Google OAuth Issue


#1

Hey, all-

I’m trying to use Google OAuth in an app I’m developing, but I’m having a few issues, basically it won’t work on my C9 workspace, but it will work on my local machine. The repo I’m following is here: https://github.com/oampo/google-oauth-example.

I’ve attached a couple of screenshots to help illustrate. One shows the 400 error I’m receiving (first img),


the other shows the urls involved (2nd img).

I’m not sure what I’m doing wrong on C9, but if somebody has any idea at all, I’m all ears. Also, if you need more info, let me know, I’m just not sure what else I need to provide right now.

Thanks!
-Jim


#2

From what I can tell, the problem has to do with HTTPS. In your authorized redirect URIs, you have the correct URL set (the second one), but notice the protocol is HTTPS. In the error you’re getting, the protocol is HTTP. The recommended solution here would be to simply change the callback URL you pass in code to use HTTPS, rather than HTTP. If that doesn’t work, could you post in your code where you pass the callback URL?


#3

Thanks, Danny, but is seems that I’m still having that issue. Here is the code in question:

passport.use(new GoogleStrategy({
    clientID:  '37522725082-eu5qiplghm9ccc3dprug6d04quj2hbu0.apps.googleusercontent.com',
    clientSecret: secret,
    callbackURL: process.env.IP + process.env.PORT + "/auth/google/callback"
  },
  function(accessToken, refreshToken, profile, cb) {
      var user = database[accessToken] = {
        googleId: profile.id,
        accessToken: accessToken
    };
    return cb(null, user);
  }
));

As you can see, I’m passing in process.env.IP as my callback URL. Any thoughts as to why it won’t recognize the correct path?


#4

process.env.IP and process.env.PORT evaluate to 0.0.0.0 and 8080, respectively. This means that the callback URL that you send will be relative to the current page, which appears to have been HTTP, and is why you get the weird https://oauth2-jstrother.c9users.io/0.0.0.08080/auth/google/callback. Can you change the callbackURL to the following:

callbackURL: "https://" + process.env.C9_HOSTNAME + "/auth/google/callback"

That will evaluate to https://oauth2-jstrother.c9users.io/auth/google/callback ($C9_HOSTNAME is the URL of your server). It should match what’s set on Google’s side, and succeed.


#5

Thanks! Works as expected now. :slight_smile: