Sign in with google ends with [GSI_LOGGER]: The gi...

Emiliani · 04-23-2023 12:52 AM

I'm trying to add sign-in with google to my application. I got it working locally based on official documentation, but I'm struggling with enabling it on real host on internet. I put this domain address in API Services -> Credentials -> API Keys -> Authorised JavaScript origins

When popup window appear Javascript generates request: GET

GET
https://accounts.google.com/gsi/select?client_id=1014735478743-it1gbsm9iakjanpoj3p9kvvi8b61875q.apps...

And it ends up with error "[GSI_LOGGER]: The given origin is not allowed for the given client ID."

My configuration looks like this:

I got it working on localhost but what is wrong here?

Emiliani

I will answer myself: It only works for https. So after adding certificate and puting web traffic through it. I change addresses to https and it works. Response message could be more descriptive about that 😕

ReRubis

@Emiliani wrote:
I will answer myself: It only works for https. So after adding certificate and puting web traffic through it. I change addresses to https and it works. Response message could be more descriptive about that 😕

Oh... So I need to just switch to https?

That's sad. I've killed more than a week trying to figure out why it works with localhost, but not the domain.

harshTripathi1

For me its not working on https as well could anyone Know what can be the reason?

Durotemy

I am working on my local but it fails to work here aswell

zakdaff

same issue!

phinor

I've experienced this issue on a web app that has been working flawlessly for a number of years. Since a few days ago, a few users have been unable to access the app with the "Sign in with Google" option, but now the problem seems to be more widespread and is affecting nearly all users. The login URI is all over HTTPS, certificates are all valid and no changes to either the login code or the app have been made in the last month.

speery

I'm experiencing the same issue with multiple web apps that have been working for years.

tdanielcox

I am also seeing this same issue. Apps across all of our environments are now failing Google OAuth login as of the last few days. Nothing in our code has changed and I verified all keys are correct.

EDIT: Interestingly, our local environment using http://localhost:4000 appears to be working, but all dev and production apps have stopped working.

ctipperCMU

Same. Did you get an email about the FedCM migration? We did and it stated that: (1) it would happen in April and (2) no issues were detected for our site/project. Apparently neither is true. I followed the migration steps and still not working.

tdanielcox

I also received that email, and it stated "No issues detected" for our site

ctipperCMU

Ours is working now. The `redirect_uri` had to be updated to include the full path, e.g., `https://myhost.com/login`. Before this, the trailing `/login` wasn't required. Hope this helps.

dtowell

I "fixed" the problem by changing to "popup" rather than "redirect" mode.

carlmeek

Me too - i can't fix this issue right now. App has been working for years and stopped today!

phinor

I fixed my issue.

The response uri did not have the full path to the endpoint that received
the response - it only had the host. On changing it, my issue was resolved
in minutes.

tdanielcox

I was also able to temporarily fix the issue by updating the Authorized redirect URIs on the Google Credentials screen to be the exact path to the redirect URI. In our case this is https://example.com/api/v1/auth/google/{clientId}

While this solution works for 1 client, the URIs do not support wildcards and the redirect URI will have a different path for each client...

Was this an intentional change, or just a bug? Seems weird they would make such a massive change without informing users and breaking a ton of sites.

EDIT: I got it working by passing the client ID on the button's state property instead of the redirect URL, which allowed me to redirect to the correct client domain.

speery

That did it for me too!

mff

thanks, that the solution and thanks for finding it that fast! (the previous setup stopped working for me, as per logs, only 24h ago)

saadashraf123

add both to google authorize URI's js origins https://www.<your_website >.com and https://<your_website>.com for production and for development add http://localhost and http://localhost:<port>

Sign in with google ends with [GSI_LOGGER]: The given origin is not allowed for the given client ID.