vip-coordinator/GOOGLE_OAUTH_DOMAIN_SETUP.md

Google OAuth2 Domain Setup for bsa.madeamess.online

🔧 Current Configuration

Your VIP Coordinator is now configured for your domain:

• Backend URL: https://bsa.madeamess.online:3000
• Frontend URL: https://bsa.madeamess.online:5173
• OAuth Redirect URI: https://bsa.madeamess.online:3000/auth/google/callback

📋 Google Cloud Console Setup

You need to update your Google Cloud Console OAuth2 configuration:

1. Go to Google Cloud Console

• Visit: https://console.cloud.google.com/
• Select your project (or create one)

2. Enable APIs

• Go to "APIs & Services" → "Library"
• Enable "Google+ API" (or "People API")

3. Configure OAuth2 Credentials

• Go to "APIs & Services" → "Credentials"
• Find your OAuth 2.0 Client ID: 308004695553-6k34bbq22frc4e76kejnkgq8mncepbbg.apps.googleusercontent.com
• Click "Edit" (pencil icon)

4. Update Authorized Redirect URIs

Add these exact URIs (case-sensitive):

https://bsa.madeamess.online:3000/auth/google/callback

5. Update Authorized JavaScript Origins (if needed)

Add these origins:

https://bsa.madeamess.online:3000
https://bsa.madeamess.online:5173

🚀 Testing the OAuth Flow

Once you've updated Google Cloud Console:

1. Visit the OAuth endpoint:

   https://bsa.madeamess.online:3000/auth/google
   

2. Expected flow:

   • Redirects to Google login
   • After login, Google redirects to: https://bsa.madeamess.online:3000/auth/google/callback
   • Backend processes the callback and redirects to: https://bsa.madeamess.online:5173/auth/callback?token=JWT_TOKEN

3. Check if backend is running:

   curl https://bsa.madeamess.online:3000/api/health
   

🔍 Troubleshooting

Common Issues:

1. "redirect_uri_mismatch" error:

   • Make sure the redirect URI in Google Console exactly matches: https://bsa.madeamess.online:3000/auth/google/callback
   • No trailing slashes
   • Exact case match
   • Include the port number :3000

2. SSL/HTTPS issues:

   • Make sure your domain has valid SSL certificates
   • Google requires HTTPS for production OAuth

3. Port access:

   • Ensure ports 3000 and 5173 are accessible from the internet
   • Check firewall settings

Debug Commands:

# Check if containers are running
docker-compose -f docker-compose.dev.yml ps

# Check backend logs
docker-compose -f docker-compose.dev.yml logs backend

# Test backend health
curl https://bsa.madeamess.online:3000/api/health

# Test auth status
curl https://bsa.madeamess.online:3000/auth/status

📝 Current Environment Variables

Your .env file is configured with:

GOOGLE_CLIENT_ID=308004695553-6k34bbq22frc4e76kejnkgq8mncepbbg.apps.googleusercontent.com
GOOGLE_CLIENT_SECRET=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
GOOGLE_REDIRECT_URI=https://bsa.madeamess.online:3000/auth/google/callback
FRONTEND_URL=https://bsa.madeamess.online:5173

✅ Next Steps

1. Update Google Cloud Console with the redirect URI above
2. Test the OAuth flow by visiting https://bsa.madeamess.online:3000/auth/google
3. Verify the frontend can handle the callback at https://bsa.madeamess.online:5173/auth/callback

The OAuth2 system should now work correctly with your domain! 🎉