How to identify authetication failure reason using omniauth-twitter gem - ruby-on-rails-3

I'm using twitter + devise + omniauth + omniauth-twitter to autheticate users via twitter api. From my site I reach, twitter login. I give my twitter credentials. After that I'm redirected to callback url. But the response says the authetication failed. Is there a way I can identify the reason for authetication failure.
If the authetication is successful, I'll have the information in request.env['omniauth.auth'] . What about when the authetication fails? Is there any similar variable available?

Yes, you can use request.env['omniauth.error'].

Omniauth redirects to "/auth/failure" when the authentication fails and it passes a message parameter with the error. So if you catch that in your routes.rb, then you can log params[:message] in the corresponding controller action to figure out what happened.

Related

Not able to Authenticate using OAuth2 for Twitter from Postman

I am trying to send the Single Tweet GET request from Twitter API v2 collection. I used the OAuth2 Authorization Type.
When I click on Get New Access Token, after providing the Configuration Options I get the following window
But when I click on Back, I am logged in to my Twitter account.
Meanwhile, my Get New Access Token window is still waiting to receive a response.
Has anybody encountered this before?
I've tried using Bearer Token instead and it works without a problem.
I also tried logging out and logging back in from the Twitter login but still did not authenticate successfully.
For me, it's because I used localhost in my callback URL.
Don’t use localhost as a callback URL
Instead of using localhost, please use a custom host locally or http(s)://127.0.0.1
ref: https://developer.twitter.com/en/docs/apps/callback-urls
My Problem is solved Now, This issue was caused Because I have not added the Callback URL in the postman that I have added in the Twitter developer account project.
And Second main reason for that because I did not add the accurate scopes tweet.

Ember-Simple-Auth customised Devise Authenticator serverTokenEndpoint defaulting to users/sign_in

Pretty much as described in the title. I have a basic Ember Simple Auth setup. With a Devise Authenticator I've setup a custom URL for the serverTokenEndpoint.
(Coffeescript)
devise = DeviseAuthenticator.extend
serverTokenEndpoint: ENV.apiBaseURL + 'session'
tokenAttributeName: 'authentication_token'
resourceName: 'session'
export default devise
Authenticating and Invalidating are ok. But trying to navigate to certain pages I get requests for - https://apiBaseURL/users/sign_in. Which the endpoint doesn't exist.
Why is the configured URL not being used?
Or are there any other places this URL is set? Or used? It's currently causing the page to break and the user cannot continue.
Leaving this question here incase others stumble upon this issue as well. It was actually an issue with the back-end Devise setup.
Any endpoint which required Authentication token was sending this redirect if no token found/ was invalid. URL was take from the devise configuration of the back-end.

How to authentificate on SoundClound using OAuth 2.0 without using redirect uri on a desktop application?

I would like to develop a desktop application.
Sadly I got stuck at login. I want to use a web view which be SoundClound login end point.
https://soundcloud.com/connect?client_id=my_client_id&response_type=token_and_code&scope=non-expiring
Using the above I received error : "invalid_client: The configured redirect_uri of the client application is invalid."
Would be nice if API would tell you which parameters are required and which are optional. As I read about OAuth 2.0, redirect uri is optional. This caused me confusion when received this error. I also tried curl version, same kind of error.
If I tried to add a random redirect_uri won't pass either. (I'm aware this is about security.)
I found this answer, but I doesn't work and I think is error-prone: it requires 2 text fields and you're asking the user to provide their credentials (then you're able to do what you want with them...)
Soundcloud API authentication without a web browser
I would like to do the flow this way:
Open a web view with SoundCloud login end point.
User is providing his credentials to SoundCloud Server.
SoundCloud Server is sending me a token.
Something similar to OAuth 1.0.
Is possible or is there something similar to achieve my goal?
After another few hours of research and keep trying to login I figured it out.
It works with redirect_uri after I did the setup for it on page "Your apps" on SoundCloud.

refresh token using omniauth salesforce

This is a ruby question using omniauth-salesforce. I have omniauth 1.1.1 and omniauth-salesforce 1.0.3, and I can get user authenticated. However no refresh_token is returned by default. I only get access_token. My callback URL is http:// localhost:3000/auth/salesforce/callback
Based on the description of "Digging Deeper into OAuth2.0 on Force.com", the default scope of https://login.salesforce.com/services/oauth2/authorize is id api refresh_token. But this is not the case.
Then I I tried to specify scope parameter in the omniauth.rb
provider :salesforce, salesforce_client_id, client_secret, {:scope => "id api refresh_token"}
Then I got an error saying:
the requested scope is not allowed
In addition, if I try to put the following on a browser and I got the same error message
https://login.salesforce.com/services/oauth2/authorize?response_type=code&client_id=3MVG9rFJvQRVOvk4RuIKaSYwf07LcsMtIAUK7h3Q6n5OHfD.IbFpEsROli3SqxWo67RklJ5FBdnYf4ejHNFrq&redirect_uri=http%3A%2F%2Flocalhost%3A3000%2Fauth%2Fsalesforce%2Fcallback&display=page&scope=api
Any help will be greatly appreciated.
Thanks,
You are correct to set the scope in your omniauth.rb's provider statement. However, before salesforce.com will issue a refresh_token the application must be configured to support this OAuth scope.
On salesforce.com, navigate to where you app is configured. (Setup > Create > Apps)
Under Connected Apps, click on your application's name to view its settings, then click Edit.
Under Selected OAuth Scopes, ensure that "Perform requests on your behalf at any time" is selected. You must include this even if you already chose "Full access".
Save, then try your OAuth flow again. It make take a short while for the update to propagate.
In your callback controller action, the refresh_token will now be available in request.env["omniauth.auth"].credentials.refresh_token.

Devise with omniauth-facebook "Invalid Credentials"

I'm trying to get Facebook authentication working with Devise through omniauth-facebook, I've followed the instructions here: https://github.com/plataformatec/devise/wiki/OmniAuth%3a-Overview
When I follow the login with Facebook link I am redirected to Facebook to login and accept the requested permissions.
I am then taken back to /users/sign_in with the error message "Could not authorize you from Facebook because "Invalid credentials""
Looking at the server logs the redirect comes from "/users/auth/facebook/callback?code=[long text string]" which is being processed with Users::OmniauthCallbacksController#failure rather than Users::OmniauthCallbacksController#facebook as I would have expected if it had worked.
Any suggestions as to why this is happening and how to resolve it much appreciated.
Ok, I had the very same issue. The reason for me turned out that I had defined this line in config/initializers/devise.rb:
config.omniauth :facebook ...
The app id and app secret were defined for my test Facebook app, and for production one. Fixing those id:s now fixed the problem.
facebook changes protocol from oauth to oauth2
the main difference that credentials (id, token, name..) now packaged into one hash. You should parse.