问题
Let's say my app's main domain is at https://www.example.com
App is going to have lots of instances, i.e.
https://www.example.com/client1
https://www.example.com/client2
https://www.example.com/client3
<..>
In order to have OAuth2 authentication against my app, I currently have redirect URIs as such:
https://www.example.com/client1/SignInGoogle
https://www.example.com/client2/SignInGoogle
Is there a way to add one Authorized redirect URI for all of these clients? i.e.
https://www.example.com/*
or
https://www.example/com/*/SignInGoogle
Or does this URI has to be the exact match?
回答1:
If you look at the Google Developer console
- Must have a protocol (HTTP / HTTPS)
- Cannot contain a URL Fragment (#)
- Cannot contain a relative path.
- Cannot be a public IP address.
Examples of Relitve vs Absolute URIs
Relative URI Absolute URI
about.html http://WebReference.com/html/about.html
tutorial1/ http://WebReference.com/html/tutorial1/
tutorial1/2.html http://WebReference.com/html/tutorial1/2.html
/ http://WebReference.com/
//www.internet.com/ http://www.internet.com/
/experts/ http://WebReference.com/experts/
../ http://WebReference.com/
../experts/ http://WebReference.com/experts/
./about.html http://WebReference.com/html/about.html
What you want to do is something like a Relative URI. What you need to remember is that an Authentication server is nothing but a web service. If you cant access the redirect URI from a normal web browser the authentication server cant either.
So no you cant do that it has to match exactly.
来源:https://stackoverflow.com/questions/37338643/google-authorized-redirect-uris