Google App Engine application user login causing redirect loop
I was having a lot of problems registering at http://entanglement.gopherwoodstudios.com/ , a web game that uses google accounts to login and apps on the back end.
Many players have reported getting a redirect loop error when trying to login. We have one computer in our office that is experiencing this behavior that we can test with, and here are the results:
- The redirect loop error only happens in Google Chrome and happens for every google account we tried.
- Incognito gives the same result.
- Clearing cookies and restarting the browser also doesn't work.
- Login to "appspot.com" version completed successfully.
- Signing in using a different browser works great, just like signing in to the same account using Chrome on a different computer.
Server side uses Python and self.redirect (users.create_login_url (self.request.uri)). I tried several iterations with python redirects according to other information I found on this site regarding login redirects, but nothing seems to work. (e.g. Application login redirection failed )
Is there something I should be doing server side? My Python code closely follows the user login examples provided by Google. Is this an issue with Chrome not related to User Engine User implementation?
Update - here is an example of a sequence of events as listed below:
ServiceLoginAuth POST 302 Other
CheckCookie GET 302 https://accounts.google.com/ServiceLoginAuth
SetSID accounts.youtube.com/accounts GET 302 https://accounts.google.com/CheckCookie?continue=https%3A%2F%2Fappengine.google.com%2F_ah%2Fconflogin%3Fcontinue%3Dhttp%3A%2F%2Fentanglement.gopherwoodstudios.com%2Fverify&shdf=ChgLEgZhaG5hbWUaDEVudGFuZ2xlbWVudAwSAmFoIhSfkpps7Sou7p0pDcUggvvv-l0GlygBMhT6m5i8V2EjrED8udVQ6r4Zv7VD2A&service=ah<mpl=gm&chtml=LoginDoneHtml&checkedDomains=youtube&checkConnection=youtube%3A199%3A0&pstMsg=1
conflogin appengine.google.com/_ah GET (canceled) https://accounts.youtube.com/accounts/SetSID?ssdc=1&sidt=ALWU2ctPyHwOiQrNHkiA%2F7K8edJ99Cfify%2BvvvmKMq1NJed9MhiJ24KelscxzD6XaYmmzTirp3jlKKPe6xa2XkkHR7fR4Gyk%2FiDd%2BO6dbtIns2qkEpSTvzJaQD66SfDKAfpx846QNbu6MsgIcZuSJ5CAILyruSb2eRUW7njEWxVCHtTAeyNWmsLgtyx9kAFjlhE81wgZ5fyqbInld2XSFYC4WyWWjLQPygBhCVLShNqKJ7RaYCJQhcfbNVJOU9CDgzjiH9dtEJACr2Xu0W5JN%2B8pM4d3hcyUcg%3D%3D&continue=https%3A%2F%2Fappengine.google.com%2F_ah%2Fconflogin%3Fcontinue%3Dhttp%253A%252F%252Fentanglement.gopherwoodstudios.com%252Fverify%26auth%3DDQAAAIQAAAD6sQNlJFsUQIrUZMw29w8RwHmwQGvP2ZqQdPRsVz0XGRSmoUK3HxEWytjGroJPTHFAWJCr5ryr5SyWu7ASaeOCGrRZF7H0-wNyL81eJM98LcshCd9eAUHpuwPPXxtOpL9Eq72Akl-ZL0tm59J5r3xMWLvYmPz9O6kcS1_9RvSyjOOOFwClziEVOMeO5oufmZs
conflogin entanglement.gopherwoodstudios.com/_ah GET 302 Other
