I get 'error=invalid_client_id' from Uber when I try to authenticate using the omniauth-uber gem on localhost. I registered my app with Uber and have triple checked my clientID. Is it possible that it is related to me being on localhost and uber not recognizing my app for that?
config/initializer/omniauth.rb file (i've specified my secret key in .env):
Rails.application.config.middleware.use OmniAuth::Builder do
provider :uber, ENV['UBER_CLIENT_ID'], ENV['UBER_CLIENT_SECRET'], :scope => 'profile,history'
end
The snippet from the view that makes the request.
<div id="sign-in">
<%= link_to "Sign in with Uber", "/auth/uber" %>
</div>
The Url that I have specified in the uber app registration under the authentication section:
Redirect URL: https://localhost:3000/auth/uber/callback
Origin URI: https://localhost:3000/
I was able to fix the problem by changing my uber app urls from HTTPS to HTTP. I then also removed the ENV from my omniauth.rb file and put the secret key directly in it:
Rails.application.config.middleware.use OmniAuth::Builder do
provider :uber, 'UBER_CLIENT_ID', 'UBER_CLIENT_SECRET', :scope => 'profile,history'
end
Related
I'm looking for a way to use a URL provided as a parameter in the POST request to create a user as the confirmation URL for confirming my Devise user model. The use case is that I have a rails application acting as an API for a frontend react app (setup using webpack) and I want the URL in the confirmations instructions email sent to the user to link to the frontend app, which would then send an API request to the backend to manually confirm the user, instead of the user visiting my backend API URLs themselves.
I want it so that the backend could potentially be used with other clients in the future, so the URL to be used must be variable. Currently I'm trying to pass it in the API request to create the user, and then somehow I would need a way to get this variable into the Devise mailer.
The end goal looks something like this:
# app/views/devise/mailer/confirmation_instructions.html.erb
<p>Welcome <%= #email %>!</p>
<p>You can confirm your account email through the link below:</p>
<p><%= link_to 'Confirm my account', #custom_confirmation_url ? "#{#custom_confirmation_url}#{#token}" : confirmation_url(#resource, confirmation_token: #token) %></p>
where #custom_confirmation_url is the variable holding the value of the URL passed into the POST request to register a new user.
I was potentially thinking of simply redirecting the user to my frontend after the confirmation, with something like this but I don't see how I'd make it work with multiple frontend clients, if I went that route.
I'm open to thoughts on whether or not this approach is even worth considering, or if there's a more stylistically correct way of accomplishing this.
I'm using the 'Authenticating without the SoundCloud Connect Screen' method of authentication (see http://developers.soundcloud.com/docs#authentication). That's the method where you provide the whole shebang of credentials -- client_id, client_secret, username, and password. I'm also using the Ruby SDK.
# create client object with app and user credentials
client = Soundcloud.new(:client_id => 'YOUR_CLIENT_ID',
:client_secret => 'YOUR_CLIENT_SECRET',
:username => 'YOUR_USERNAME',
:password => 'YOUR_PASSWORD')
I am trying to use the client to resolve a user.
puts client.get('/resolve', :url => 'https://soundcloud.com/random-username').inspect
However, I keep getting a 401 Unauthorized returned by the client.
I can confirm that I am authenticating, because the following executes fine.
puts client.get('/me').username
Does anyone have any clues what I'm doing wrong?
I figured out that you need to include your client_id in every request.
puts client.get('/resolve', :url => 'https://soundcloud.com/random-username', client_id: 'YOUR_CLIENT_ID')
I have a Rails 3.2 app with Devise for authenticating users.
On local development mode, the Sign-out link is not working. It redirects me to home page instead of showing Sign-in page and the session is not destroyed. But on Heroku, clicking on Sign-out link properly logs me out and shows me the Sign-in page destroying the user session.
In application .haml layout page, the link to Sign-out page is:
= link_to "Sign Out", destroy_user_session_path, :method => :delete
Related routes:
devise_for :users, :controllers => { :sessions => 'sessions' }
new_user_session GET /users/sign_in(.:format) sessions#new
user_session POST /users/sign_in(.:format) sessions#create
destroy_user_session DELETE /users/sign_out(.:format) sessions#destroy
I have inherited the Devise::SessionsController to SessionsController in my app as below:
class SessionsController < Devise::SessionsController
layout 'devise_layout'
end
Now the weird case is that, after the session is expired which is default 30 minutes, I log in again and click on Sign-out link, it redirects me back to Sign-in page.
All works fine on Heroku, it fails on local. I am unable to figure it out what is happening on local.
I don't think I am doing anything wrong here because same is deployed to Heroku and is working fine there. What's wrong with development mode on local?
Oops...answering late.
Anyway, I was able to figure out the issue. Actually the app is subdomain based. So I used lvh.me:3000 for testing on local as localhost:3000 doesnt support subdomain.
The workaround is to set subdomain as "lvh.me" in session_store.rb.
domain: 'lvh.me'
I'm having a problem using a sub url, when I try to access through authentication page, it generates an authentication cookie, but i keep on login screen and if i try access some page it says that i must got logged.
If you mean sub-domain, you have to change, your config/initializer/session_store.rb
And add your subdomain, with a dot before like that :
Rails.application.config.session_store :cookie_store, :key => '_key', :domain => ".yourdomain.com"
This is the tutorial I followed. Scroll down to the Google open-id integration:
https://github.com/plataformatec/devise/wiki/OmniAuth:-Overview
On the server I get the following rejection message after clicking the login with google link:
WARNING: making https request to https://www.google.com/accounts/o8/id without verifying server certificate; no CA path was specified.
processing by users omniauthcallbackscontroller failure as html
EDIT the following two lines fixed the CA path Warning but did nothing to fix the failure as html problem or move me forward
require "openid/fetchers"
OpenID.fetcher.ca_file = "/etc/ssl/certs/ca-certificates.crt"
It then re-routes me to users/sign_in.
My devise config line looks like this:
config.omniauth :open_id, :store => OpenID::Store::Filesystem.new('/tmp'), :name => 'google', :identifier => 'https://www.google.com/acounts/o8/id', :require => 'omniauth-openid'
My research tells me that I'm probably hitting the openID servers but that I'm getting rejected. Is there anyway to get more info from some sort of rejection notice? What could be wrong with my request?
One thing I thought of was credentials for open ID but I didn't see anywhere in the tutorial where I was supposed to get or enter any credentials.
Try to specify the ca_path:
config.omniauth :open_id, :store => OpenID::Store::Filesystem.new('/tmp'),
:name => 'google',
:identifier => 'https://www.google.com/acounts/o8/id',
:require => 'omniauth-openid',
:client_options => {:ssl => {:ca_path => '/etc/ssl/certs'}}
And see if it works.