Hello,
i have issues with redirect URI, when i want to log in google oauth2, it doesnt redirect me and gimme Error 400: redirect_uri_mismatch
access_type=online
approval_prompt=auto
scope=https://www.googleapis.com/auth/calendar
response_type=code
redirect_uri=http://www.meetingroomapp.com/dashboard/oauth2callback.php
state=
client_id=825645938882-ftcv0fuojum9078uht1n8hpgbvp9ej3f.apps.googleusercont
There is code in index.php
if (isset($_SESSION['access_token']) && $_SESSION['access_token']) {
$client->setAccessToken($_SESSION['access_token']);
SOME CODE HERE
} else {
$redirect_uri = 'http://www.meetingroomapp.com/dashboard/oauth2callback.php';
header('Location: ' . filter_var($redirect_uri, FILTER_SANITIZE_URL));
}
There is code in oauth2callback.php
session_start();
$client = new Google_Client();
$client->setAuthConfigFile('client_secret.json');
$client->setRedirectUri('http://www.meetingroomapp.com/dashboard/');
$client->addScope("https://www.googleapis.com/auth/calendar");
if (! isset($_GET['code'])) { //přesměrování na google server
$auth_url = $client->createAuthUrl();
header('Location: ' . filter_var($auth_url, FILTER_SANITIZE_URL));
} else {
$client->authenticate($_GET['code']);
$_SESSION['access_token'] = $client->getAccessToken();
$redirect_uri = 'http://www.meetingroomapp.com/dashboard/';
header('Location: ' . filter_var($redirect_uri, FILTER_SANITIZE_URL));
}
There is secret JSON
{"installed":{"client_id":"**ID**","project_id":"meetinroomapp","auth_uri":"https://accounts.google.com/o/oauth2/auth","token_uri":"https://accounts.google.com/o/oauth2/token","auth_provider_x509_cert_url":"https://www.googleapis.com/oauth2/v1/certs","client_secret":"**SECRET**","redirect_uris":["urn:ietf:wg:oauth:2.0:oob","http://www.meetingroomapp.com/dashboard/"]}}
In Google developer console i have set http://www.meetingroomapp.com/dashboard/ as homepage
redirect mismatch happens when the redirect uri you specified in you request doesnt match the one you specified in google developer console.so check if the the redirect uri you specfied in google developer console is http://www.meetingroomapp.com/dashboard/oauth2callback.php
Related
This short snip of code is what I'm working on to manage user logins. All I need is to authenticate a user and get his login email address.
I set the app to only accept internal logins, but (while testing) if by mistake I use a generic #gmail.com login I get an error message from which I can't get out.
I'd like the flow to be
Ask for login -> login entered is from wrong domain -> ask again
<?php
require_once __DIR__.'/vendor/autoload.php';
session_start();
$client = new Google_Client();
$client->setAuthConfig('client_secret.json');
$client->addScope('email');
$client->setApprovalPrompt("select-account");
if (isset($_SESSION['access_token']) && $_SESSION['access_token']) {
$client->setAccessToken($_SESSION['access_token']);
$service=new Google_Service_Oauth2($client);
$user = $service->userinfo->get();
} else {
$redirect_uri = 'http://mysite/book/oauth2callback.php';
header('Location: ' . filter_var($redirect_uri, FILTER_SANITIZE_URL));
}
?>
for sake of completness, this is oauth2callback.php
<?php
require_once __DIR__.'/vendor/autoload.php';
session_start();
$client = new Google_Client();
$client->setAuthConfigFile('client_secret.json');
$client->setRedirectUri('http://mysite/book/oauth2callback.php');
$client->addScope('email');
if (! isset($_GET['code'])) {
$auth_url = $client->createAuthUrl();
header('Location: ' . filter_var($auth_url, FILTER_SANITIZE_URL));
} else {
$client->authenticate($_GET['code']);
$_SESSION['access_token'] = $client->getAccessToken();
$redirect_uri = 'http://mysite/book';
header('Location: ' . filter_var($redirect_uri, FILTER_SANITIZE_URL));
}
?>
Thanks
Use the hd param to try to require a particular domain user if that user is present: https://developers.google.com/identity/protocols/oauth2/openid-connect#hd-param
I am stucked 3 days ago with Google Calendar API, I am new in Google API.
