How to setup OAuth properly
-
According to this article
https://fusionauth.io/docs/lifecycle/authenticate-users/identity-providers/social/google.I create Google credentials as this image
[Please repost image]
the first hidden is my web app url.
and the second section hidden is redirected url to my backend service.then create identity provider as this image
[Please repost Image]
and declare function to login and redirect like this
@Get("oauth/login")
async login(@Req() req: Request, @Res() res: Response) {
const fusionAuthURL =${process.env.FUSIONAUTH_ISSUER}/oauth2/authorize?client_id=${process.env.FUSIONAUTH_CLIENT_ID}&redirect_uri=${process.env.FUSIONAUTH_REDIRECT_URI}&response_type=code&scope=openid email profile;
return res.redirect(fusionAuthURL);
}@Get("oauth/callback")
async callback(@Req() req: Request, @Res() res: Response) {
const user = req.user;
return res.redirect(${process.env.FRONTEND_URL});
}after build and deploy FusionAuth, my web app and backend service I saw login with google button at the Fusionauth admin page.
I try to login with that button, and the error dialog show me that my client id is invalid.
I try to send redirect request from my web app to backend service with the function I mentioned above
it didn't work as well.May you direct me what I was missing or misunderstanding or what I need to clarify.
thank you in advance.
-
@altear147 Would you mind please reposting the images. I removed them as I felt with a little work some of the private information would have been revealed with them. Please completely block the secret information.
-
@altear147 is the error referring to the FusionAuth application client id or the Google Client Id? Is the error coming form FusionAuth or Google?
-
@mark-robustelli
here, the identity provider page and credential page.
the error dialog said the client id is invalid,
I copied the id and secret from the credential page, so I'm pretty sure that there is no error like missing some character or having more character.and here the error dialog that I mentioned
-
@altear147 Can you please give the full text (minus any secrets) of the error?
-
{
"error" : "invalid_client",
"error_description" : "client_id: {secret}.apps.googleusercontent.com is not valid.",
"error_reason" : "invalid_client_id"
} -
@altear147 can you try to use application Id of the application in FusionAuth for the client_id instead of the google client id and see if that works?
