I know this is a common problem and I have read many articles about how to resolve but I am afraid that I am still stuck.
I would be very grateful for any help on this.
I have spent 10 hours so far trying out various settings.
I am showing unredacted details in my personal google account - this account will not be used for production - please tell me if this is a personal risk to myself.
I am working in Android Studio Otter 3
I am using the demo app net.openid.appauthdemo that is provided with the https://github.com/openid/AppAuth-Android library
I have only changed :
build.gradle(app)
AndroidManifest.xml
auth_config.json
Many of the end point settings have been gleaned from a tutorial
https://aster.cloud/2022/01/22/authenticating-on-android-with-the-appauth-library/
If I clear the data for the app then I am presented with a login screen to google.
After logging in (Start Authorization button) I receive the mismatch error message
Here are the settings I have entered for auth_config.json
{
"client_id": "1068905132026-8r52fku688scud8l9i1lgekhc35eenik.apps.googleusercontent.com",
"redirect_uri": "https://appauth.demo-app.io/oauth2redirect",
"end_session_redirect_uri": "https://appauth.demo-app.io/oauth2redirectend",
"authorization_scope": "openid email profile",
"discovery_uri": "",
"authorization_endpoint_uri": "https://accounts.google.com/o/oauth2/v2/auth",
"token_endpoint_uri": "https://www.googleapis.com/oauth2/v4/token",
"registration_endpoint_uri": "https://oauth-redirect.googleusercontent.com/r/buoyant-arena-485201-p5",
"user_info_endpoint_uri": "https://www.googleapis.com/auth/userinfo",
"end_session_endpoint": "https://accounts.google.com/o/oauth2/revoke",
"https_required": true
}
Here is the only part of AndroidManifest.xml that I might have changed
<activity
android:name="net.openid.appauth.RedirectUriReceiverActivity"
android:exported="true">
<intent-filter>
<action android:name="android.intent.action.VIEW"/>
<category android:name="android.intent.category.DEFAULT"/>
<category android:name="android.intent.category.BROWSABLE"/>
<data android:scheme="https"
android:host="appauth.demo-app.io"
android:path="/oauth2redirect"/>
</intent-filter>
</activity>
This is the only part of build.gradle (module app) that I might have changed
android {
namespace 'net.openid.appauthdemo'
defaultConfig {
applicationId 'net.openid.appauthdemo'
project.archivesBaseName = 'appauth-demoapp'
vectorDrawables.useSupportLibrary = true
// Make sure this is consistent with the redirect URI used in res/raw/auth_config.json,
// or specify additional redirect URIs in AndroidManifest.xml
manifestPlaceholders = [
'appAuthRedirectScheme': 'https://appauth.demo-app.io/oauth2redirect'
]
}
Here is the debug certificate
(I am concerned that the Google ID platform requests the SHA-1 certificate fingerprint but in any examples the reference is to SHA-256)
PS C:\users\Tony\.android> keytool -keystore debug.keystore -list -v
Enter keystore password:
Keystore type: JKS
Keystore provider: SUN
Your keystore contains 1 entry
Alias name: androiddebugkey
Creation date: 17 Apr 2019
Entry type: PrivateKeyEntry
Certificate chain length: 1
Certificate[1]:
Owner: CN=Android Debug, O=Android, C=US
Issuer: CN=Android Debug, O=Android, C=US
Serial number: 198cc1a2
Valid from: Wed Apr 17 07:28:17 AWST 2019 until: Fri Apr 09 07:28:17 AWST 2049
Certificate fingerprints:
SHA1: 7B:86:D1:7B:EA:41:22:3A:60:D2:F6:72:B0:7A:57:FA:56:1F:8E:8F
SHA256: 33:06:4F:59:8C:FA:BC:EC:3C:49:41:DC:39:09:EF:25:0C:2D:96:BD:1E:79:F5:CE:76:0F:96:B6:60:83:5F:45
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3
Extensions:
#1: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 92 FD 58 F0 2C 26 4B B1 0E CB 41 A7 D2 B7 B1 75 ..X.,&K...A....u
0010: 3E 30 4A 56 >0JV
]
]
Here is the web client I have set up on the Google Cloud Platform in order to enter the redirect uri
Here is the android client id I have set up in the Google Cloud Platform.
The redirect uri cannot be entered for an Android ClientId
