Important: Please read the Qt Code of Conduct -

QOAuth2AuthorizationCodeFlow and problem with redirect_uri

  • Hello everyone!

    In my application with Qt I'm trying integrate API with OAuth 2 technology. In my situation redirect_uri looks like "urn:ietf:wg:oauth:2.0:oob". The code which I'm using looks like:

            auto replyHandler = new ShikimoriOAuthServerReplyHandler(this);
            connect(replyHandler, &ShikimoriOAuthServerReplyHandler::tokensReceived, [](const QVariantMap &tokens) {
            connect(replyHandler, &ShikimoriOAuthServerReplyHandler::callbackReceived, [](const QVariantMap &values) {
            connect(replyHandler, &ShikimoriOAuthServerReplyHandler::replyDataReceived, [](const QByteArray &data) {
            connect(replyHandler, &ShikimoriOAuthServerReplyHandler::callbackDataReceived, [](const QByteArray &data) {
            m_oauth2 = new QOAuth2AuthorizationCodeFlow(this);
            connect(m_oauth2, &QOAuth2AuthorizationCodeFlow::authorizeWithBrowser, &QDesktopServices::openUrl);
            connect(m_oauth2, &QOAuth2AuthorizationCodeFlow::statusChanged, [](QAbstractOAuth::Status status) {
                switch (status) {
                    case QAbstractOAuth::Status::Granted: {
                        qDebug()<<"status: Granted";
                    case QAbstractOAuth::Status::NotAuthenticated: {
                        qDebug()<<"status: NotAuthenticated";
                    case QAbstractOAuth::Status::TemporaryCredentialsReceived: {
                        qDebug()<<"status: TemporaryCredentialsReceived";
                    case QAbstractOAuth::Status::RefreshingToken: {
                        qDebug()<<"status: RefreshingToken";
            connect(m_oauth2, &QOAuth2AuthorizationCodeFlow::replyDataReceived, [](QByteArray data){

    When I start this code I see the web browser with code but my application doesn't receive any signals and callback from browser and I can't get token for authorize on the backend.
    My question is what I'm doing wrong and where I can find good example which using redirect_uri as urn:ietf:wg:oauth:2.0:oob?

  • Hello Andrew!

    Could you please answer me, have you succeed in solving this task, because I have got the same problem now and can`t find any solution. If an answer is "yes", would you be so kind to share information about the way you have done this?

  • Hello Yuriy_KHA!

    Sorry for the later answer but I didn't find any solutions for this. I using web view with catching redirect of request. Something like this I'm using on iOS when I don't have special SDK and need to use OAuth2 authorization.

  • I'm using oauth2 with Microsoft Graph API and I could perform some basic queries using the web server created by QOAuthHttpServerReplyHandler on http / localhost.

    When I registered my app on I had the option to specify platform: native application (with similar URI as you specified and this URL or web application (where I could specify http://localhost:myport as it is configured in the call of QOAuthHttpServerReplyHandler ).

    I don't see how the ShikimoriOAuthServerReplyHandler defines the redirect url but I guess it is the same as you specified "urn:ietf:wg:oauth:2.0:oob". Maybe I misunderstood something but I think with the nativeclient link the user gets redirected to a page where user should copy some tokens from the page and paste to your app. By using the web application your app can directly communicate with the oauth2 server.

    I followed the steps of the following guide to see the details of the communication with wireshark:

    Have you resolved this meanwhile and what was your solution?

  • Hello @Laszlo-LG,

    The answer to you question about my solutions of this problem will be and YES and NO. I can tell YES because My application is working for now with OAuth2 authorisation. My solution is a using URL scheme for application. This schemes are using when you need to open your application from the other application or from the email. I'm setting as a redirect url my url scheme. When my application received redirect url My application gets correct token. Also I can tell NO because the url scheme is not a best solution. I think can be done more universal solution for this.