<p>问题可能出在process_login()函数中,该函数在/callback api中的verify_和_process()函数中被调用</p>
<P>让我们看看PrimeSoLogin()函数(<a href="https://tomasvotava.github.io/fastapi-sso/sso/base.html#fastapi_sso.sso.base.SSOBase.verify_and_process" rel="nofollow noreferrer">https://tomasvotava.github.io/fastapi-sso/sso/base.html#fastapi_sso.sso.base.SSOBase.verify_and_process</a>):</p>
<pre><code>async def process_login(self, code: str, request: Request) -> Optional[OpenID]:
"""This method should be called from callback endpoint to verify the user and request user info endpoint.
This is low level, you should use {verify_and_process} instead.
"""
url = request.url
current_url = str(url).replace("http://", "https://")
current_path = f"https://{url.netloc}{url.path}"
</code></pre>
<p>我猜(重定向uri不匹配)错误是因为您在GoogleSSO()调用中使用了HTTP重定向url:</p>
<pre><code>google_sso = GoogleSSO("client-id", "client-secret", "http://127.0.0.1:8000/google/callback/")
</code></pre>
<p>在process_login()函数中,请求url中重定向url的HTTP被替换为HTTPS:</p>
<pre><code>url = request.url
current_url = str(url).replace("http://", "https://")
</code></pre>
<p>替换后,您的重定向url不匹配,因为</p>
<pre><code>https://127.0.0.1:8000/google/callback/
is not
http://127.0.0.1:8000/google/callback/
</code></pre>
<p>它们是两个不同的URL</p>
<p>解决方案可能是通过自签名证书使用HTTPS保护服务器。
(这个很简单:<a href="https://dev.to/rajshirolkar/fastapi-over-https-for-development-on-windows-2p7d" rel="nofollow noreferrer">https://dev.to/rajshirolkar/fastapi-over-https-for-development-on-windows-2p7d</a>)</p>
<p>顺便问一下,你是否在谷歌云(<a href="https://developers.google.com/identity/sign-in/web/sign-in" rel="nofollow noreferrer">https://developers.google.com/identity/sign-in/web/sign-in</a>)中注册了你的应用程序?因为您使用“客户机id”和“客户机机密”作为参数</p>