First of all I want to get events from users calendar.
I went through on the install process a few times, but my code always stop at fetchAccessTokenWithAuthCode function.
Probably I miss something really obvious, but I can't figure out what is wrong.
In web root I created a new folder for testing with 2 basic file from Google install site.
My php files:
index.php:
<?php
require_once 'path/googleapi/vendor/autoload.php';
session_start();
$client = new Google_Client();
$client->setAuthConfig('path/googleapi/credentials.json');
$client->addScope(Google_Service_Calendar::CALENDAR_READONLY);
$client->setRedirectUri('https://site/google/oauth2callback.php');
$client->setAccessType('offline');
$client->setPrompt("consent");
$client->setIncludeGrantedScopes(true);
$auth_url = $client->createAuthUrl();
var_dump($auth_url);
if (isset($_SESSION['access_token']) && $_SESSION['access_token']) {
var_dump($_SESSION);
} else {
header('Location: ' . filter_var($auth_url, FILTER_SANITIZE_URL));
}
?>
oauth2callback.php:
<?php
require_once 'path/googleapi/vendor/autoload.php';
session_start();
$client = new Google_Client();
$client->setAuthConfig('path/googleapi/credentials.json');
$client->setRedirectUri('https://site/google/oauth2callback.php');
$client->addScope(Google_Service_Calendar::CALENDAR_READONLY);
$client->setAccessType("offline");
if (! isset($_GET['code'])) {
$auth_url = $client->createAuthUrl();
header('Location: ' . filter_var($auth_url, FILTER_SANITIZE_URL));
} else {
var_dump($_GET['code']);
$token = $client->fetchAccessTokenWithAuthCode($_GET['code']);
echo "<br>token:<br>";
var_dump($token);
$_SESSION['access_token'] = $client->getAccessToken();
$redirect_uri = 'https://site/google/';
header('Location: ' . filter_var($redirect_uri, FILTER_SANITIZE_URL));
}
?>
I got redirected to Google's site, once I grant permission I am redirected to the oauth2callback.php
In oauth2callback.php I can see the var_dump output for the code, but no further output, which means no response from fetchAccessTokenWithAuthCode function.
Any help is appreciated
I'm checking Google Drive API docs because I want to use it in the browser and not in command line, so, according to examples, my code is like this:
index.php
<?php
require_once __DIR__.'/vendor/autoload.php';
session_start();
$client = new Google_Client();
$client->setAuthConfig('11*****.apps.googleusercontent.com_client_secret.json');
$client->addScope(Google_Service_Drive::DRIVE);
if (isset($_SESSION['access_token']) && $_SESSION['access_token']) {
$client->setAccessToken($_SESSION['access_token']);
$drive = new Google_Service_Drive($client);
$files = $drive->files->listFiles(array())->getFiles();
echo json_encode($files);
} else {
$redirect_uri = 'https://' . $_SERVER['HTTP_HOST'] . '/drive/oauth2callback.php';
header('Location: ' . filter_var($redirect_uri, FILTER_SANITIZE_URL));
}
?>
oauth2callback.php
<?php
require_once __DIR__.'/vendor/autoload.php';
session_start();
$client = new Google_Client();
$client->setAuthConfigFile('11*****.apps.googleusercontent.com_client_secret.json');
$client->setRedirectUri('https://' . $_SERVER['HTTP_HOST'] . '/drive/oauth2callback.php');
$client->addScope(Google_Service_Drive::DRIVE);
if (! isset($_GET['code'])) {
$auth_url = $client->createAuthUrl();
header('Location: ' . filter_var($auth_url, FILTER_SANITIZE_URL));
} else {
$client->authenticate($_GET['code']);
$_SESSION['access_token'] = $client->getAccessToken();
$redirect_uri = 'https://' . $_SERVER['HTTP_HOST'] . '/drive/';
header('Location: ' . filter_var($redirect_uri, FILTER_SANITIZE_URL));
}
?>
But when I execute index.php in the browser and after login with my google account I receive this message:
How can I avoid this message?
You need to go through verification before you launch a user-facing app. You can continue to build and test your application while waiting to complete verification. When your app is successfully verified, the unverified app screen will be removed from your client.
You can follow the steps of verification for apps here.
