Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Google OAuth 2.0 Authorization Error with Google Login Function. Possibly related to redirect URI? #53

Open
RaneyDazed opened this issue Jul 21, 2023 · 2 comments

Comments

@RaneyDazed
Copy link

I am encountering an issue with the Google OAuth 2.0 Authorization process when attempting to sign in using the Google Login function on Pastefy. I am currently running Pastefy via Docker-compose with Traefik as a reverse proxy on a Linux server (Ubuntu 22.04). Although the operating system may not be directly related to the issue, I thought it would be useful to provide this information.

Here's a detailed description of my setup and the issue:

I've created a Google project and set the redirect URI to https://pastefy.domain.tld/login/oauth2/code/google. However, upon clicking the Google Login button, I receive the following error:


Access blocked: Authorization Error

You can't sign in to this app because it doesn't comply with Google's OAuth 2.0 policy for keeping apps secure.

You can let the app developer know that this app doesn't comply with one or more Google validation rules.
Learn more about this error

If you are a developer of Pastefy, see error details.
Error 400: invalid_request


Upon inspecting the error details, I found that the redirect_uri is set to https://pastefy.domain.tld/api/v2/auth/oauth2/google/callback.

Having reviewed Google's OAuth 2.0 policy, it seems possible that the issue may be related to an incorrect redirect_uri being sent when clicking the Google Login button. According to the policy, the Redirect URI in the request should match the one specified in the setup. Any discrepancy here can lead to authorization errors. Based on this, should the redirect_uri instead be https://pastefy.domain.tld/login/oauth2/code/google as per my initial setup? This is my interpretation of the policy and I understand that I may have misunderstood some aspects. Please correct me if this is the case.

I welcome any advice or clarification on this matter, as I may have misinterpreted the requirements or made a mistake in the setup process.

@JulianFun123
Copy link
Member

Did you set "/api/v2/auth/oauth2/google/callback" as redirect url and as trusted callback urls in googles developer console? I've never heard something about policies which force developers to have a specific redirection url. I may be wrong, but I saw that it worked for me and for many others as well.

@arpanghosh8453
Copy link

@JulianFun123 @RaneyDazed I used google and I had to add the callback url ( "/api/v2/auth/oauth2/google/callback") when I registered the web app OAuth in google. That will fix this issue. You can go ahead and close this. This is not an issue with your application.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants