Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Google oAuth redirect_uri mismatch #3068

Closed
bencmeyer opened this issue Jun 7, 2024 · 4 comments
Closed

Google oAuth redirect_uri mismatch #3068

bencmeyer opened this issue Jun 7, 2024 · 4 comments

Comments

@bencmeyer
Copy link

Error 400: redirect_uri_mismatch

You can't sign in to this app because it doesn't comply with Google's OAuth 2.0 policy.

If you're the app developer, register the redirect URI in the Google Cloud Console.
Request details: redirect_uri=http://.net/login/google/authorized flowName=GeneralOAuthFlow

Expected behavior

redirect_uri should be https, not http

Environment (please complete the following information):

  • container: lscr.io/linuxserver/calibre-web
  • container: traefik:2.11.2
  • cloudflare dns and argo tunnel

Additional context

I have tried several workarounds to no avail
I have other services running just fine and work as expected
I believe this has to do with how traefik is forcing security headers as listed in ibracorps setup guide
Below is how they are laid out. I have attempted to change the scheme in the individual 'router' but I am not sure it overrides the defaults.

http:
  redirections:
    entryPoint:
      to: https
      scheme: https

securityHeaders:
      headers:
        customResponseHeaders:
          X-Robots-Tag: "none,noarchive,nosnippet,notranslate,noimageindex"
          server: ""
          X-Forwarded-Proto: "https"
        sslProxyHeaders:
          X-Forwarded-Proto: https
        referrerPolicy: "strict-origin-when-cross-origin"
        hostsProxyHeaders:
          - "X-Forwarded-Host"
        customRequestHeaders:
          X-Forwarded-Proto: "https"
        contentTypeNosniff: true
        browserXssFilter: true
        forceSTSHeader: true
        stsIncludeSubdomains: true
        stsSeconds: 63072000
        stsPreload: true
@tylermiranda
Copy link

I'm having this same issue but the difference in my situation is I'm not using traefik or nginx, I'm using a cloudflare tunnel behind a public CNAME record. My redirect uri is valid.

@bryan065
Copy link

Having the same issue with http vs https for the redirect URL. also behind a cloudflare tunnel.

Maybe having a checkbox in the Calibre Oauth settings for https vs https?

@OzzieIsaacs
Copy link
Collaborator

For me it‘s working (Apache) maybe you are missing the x-scheme header

@bencmeyer
Copy link
Author

My default config sets the forward scheme to https already. I tried with http and it still failed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@tylermiranda @OzzieIsaacs @bencmeyer @bryan065