Can't authenticate - invalid redirect_uri

Question

Can't authenticate - invalid redirect_uri

kwilkins-82 opened this issue 2 years ago · comments

I've been through the Client ID and project set up steps, and I'm trying to connect using the following command:

google_nest --project_id="${PROJECT_ID}" --client_id="${CLIENT_ID}" --client_secret="${CLIENT_SECRET}" list_structures

After navigating to the provided URL, I can log in OK but I get an error after selecting devices - complaining the redirect_uri is not valid for a Web Service.

Authorization Error
Error 400: redirect_uri_mismatch
The redirect URI in the request, urn:ietf:wg:oauth:2.0:oob, can only be used by a Client ID for native application. It is not allowed for the WEB client type. You can create a Client ID for native application at https://console.developers.google.com/apis/credentials/oauthclient
[Learn more](https://developers.google.com/identity/protocols/oauth2/openid-connect#setredirecturi)

I tried setting it up as a Desktop Application instead as suggested - but that didn't work either giving the following error:

Authorization Error
Error 400: invalid_request

You can't sign in to this app because it doesn't comply with Google's OAuth 2.0 policy for keeping apps secure.

You can let the app developer know that this app doesn't comply with one or more Google validation rules.
Request Details
The content in this section has been provided by the app developer. This content has not been reviewed or verified by Google.
If you’re the app developer, make sure that these request details comply with Google policies.
redirect_uri: urn:ietf:wg:oauth:2.0:oob

Allen Porter · Answer 1 · Thu Apr 21 2022 21:47:21 GMT+0800 (China Standard Time)

Hi, Google has deprecated this method of authentication for new signups. I'm in active discussion with their developer relations on a new approach. See home-assistant/core#67662 for more context

kwilkins-82 · Answer 2 · Thu Jun 02 2022 23:47:39 GMT+0800 (China Standard Time)

The issue seems to now be resolved for home-assistant. Will the same fix work for this project?

Allen Porter · Answer 3 · Thu Jun 02 2022 23:54:01 GMT+0800 (China Standard Time)

The reason it works with home assistant is because they have a http server endpoint to get the redirect url.

Basically, you're own your own to get the auth credentials, and we'll likely need to delete the code for this in the command line tool.

newadventure079 · Answer 4 · Mon Jul 18 2022 11:52:26 GMT+0800 (China Standard Time)

I'm a new user to this library and am also seeing this error. Does this mean we can't use this library until this is resolved? Are there any workarounds?

Allen Porter · Answer 5 · Mon Jul 18 2022 11:59:06 GMT+0800 (China Standard Time)

You likely can't use the command line tool anymore with desktop auth. You can use web auth, but you have to write your own oauth integration to get the access token..or maybe you could use a service account.

Allen Porter · Answer 6 · Tue Sep 06 2022 00:32:36 GMT+0800 (China Standard Time)

Probably the best next step for this is make the command line took work with a service account.