How do I test the Google OAuth 2.0 on my app with localhost, since Google requires a top private domain as the authorized domain?
I tried to look up solutions, but all the solutions given have been a while ago, and I think Google has changed their service since then.
localhost is not a valid top-level domain, and it won't let you generate credentials without setting up a consent screen. You can add more than one authorized domain if you'd like, but you can't leave it empty. But you CAN delete the field if you have no domains / would not like to add domains for now. you just can't LEAVE it empty.
Notice the description -- "When a domain is used". so it's not an obligation to add authorized domain for consent screen. Moreover, the authorized domain here is only related with consent screen. Authorized origins and Authorized redirect URLs needs to be specified in the credentials part, which is all that matters; specifying the origin from which requests will be accepted and where it will be redirected. So just omit the authorized domain in the consent screen.
So how to delete it? Just in case if you haven't noticed, just hover over the field and this little man will pop up. delete it. that's all. Now you should be able to save and continue, where it might ask you to setup scopes.
I know it's really late, hoping it might help others..
The list of authorized domains is required before you submit a request for app verification. If you want to configure a localhost redirect URI, that is configurable in your web OAuth client ID configuration.
After about an hour banging my head against the wall I found this article that has a step by step solution that works (as of July 2020).
Basically you need to create a service account, share the sheet with that account, and then it should work.
All of the other auth methods I tried either raised nonsense errors, or simply silently didn't work.
In case anyone has struck out on the suggestions above, this answer did the trick for me. Set my authorized JavaScript origins URI to http://localhost:8080 in the google API console then emptied my Chrome cache.
You add your final domain for when you are ready to become verified. Until then you will generate an OAuth client ID and enable https://localhost:3000 in "Authorized JavaScript origins"
Just add an OAuth-consent-screen from here without a domain or valid domain that's up to you, after that create Credentials from here, then select OAuth client ID and enter your from here you can add javascript origin url and there you go you've done.
Not beautiful, but works!
I've made local website(domain) on Xampp like test1.com, added that domain in Authorized domains and started Chrome from separate shortcut with parameter --ignore-certificate-errors
Note, that when you start with this flag, Chrome must not be running!
It cause Chrome to open web site in the xampp\htdocs folder and I was forced to go to folder test1.git and then to public folder, where finally site opened and the url was: https://test1.com/test1.git/public
ps. Use port 80 in httpd-vhosts.conf and not 443!
