I have a django project in which i’m using django-social-auth to implement google and facebook.
From the side it seems to work quite well as i’ve been able to register and login using it.
However, as soon as i turn google API into production, i get an error of mismatch_url.
In the credentials => Authorized redirect URIs i have this url:
https://www.swimseekr.com/social-auth/complete/google-oauth2/
but when i try to login, google give me this error: which shows an http url:
You can’t sign in to this app because it doesn’t comply with Google’s OAuth 2.0 policy.
If you’re the app developer, register the redirect URI in the Google
Cloud Console. Request details:
redirect_uri=http://www.swimseekr.com/social-auth/complete/google-oauth2/
so if i go back to testing mode, and remove the ‘s’ from http, and try to login, it works again.
Anyone, can help me on this?
Thank you.
2
Answers
You might consider checking the Django settings that ‘request.is_secure()’ returns ‘True’ and make sure that your settings allow HTTPS redirects since you mentioned it works with HTTP.
On the Google side of things (OAuth 2.0), ensure that OAuth Consent Screen is fully set up and correct. The status of your application should be ‘In Production’
For troubleshooting purposes, I suggest clear browser cache or try Incognito mode to disable all plug-ins. As an additional test, you might wanna try registering both ‘http’ and ‘https’ just to eliminate the possibility. Attached are documentations for supplementary reference that may be helpful for your use case. [1][2]
[1] https://developers.google.com/identity/protocols/oauth2
[2] https://python-social-auth.readthedocs.io/en/latest/configuration/django.html
The issue for me was resolved by changing the value from "flexible" to "full" within the Cloudflare SSL/TLS tab. I hope this solution proves helpful for others who encounter this problem in the future, as it was quite exhausting for me.