I am using the PHP Google_Client to get the youtube playlist data on my web (a server-side Oauth ,without user check )
but get Error: redirect_uri_mismatch and message
The redirect URI in the request,
http://localhost/youtube/oauth2callback.php,
does not match the ones authorized for the OAuth client.
Visit https://console.developers.google.com/apis/credentialsoauthclient/112609190871896620853?project=756606231401
to update the authorized redirect URIs.
here is the http://localhost/youtube/index.php code
<?php
require_once 'vendor/autoload.php';
session_start();
$client = new Google_Client();
$client->addScope('https://www.googleapis.com/auth/youtube');
$client->setAuthConfigFile('youtube-762b39a4f0b5.json');
if (isset($_SESSION['access_token']) && $_SESSION['access_token']) {
$client->setAccessToken($_SESSION['access_token']);
$youtube = new Google_Service_YouTube($client);
$playlists = $youtube->playlists->listPlaylists("snippet,status", array(
'channelId' => 'UCBbOgoYXQdR-LRqrx7hdd6g'
));
echo json_encode($playlists->toSimpleObject());
} else {
$redirect_uri = 'http://' . $_SERVER['HTTP_HOST'] . '/youtube/oauth2callback.php';
var_dump($redirect_uri);
header('Location: ' . filter_var($redirect_uri, FILTER_SANITIZE_URL));
}
here is the http://localhost/youtube/oauth2callback.php
<?php
require_once __DIR__.'/vendor/autoload.php';
session_start();
$client = new Google_Client();
$client->setAuthConfigFile('client_secret.json');
$client->setRedirectUri('http://' . $_SERVER['HTTP_HOST'] .'/youtube/oauth2callback.php');
$client->addScope('https://www.googleapis.com/auth/youtube');
if (! isset($_GET['code'])) {
$auth_url = $client->createAuthUrl();
header('Location: ' . filter_var($auth_url, FILTER_SANITIZE_URL));
} else {
$client->authenticate($_GET['code']);
$_SESSION['access_token'] = $client->getAccessToken();
$redirect_uri = 'http://' . $_SERVER['HTTP_HOST'] . '/youtube/index.php';
header('Location: ' . filter_var($redirect_uri, FILTER_SANITIZE_URL));
}
Any idea?
Looking at the screenshots, you have created a Service Account. Service Accounts use two-legged OAuth, and therefore do not have any user-consent-and-redirect dance.
A Service Account would not have permissions to videos in your personal Gmail account. Maybe that's OK, maybe it isn't. It depends on your use case which you don't describe in your question. If you need your application to act with the same permissions as your Gmail account, you'll need to use a slightly different technique. (described How do I authorise an app (web or installed) without user intervention? (canonical ?) and https://www.youtube.com/watch?v=hfWe1gPCnzc)
I'm building an php application which receives videoID's from youtube.
but if i authenticate the application with the youtube account it displays the upload videos correctly. If i remove the session or try an other browser it is required to authenticate the application again.
here is my source:
http://pastebin.com/7GezyHZs
my client_secrets.son looks like:
{
"web": {
"client_id": "clientID.apps.googleusercontent.com",
"client_secret": "CLientsecret",
"redirect_uris": ["https://localhost/oauth2callback.php"],
"auth_uri": "https://accounts.google.com/o/oauth2/auth",
"token_uri": "https://accounts.google.com/o/oauth2/token"
}
}
(credentials removed)
my oauth2callback.php looks like:
<?php
require_once 'google-api-php-client/autoload.php';
session_start();
$client = new Google_Client();
$client->setAuthConfigFile('client_secrets.json');
$client->setRedirectUri('http://' . $_SERVER['HTTP_HOST'] . '/oauth2callback.php');
$client->addScope(Google_Service_Drive::DRIVE_METADATA_READONLY);
if (! isset($_GET['code'])) {
$auth_url = $client->createAuthUrl();
header('Location: ' . filter_var($auth_url, FILTER_SANITIZE_URL));
} else {
$client->authenticate($_GET['code']);
$_SESSION['access_token'] = $client->getAccessToken();
$redirect_uri = 'http://' . $_SERVER['HTTP_HOST'] . '/';
header('Location: ' . filter_var($redirect_uri, FILTER_SANITIZE_URL));
}
is it possible to authenticate with google for ever?
Thank you in advance.