Google+ Sign-In for server-side apps auth not working

I trying to add Google+ auth for wordpress site. What I want: after auth in Google+ if user not registered on site - I redirect him to page where he enters his username; if user already registered - it will be logged in. here my js code:

function doGooglePlusLogin(authResult) {
    if (authResult['code']) {
        jQuery('#signinButton').attr('style', 'display: none');
        jQuery.ajax({
            url: '<?php echo site_url(); ?>/wp-admin/admin-ajax.php',
            type: 'get',
            dataType: 'json',
            data: {
                action: 'login_gplus',
                code: authResult['code']
            },
            success: function(result) {
            },
        });
    } else if (authResult['error']) {
    }
}

here my php code:

function login_gplus() {
$response = array();

if (isset($_GET['code']) && !empty($_GET['code'])) {
    @session_start();
    $client = new Google_Client();
    $client->setApplicationName('Test');
    $client->setAccessType('offline');
    $client->setClientId(get_option(SOCIAL_GPLUS_CLIENT_ID));
    $client->setClientSecret(get_option(SOCIAL_GPLUS_CLIENT_SECRET));
    $client->setDeveloperKey(get_option(SOCIAL_GPLUS_API_KEY));
    $client->setRedirectUri(get_option(SOCIAL_GPLUS_REDIRECT_URIS));
    $client->setApprovalPrompt('auto');

    $code = $_GET['code'];
    $client->authenticate($code);

    $token = json_decode($client->getAccessToken());
    $reqUrl = 'https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=' . $token->access_token;
    $req = new Google_HttpRequest($reqUrl);

    $tokenInfo = json_decode(
            $client->getIo()
                    ->authenticatedRequest($req)
                    ->getResponseBody());

    if ($tokenInfo->error) {
        $response['test'] = $tokenInfo->error;
        send_json_response($response);
        die();
    }
    if ($tokenInfo->audience != get_option(SOCIAL_GPLUS_CLIENT_ID)) {
        $response['test'] = "Token's client ID does not match app's.";
        send_json_response($response);
        die();
    }
    $response['test'] = 'Succesfully connected with token: ' . print_r($token, true);
}
send_json_response($response);
die();
}

User successfully authorized in Google+ but in php I got this:

Fatal error: Uncaught exception 'Google_AuthException' with message 'Error fetching OAuth2 access token, message: 'redirect_uri_mismatch'' in /var/www/html/v4/wp-content/plugins/social/google-plus/google-api/auth/Google_OAuth2.php:113Stack trace:#0 /var/www/html/v4/wp-content/plugins/social/google-plus/google-api/Google_Client.php(131): Google_OAuth2->authenticate(Array, '4/ScmpTqEIWt0SJ...')#1 /var/www/html/v4/wp-content/plugins/social/google-plus/functions.php(35): Google_Client->authenticate('4/ScmpTqEIWt0SJ...')#2 [internal function]: login_gplus('')#3 /var/www/html/v4/wp-includes/plugin.php(406): call_user_func_array('login_gplus', Array)#4 /var/www/html/v4/wp-admin/admin-ajax.php(74): do_action('wp_ajax_nopriv_...')#5 {main} thrown in /var/www/html/v4/wp-content/plugins/social/google-plus/google-api/auth/Google_OAuth2.php on line 113

In App Settings Redirect URIs specified as http://example.com/wp-admin/admin-ajax.php. What do I do wrong?

EDIT:

Google+ Sign-In button definition:

<span id="signinButton">
  <span class="g-signin"
   data-callback="doGooglePlusLogin"
   data-clientid="<?php echo $this->gplus_client_id; ?>"
   data-cookiepolicy="single_host_origin" data-accesstype="offline"
   data-requestvisibleactions="http://schemas.google.com/AddActivity"
   data-scope="https://www.googleapis.com/auth/plus.login">
  </span>
</span>

SOCIAL_GPLUS_REDIRECT_URIS is example.com/wp-admin/admin-ajax.php?action=login_gplus

Answers


Your code is basically right, but there's a slight quirk which I can see is not documented very well! You have to set your redirectURI to postmessage rather than the URL you're using.

$client->setRedirectUri('postmessage');

This is so it matches with the URI set for the token during the Javascript exchange from the button. Take a look at the sample code at: https://github.com/googleplus/gplus-quickstart-php/blob/master/signin.php to see it in action. I'll make sure we add a note to the documentation.


Need Your Help

Reverse iteration with an unsigned loop variable

c++ c

I've been discussing the use of size_t with colleagues. One issue that has come up is loops that decrement the loop variable until it reaches zero.