'Google OAuth2 throws out "redirect_uri_mismatch" error even for an exact match
My app already work for OAuth2 implicit flow. I am trying to make it work for authorized code flow but I encountered an error of "redirect_uri_mismatch". The part I don't understand is that the "redirect_uri" in fact matches exactly what is specified in the API console. Here is the curl command I ran, where the code is obtained via google.accounts.oauth2.initCodeClient with popup mode.
curl -X POST https://oauth2.googleapis.com/token \
--data-urlencode "code=${code}" \
--data-urlencode "redirect_uri=https://localhost:3000/api/gcode" \
--data-urlencode "client_id=${cid}" \
--data-urlencode "client_secret=${cs}" \
--data-urlencode "grant_type=authorization_code"
which gives me an error:
{
"error": "redirect_uri_mismatch",
"error_description": "Bad Request"
}
The redirect_uri matches exactly one of the specified uri in the API console: 
.
What did I miss? I have already checked some old posts such as this one but none of the solutions works for my case.
Update: The problem seem to be related to that popup ux mode works differently than the redirect ux mode. This SO reports the same problem.
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|