I'm trying to implement Sign In with Google for my Ruby / Rails app and I have followed the OAuth configuration setup as per this guide from Google.
I've added the snippet and got the Sign In with Google button displaying fine. The sign in fields display correctly but once inputting valid credentials, nothing happens and I get the error:
'The given origin is not allowed for the given client ID.'
For testing locally, the guide says for the Authorized Javascript Origins, you need to use both http://localhost and http://localhost:3000, which I have done. But I assume I'm getting this error because the page which has the snippet on it has a subdomain, and therefore the URL is xxxx.localhost:3000, rather than localhost:3000 and they no longer match. Google's OAuth configuration doesn't seem to support subdomains either - does anyone know how I can get around this?
Code:
<div id="g_id_onload"
data-client_id="XXXXX"
data-context="signin"
data-ux_mode="popup"
data-login_uri="http://localhost:3000"
data-auto_prompt="false">
</div>
<div class="g_id_signin"
data-type="standard"
data-shape="rectangular"
data-theme="outline"
data-text="signin_with"
data-size="large"
data-logo_alignment="left">
</div>
<script src="https://accounts.google.com/gsi/client" async defer></script>
I should be getting a http request with some user information to an endpoint of mine upon successful authentication, but instead I'm getting a javascript error - 'The given origin is not allowed for the given client ID.'