using PHP yii2 framework.While preparing authorization request the redirect_uri gets configured correctly in the buildAuthUrl() method (OAuth2.php) and users get authorized as expected. Now, when we try to exchange the code for an accessToken from Google Server the redirect_uri somehow gets appended with the scope like this => http://cms.local.com/user/auth/login?authclient=google&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.profile. When we send this request to google we get an HTTP 400 error with message redirect_uri_mismatch. Weird thing is that it has been working just fine until yesterday and then suddenly we started receiving the above mentioned error from Google (We have not changed the URIs in our Project in Google Dev Console, we double checked everything). What could have caused this sudden mismatch? Any help would be highly appreciated. Thanks
0
votes
1 Answers
0
votes
This happened because of defautlReturnUrl() method of "yii-authclient" library. The 'scope' was not getting unset from the redirect_uri and hence Google threw HTTP 400 bad request error. This could be avoided by following below approaches :
- setting up the returnUrl explicitly in the component configuration where we specify client_id, client_secret etc.
- In defaultReturnUrl(), unset['scope'] along with 'code' and 'state'.
redirect_uri
in your google console and yourAuthorised origins
– Muhammad Omer AslamfetchAccessToken()
method, the uri which the library is configuring is not correct which is leading to the error. – viks1010local.com
is not local, andcms.local.com
is not resolving in DNS servers. – Jørgen