Question
I'm trying to setup a sign in via google+ within our mobile app.
So we have a Android client that fetchs a verification code for the oauth google api.
It then sends the verification_code back to rails and rails is responsible for getting the access token / refresh token pair and then talking to the api.
I'm having issue with validation the verification_code.
At first it would return
https://stackoverflow.com/questions/21894425
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian{
"error" : "redirect_uri_mismatch"
}
So after reading a bit it seems that we should not specify a redirect_uri for android tokens but when I try to set redirect_uri to nil it fails with
{
"error" : "invalid_request",
"error_description" : "Missing parameter: redirect_uri"
}
I also tried by setting it to an empty string instead of nil and got the uri_mismatch again.
I tried to do a regular auth with a verification code obtained with the oauth playground and it works from there.
A bit of code
@authorization = CLIENT_SECRETS.to_authorization
@authorization.clear_credentials!
@authorization.grant_type = 'authorization_code'
@authorization.code = authorization_code
@authorization.redirect_uri = nil
@authorization.fetch_access_token!
Any help would be appreciated!
Solution 2
Ok so actually it was kinda of hidden but I found it.
So you need to set the redirect uri to the "out of band" uri set up within the credentials.
urn:ietf:wg:oauth:2.0:oob
The Client doesn't actually sets it to that value but I guess google defaults it to it.
The current signet gem does not allow redirect_uri to be set to that value so I added a PR to the main repo, In the mean time I'm using my fork and it works fine.
OTHER TIPS
The Redirect URIs you send needs to match the one that you have set up in google apis console.
APIs & auth -> credentials
