sso-google plugin: redirect_uri_mismatch

YES! I got it working The problem was NodeBB 2FA was redirecting the user and that caused the error.

@julian Thank you for your reply. I've made progress but there are still issues with getting it to work.

I get inconsistent errors now:
For the first Google account (all accounts are entered in the test users in Google API) I get this:

And the second account I get this:

The first account uses SMS-based 2FA and the second prompts my phone and I need to press "Yes" as 2FA if that tells anyone anything. I've cleared my cookies also prior to attempts but to no avail.

I created an entirely new Google account without 2FA and added it as a new test user in the Google API but get the same error as the first account. :/'

I'm going to run

./nodebb log

and see if I can get any useful information there.

@PitaJ That makes a lot of sense, thank you for your answer!

I did change the "Authorized redirect URIs" to the one displayed above, now I'm getting a different error

How can I make sure the session has not expired? I tried restarting nodebb but it still gives me this error.

I clicked the "information for the developer" and my website was requesting the following instead:

redirect_uri=http://localhost:4567/auth/google/callback

Should I change the "Authorized redirect URIs" to this instead?

@Alexander7938 I've waited about an hour now and still get the same error. So it does not seem to have solved the problem. What other things could I try? Does anyone know how to configure this plugin locally? Could there be a problem with using HTTP and not HTTPS?

@Alexander7938 I notice the double // in the credentials folder now, gonna see if that changes anything!

Hi,

I'm trying to set up the sso-google plugin on my locally run nodebb website on a ubuntu machine.

I'm using nginx and it works to type in 'nodebbtest.com' in the URL directory of my webbrowser to reach the website (I've followed the ubuntu installation guide from nodebb here ). I've also included another change in the /etc/hosts file:

Here's how my nginx is setup (on /etc/nginx/sites-enabled and /etc/nginx/sites-available):

Both of those files are named "nodebbtest.com"

In the plugins menu of my Nodebb instance logged in as admin I've followed the instructions and set up the OAuth. Here you can see my setup in the Credentials directory:

And in the OAuth consent screen:

But when I try to login with Google on my page I get the " redirect_uri_mismatch" error. What am I doing wrong?

@PitaJ Thank you for the straight answer! Much appreciated!

We're trying to setup a countermeasure to only block user authentication from the IP from which the attempts were made. In auth.js in async function User.auth.logAttempt = async function (uid, ip) we're trying to use the fact that the IP address is also taken into account and as such make it harder for a DOS attack. Only limiting user account access for the provided IP. But when we change the code in the file NodeBB fails to launch and the local website does not appear anymore. We're using Ubuntu with mongodb and start NodeBB with ./nodebb start but when we do ./nodebb stop we get: "NodeBB is already stopped". We've added the following line: const exists = await db.exists(lockout:${ip}); which is very similar to line 20 apart from the fact that we're now using the IP. Are we experiencing problems perhaps because our database does not log the IP?

Furthermore, we're doing this as part of a minor project in university so I understand and don't want a complete solution to our problem. We're quite limited in time however so if you have a good understanding of the source code it would be very helpful to point us in the right direction or tell us that this will be too problematic to do in 20 hours of time. I'm currently trying to get a better understanding of the source code and I notice that it's quite complex!

Are there steps necessary to take before changing the source code? Would it be better to build a plugin instead? What information have we missed?