javayoutube-apigoogle-oauthyoutube-data-apigoogle-oauth-java-client

Google OAUTH: The redirect URI in the request did not match a registered redirect URI


I am trying to make an upload to YouTube from my Java based web app, I spent a few days to understand what and where is the problem and I cannot get it, for now I am pulling my hair out off my head.

I registered my web app in Google Console, so I got a pair of Client ID and Secret and a possibility to download JSON type file with my config.

So here is the config:

{
    "web":{
        "auth_uri":"https://accounts.google.com/o/oauth2/auth",
        "client_secret":"***",
        "token_uri":"https://accounts.google.com/o/oauth2/token",
        "client_email":"***",
        "redirect_uris":["http://localhost:8080/WEBAPP/youtube-callback.html","http://www.WEBAPP.md/youtube-callback.html"],
        "client_x509_cert_url":"***",
        "client_id":"***",
        "auth_provider_x509_cert_url":"https://www.googleapis.com/oauth2/v1/certs",
        "javascript_origins":["http://www.WEBAPP.md/"]
    }
}

How is possible that I am getting the default URL from Google?

The redirect URI in the request: http://localhost:8080/Callback did not match a registered redirect URI

It always gives me the default http://localhost:8080/Callback URL instead of mine.

And IDE console shows me that:

Please open the following address in your browser: https://accounts.google.com/o/oauth2/auth?client_id=***&redirect_uri=http://localhost:8080/Callback&response_type=code&scope=https://www.googleapis.com/auth/youtube.upload Attempting to open that address in the default browser now...

I am using the last version of dependencies: google-api-services-youtube v3-rev99-1.17.0-rc and google-api-services-youtubeAnalytics v1-rev35-1.17.0-rc


Solution

  • When your browser redirects the user to Google's oAuth page, are you passing as a parameter the redirect URI you want Google's server to return to with the token response? Setting a redirect URI in the console is not a way of telling Google where to go when a login attempt comes in, but rather it's a way of telling Google what the allowed redirect URIs are (so if someone else writes a web app with your client ID but a different redirect URI it will be disallowed); your web app should, when someone clicks the "login" button, send the browser to:

    https://accounts.google.com/o/oauth2/auth?client_id=XXXXX&redirect_uri=http://localhost:8080/WEBAPP/youtube-callback.html&response_type=code&scope=https://www.googleapis.com/auth/youtube.upload
    

    (the callback URI passed as a parameter must be url-encoded, btw).

    When Google's server gets authorization from the user, then, it'll redirect the browser to whatever you sent in as the redirect_uri. It'll include in that request the token as a parameter, so your callback page can then validate the token, get an access token, and move on to the other parts of your app.

    If you visit:

    http://code.google.com/p/google-api-java-client/wiki/OAuth2#Authorization_Code_Flow

    You can see better samples of the java client there, demonstrating that you have to override the getRedirectUri method to specify your callback path so the default isn't used.

    The redirect URIs are in the client_secrets.json file for multiple reasons ... one big one is so that the oAuth flow can verify that the redirect your app specifies matches what your app allows.

    If you visit https://developers.google.com/api-client-library/java/apis/youtube/v3 You can generate a sample application for yourself that's based directly off your app in the console, in which (again) the getRedirectUri method is overwritten to use your specific callbacks.