verify entanglement.gopherwoodstudios.com GET 302 http://entanglement.gopherwoodstudios.com/_ah/conflogin?state=AJKiYcHh2jBzY-th8sqOLfwzTUHt5baRGtYquOLUPRXHgsg0zgaf052TVjKOpFGqd24XAM3jxKHDtz8-Dhnsmik81XwSAewQ02dBeb3Ey0w7GLSPho6LP-BhjQrKDOEVWnsZNWngekespXIfKj-6y62a9o3ewKzgeRo0mRomykVdlrs6mFsL9LM7Qv3pRS0yaj9aLBScP8gYpzbfWYharYZET3PDqO99pNcxVZrZgbG12UharF-rukhAP4bpCPhBHS3aagvphQhTgHIaSk7maeSwmsKr2-hsbdca5E8F50Gjuorh7oNO12RQU9UAbJdiuZ_P62JfqVlFPB4-BhIowQ0Q2jGrT9Ly8X78xNfKIDigHj8kqamew_9it4sjgkKkwnam10xV8ILBB8S8iptlfQuaXPWkZAi9hMeYYa6-cvvBiHWSVnTsoDQ75AjMwKIepP3zevRpcwmWCA9IF-yB_EViugDhc9u62rZZRwBKch-JtSti-jlnJisdE05EjGCSmdRrYYawoSqZdI_ejQV-o6Ot352O3LypMDDtP3ksc0e8LJt4EkmYznT3FhBCmUymCLB-Sw9xq_rb
ServiceLogin www.google.com/accounts GET 302 http://entanglement.gopherwoodstudios.com/verify
ServiceLogin GET 302 https://www.google.com/accounts/ServiceLogin?service=ah&passive=true&continue=https://appengine.google.com/_ah/conflogin%3Fcontinue%3Dhttp://entanglement.gopherwoodstudios.com/verify<mpl=gm&shdf=ChgLEgZhaG5hbWUaDEVudGFuZ2xlbWVudAwSAmFoIhSfkpps7Sou7p0pDcUggvvv-l0GlygBMhT6m5i8V2EjrED8udVQ6r4Zv7VD2A
conflogin appengine.google.com/_ah GET (canceled) https://accounts.google.com/ServiceLogin?service=ah&passive=true&continue=https://appengine.google.com/_ah/conflogin%3Fcontinue%3Dhttp://entanglement.gopherwoodstudios.com/verify<mpl=gm&shdf=ChgLEgZhaG5hbWUaDEVudGFuZ2xlbWVudAwSAmFoIhSfkpps7Sou7p0pDcUggvvv-l0GlygBMhT6m5i8V2EjrED8udVQ6r4Zv7VD2A
conflogin entanglement.gopherwoodstudios.com/_ah GET 302 Other
verify entanglement.gopherwoodstudios.com GET 302 http://entanglement.gopherwoodstudios.com/_ah/conflogin?state=AJKiYcE0J5fwV9X1rnIOD3aGfKV3EfLCsbXtxgXur-Yqgd7dCnhYNI474er3pCDe63i6L0MKv51cSrtanuQhjzPjGOUZbOdBsATDlAcZDdkyfhqlRE5D7nzs5fDFop23odOD-92CLTAhrdBf9G3Q-HC7ItALo5nej2wxD58zxd0XsLQ0BmezsjWNaI_OrPtjb7z5T7yKnIen-D3NZkxq582CwunrMH_vsD4DM2Oj5TWPVpT3LoFw4-aEQCxztjvvTeUmQd9Tn1CD41BhSEfTVAaQ_68DyCtPSJBs1bKkjavPNIfDo1b0XxlkuukqBumTJlfWiwV0HttGu6hEN7eA91KkInyQ42Avq5VcUo7QobVsCxqhih9nfD3YQb5VaT4gDg0exSfF17Idq_gKjOqmPa-08fKp1wqh1ZzztOiMUXWqVTKmMCg4qdyA5y4bHE40VQ_n9xpV3ZrHQLJRmI2sZ06MSZOg3uUJygwCPy8Jndam1Krasa3ILr0IgymhCjs0VoxarOfdTqfV8zSMLshzNv0TXro_7iplMtdETwFsXdw4YXKaDpizQD18-l_iCP0GQEA6RxiNCxw4
ServiceLogin www.google.com/accounts GET 302 http://entanglement.gopherwoodstudios.com/verify
ServiceLogin GET 302 https://www.google.com/accounts/ServiceLogin?service=ah&passive=true&continue=https://appengine.google.com/_ah/conflogin%3Fcontinue%3Dhttp://entanglement.gopherwoodstudios.com/verify<mpl=gm&shdf=ChgLEgZhaG5hbWUaDEVudGFuZ2xlbWVudAwSAmFoIhSfkpps7Sou7p0pDcUggvvv-l0GlygBMhT6m5i8V2EjrED8udVQ6r4Zv7VD2A
conflogin appengine.google.com/_ah GET (canceled) https://accounts.google.com/ServiceLogin?service=ah&passive=true&continue=https://appengine.google.com/_ah/conflogin%3Fcontinue%3Dhttp://entanglement.gopherwoodstudios.com/verify<mpl=gm&shdf=ChgLEgZhaG5hbWUaDEVudGFuZ2xlbWVudAwSAmFoIhSfkpps7Sou7p0pDcUggvvv-l0GlygBMhT6m5i8V2EjrED8udVQ6r4Zv7VD2A
