OAuth2:提供的“ redirect_uri”与代码授权不匹配

时间:2020-09-20 20:13:33

标签: node.js oauth-2.0

我是OAuth2的新手,并希望获得关于为什么在浏览器主窗口和调试器控制台中看到此消息的指导:

TokenError: The `redirect_uri` provided did not match what is authorized by the code.

步骤

  1. 我的前端react.js应用有一个链接到:https://app.asana.com/-/oauth_authorize?response_type=code&client_id=1188550654936298&redirect_uri=https%3A%2F%2Fasanarepeater.ngrok.io%2Foauth%2Fcallback&state=160063113436700

  2. 我在localhost:6500https://asanarepeater.ngrok.io上设置了反向代理

  3. 我通过开发者控制台将上述网址加/oauth链接到oauth服务(Asana),然后接收该网址:

https://app.asana.com/-/oauth_authorize?response_type=code&client_id=1188550654936298&redirect_uri=https%3A%2F%2Fasanarepeater.ngrok.io%2Foauth%2F

我添加了状态查询参数,然后尝试通过单击按钮在前端应用程序中使用它。

  1. OAuth服务要求我登录

  2. 登录后,在浏览器窗口和我的express api的调试控制台中看到以下内容:

TokenError: The `redirect_uri` provided did not match what is authorized by the code.
    at Strategy.OAuth2Strategy.parseErrorResponse (/home/owner/cp/project/node_modules/passport-oauth2/lib/strategy.js:358:12)
    at Strategy.OAuth2Strategy._createOAuthError (/home/owner/cp/project/node_modules/passport-oauth2/lib/strategy.js:405:16)
    at /home/owner/cp/project/node_modules/passport-oauth2/lib/strategy.js:175:45
    at /home/owner/cp/project/node_modules/oauth/lib/oauth2.js:191:18
    at passBackControl (/home/owner/cp/project/node_modules/oauth/lib/oauth2.js:132:9)
    at IncomingMessage.<anonymous> (/home/owner/cp/project/node_modules/oauth/lib/oauth2.js:157:7)
    at IncomingMessage.emit (events.js:327:22)
    at endReadableNT (_stream_readable.js:1220:12)
    at processTicksAndRejections (internal/process/task_queues.js:84:21)

反向HTTPS代理还显示:

GET /oauth/                    500 Internal Server Error

上面犯了什么错误?

我应该注意,我在错误页面的网址中看到了验证码:

https://asanarepeater.ngrok.io/oauth/?code=1%2F11192028978382%3Af818bceafeef50d7fREMOVED

如果Express.js端点是无关的,我将它们包括在下面。两条路由都以/oauth

为前缀 
router.get(
  '/callback',
  passportWithAsanaStrategy.authenticate('Asana'),
  (req: Request, res: Response) => {
    const jwt = jsonwebtoken.sign((req.user as { asana_id: string }).asana_id, JWT_SECRET!);

    res
      .cookie('asanaIdJwt', jwt)
      .status(200)
      .redirect(FRONTEND_URL!);
  },
);

/*
  passport middleware redirects to the scope grant page

  thus no route handler callback
*/
router.get('/', passportWithAsanaStrategy.authenticate('Asana'));

1 个答案:

答案 0 :(得分:0)

通常,对于OAuth2,在设置OAuth2凭据时会选择1个特定的重定向uri。如果设置过程中的网址与您在redirect_uri查询参数中发送的网址不匹配,则出于安全原因,OAuth2服务器应拒绝该请求。

因此,我认为您可能需要进入asana OAuth2设置,并查看为redirect_uri设置的内容。

相关问题
最新问题