Reputation: 69
How to white list firefox extension redirect_uri in google developer console
I am making Firefox extension and implementing google-authentication , problem is that Firefox extension (browser.identity.getRedirectURL()) redirect_uri is not allowed to white list in google developer console, so redirect_uri mismatch error is happening , any guidance in this regard will be appreciate.
First i have implemented google-authentication in chrome extension ,there i have used (chrome.Identity.getAuthToken && chrome.identity.getProfileUserInfo) in chrome but these two function are not avaliable for firefox, for firefox i have created web application project in google developer console , but problem is that redirect_uri mismatching error happening. Google developer project not white listing the url generated by (browser.identity.getRedirectURL())
const redirectURL = browser.identity.getRedirectURL();
const clientID = "clientId";
const scopes = ["openid", "email", "profile"];
let authURL = `https://accounts.google.com/o/oauth2/auth?
client_id=${clientID}&response_type=token&redirect_uri=${encodeURIComponent(r edirectURL)}&scope=${encodeURIComponent(scopes.join(' '))}`; return browser.identity.launchWebAuthFlow({ interactive: true, url: authURL } , function (done , err) { console.log('done' , done); });
How to add the extension url in white list, or any other solution to handle this situation.
Upvotes: 2
Views: 437
Answers (1)
Reputation: 2941
Starting with Firefox 86, you can use a special loopback address as the redirect URI that does not require domain validation with Google. The format of this URI is http://127.0.0.1/mozoauth2/[subdomain of URL returned by identity.getRedirectURL()]. Below is an example of how to generate this URI.
const baseRedirectUrl = browser.identity.getRedirectURL();
const redirectSubdomain = baseRedirectUrl.slice(0, baseRedirectUrl.indexOf('.')).replace('https://', '');
const redirectUri = 'http://127.0.0.1/mozoauth2/' + redirectSubdomain;
Here are some additional details quoted directly from the MDN documentation:
identity.getRedirectURL()returns a URL at a fixed domain name and a subdomain derived from the add-on's ID. Some OAuth servers (such as Google) only accept domains with a verified ownership as the redirect URL. As the dummy domain cannot be controlled by extension developers, the default domain cannot always be used.However, loopback addresses are an accepted alternative that do not require domain validation (based on RFC 8252, section 7.3). Starting from Firefox 86, a loopback address with the format
http://127.0.0.1/mozoauth2/[subdomain of URL returned by identity.getRedirectURL()]is permitted as a value for the redirect URL.Note: Starting with Firefox 75, you must use the redirect URL returned by
identity.getRedirectURL(). Earlier versions allowed you to supply any redirect URL.Starting with Firefox 86, the special loopback address described above can be used too.
Upvotes: 0
Related Questions
- Google Chrome Extension redirect URL
- How to determine path to resources of Firefox WebExtension to get same value in chrome.extension.getUrl() for different users?
- Whitelist a CORS policy for a browser extension?
- OnBeforeRequest URL redirect in Firefox Addon (Conversion from Chrome Extension)
- How to get public redirectURL of chrome extensions for oauth?
- Google Chrome Extension - Redirect
- Firefox addon development - tabs api - blacklist url patterns from inject the exstension code (like in chrome)
- How to convert Chrome extension to firefox - url blocking/redirecting
- Whitelist extensions for Google Chromium
- redirect http request URI in mozilla Addon Builder