conflogin entanglement.gopherwoodstudios.com/_ah GET 302 Other
verify entanglement.gopherwoodstudios.com GET 302 http://entanglement.gopherwoodstudios.com/_ah/conflogin?state=AJKiYcHAxNQQfH71c7VECr-HiYMOnk53-vBka6npDKTcKBmI_p9i6y-_I6IpAlhZkbwpH5KUqoxxvEJimdiMzFMwSrmeuJLCSOB6QN_GRYkdFmc5Skggg-4uNQUmhQcduuDSglNV6kKIQAFjLXh6QngRHmeO6mlsDZ0TyV4zFRjU9cdbvgF7RhKQgDSgRK7hw_UyXsDXDCehdA8b0zSFB0kWpLPgIflokGteTiNve65Q1D4MWwvuCjCMiYhk_ZVSEpvc9-VSuxr4rv5tWCgzU0RaSILQpn6Dasvmb2MrttkGKTp5siP5_WXCtY6tt9iLicCIE5Yz0ZpJgp01_2vxE9kVaHalImgx_uZHW736l9-FKM0Y3yAK-7uPOTAV6CL5UHANaiTVLjqoMTVrnXCDfFsq8PRg70z-D-U2aLGYDXgeqlpKn3oszezHwguyY5WM75TPOJAYCQFs2o1w0v-aomoANBaE8WU2zQ1VkoS8ijQ-udOSReEiDR_o7-DFtvLWlczbl3yORH5Ue2P8o18xCYFdvZJCL-_MltpyaxBI9azP6ngJcz8hu8bxO2sEVmIpzd56jjASfwcH
ServiceLogin www.google.com/accounts GET 302 http://entanglement.gopherwoodstudios.com/verify
ServiceLogin accounts.google.com GET 302 https://www.google.com/accounts/ServiceLogin?service=ah&passive=true&continue=https://appengine.google.com/_ah/conflogin%3Fcontinue%3Dhttp://entanglement.gopherwoodstudios.com/verify<mpl=gm&shdf=ChgLEgZhaG5hbWUaDEVudGFuZ2xlbWVudAwSAmFoIhSfkpps7Sou7p0pDcUggvvv-l0GlygBMhT6m5i8V2EjrED8udVQ6r4Zv7VD2A
conflogin appengine.google.com/_ah GET (canceled) https://accounts.google.com/ServiceLogin?service=ah&passive=true&continue=https://appengine.google.com/_ah/conflogin%3Fcontinue%3Dhttp://entanglement.gopherwoodstudios.com/verify<mpl=gm&shdf=ChgLEgZhaG5hbWUaDEVudGFuZ2xlbWVudAwSAmFoIhSfkpps7Sou7p0pDcUggvvv-l0GlygBMhT6m5i8V2EjrED8udVQ6r4Zv7VD2A
conflogin entanglement.gopherwoodstudios.com/_ah GET 302 Other
verify entanglement.gopherwoodstudios.com GET 302 http://entanglement.gopherwoodstudios.com/_ah/conflogin?state=AJKiYcE7y4DwceZDUhnq9VjbvCXMntARCwn2O8zGJa-TqJjH1QeTSFEeTsleP20ImaDTYNGNFbzF5ViRZuwAXhBcmv2U5hEq4RImYhb0_W4_BI_XPAUf0xVzI25N1mx4dS1IqMx8l6chimKLMWf0gyNENCl1NYJEVkUzZFwDTOaUg_XvRuuSWH0ptDu4FxiysEgxbO0-IVi8mClgvaa42WgRoLZbTZ7rynsIuiOYcha3PzcJ5Ec0eODl6PiNAGeywOQfjMMofBWczBkmpJZiZ0RBHT9cUa5yIxsE9Acer7pUGdVK1VViOr_ymQyXp1aD06FEa05A2DgaPS9OYOHIH5NgZ1HWB-2ZofhDM4EjfKaP-ULXBhioNfzvvczROCZsXPE0fy4j3Q5364B10hniJ9TGgYytT1xGXVumREtCpEF-7md6VFtsFdCAFjcJ1lo-FQ7hQazrA3t_t7KmZSb-5gGES90yfaODCUClnBkakX5h1OAMBIStlfJoojIR19_8S0VdMs_JBwaMG991u1PjdQMR9rKbuQSmXr5HG98dqA0LbzQ6tlwT22b7_6noQ25JgnjcfVutbyL7
ServiceLogin www.google.com/accounts GET (failed) http://entanglement.gopherwoodstudios.com/verify
source to share
Coming back to this after a few months, I was able to look beyond our code and find what is causing this behavior. I'm not sure how this won't become a problem on our side, but here's the fix in the browser settings.
In chrome: // chrome / settings / content, if the "Block third party cookies and site data" checkbox is checked, there is an issue with the redirect loop. If it is not set, the login works as expected.
source to share