I was facing the same problem couple of days back. Even googling it didn't solve my problem.
So i decided to go indepth of it and guess what, i found the appropriate reason of this issue.
In my case the reason was the word .profile in google callback URL.
'https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.profile' (part of my callback url)
I had a conversation with my hosting provider(Hostgator) regarding this and initially they were saying that this issue is in the code not by their side. But i had enough evidence(i did show them by changing .profile to .abc and huaa... issue gone..) to show them that this issue is from server end. Then they were pitching me for VPS hosting(i have shared hosting) but i denied to take it then finally they accepted that they have a mod_security rule that is preventing the word .profile from security reason.
They have a weired mod_security rule of course.
When i got that they are not going to change mod_security rule for me then i altered socialite core package
core/vendor/laravel/socialite/src/Two/GoogleProvider.php
and commented profile here
protected $scopes = [
'openid',
//'profile',
'email',
];
then everything was good except i couldn't get username because of commenting profile but for me it was good to go. So this could be a trick to get rid of bad server rules.
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…