Google "GoogleWebAuthorizationBroker" showing error redirect uri mismatch

Question

I'm doing it in MVC (C#). I want to access users google calendar so i have specified a button with "Access Calendar". When a user clicks on the button below code is called to get tokens (and save) for accessing calendar data.

 UserCredential credential;
                credential = GoogleWebAuthorizationBroker.AuthorizeAsync(
                    new ClientSecrets
                    {
                        ClientId = "xxxxxx.apps.googleusercontent.com",
                        ClientSecret = "FxxxxxxxxxZ"
                    },
                    Scopes,
                    "user",
                    CancellationToken.None,
                    new FileDataStore(credPath)).Result;

When this method is executed we should be redirected to consent screen, instead, I'm getting the error as

but the redirect URI it is showing I have never specified in the console. These are the redirect uri I have specified in google project console. Is anything I'm doing wrong? How to get properly redirected to permissions screen ?

Answer 1

Redirect uri issue

The redirect uri in your request is http://127.0.1:59693/authorize you have not added that under Authorized redirect Uris.

You cant just add any redirect uri. The client library builds this url itself. its always

host:port/authorize

Application type

there are several types of clients that you can create these clients are designed to work with different types of applications. The code used to connect with these clients is also different.

• installed application - application installed on a users machine
• web application - application hosted in a web server connected to a user via a web browser.

Installed Application

You are using GoogleWebAuthorizationBroker.AuthorizeAsync it is designed for use with installed applications. The browser window will open on the machine itself. If you try to host this on a web-server the browser will attempt to open on the server and not be displayed to the user.

Web applications

you should be following Web applications and using GoogleAuthorizationCodeFlow

using System;
using System.Web.Mvc;

using Google.Apis.Auth.OAuth2;
using Google.Apis.Auth.OAuth2.Flows;
using Google.Apis.Auth.OAuth2.Mvc;
using Google.Apis.Drive.v2;
using Google.Apis.Util.Store;

namespace Google.Apis.Sample.MVC4
{
    public class AppFlowMetadata : FlowMetadata
    {
        private static readonly IAuthorizationCodeFlow flow =
            new GoogleAuthorizationCodeFlow(new GoogleAuthorizationCodeFlow.Initializer
                {
                    ClientSecrets = new ClientSecrets
                    {
                        ClientId = "PUT_CLIENT_ID_HERE",
                        ClientSecret = "PUT_CLIENT_SECRET_HERE"
                    },
                    Scopes = new[] { DriveService.Scope.Drive },
                    DataStore = new FileDataStore("Drive.Api.Auth.Store")
                });

        public override string GetUserId(Controller controller)
        {
            // In this sample we use the session to store the user identifiers.
            // That's not the best practice, because you should have a logic to identify
            // a user. You might want to use "OpenID Connect".
            // You can read more about the protocol in the following link:
            // https://developers.google.com/accounts/docs/OAuth2Login.
            var user = controller.Session["user"];
            if (user == null)
            {
                user = Guid.NewGuid();
                controller.Session["user"] = user;
            }
            return user.ToString();

        }

        public override IAuthorizationCodeFlow Flow
        {
            get { return flow; }
        }
    }
}