Comments (5)
@msuliq thanks for the update.
The code from this issue was a proof of concept I was doing and I eventually fixed the issue (although I'm not sure what I've changed 😆)
I also updated the code to use OIDC (https://github.com/doorkeeper-gem/doorkeeper-openid_connect) instead of using a custom strategy (I'm building both RP and IdP). It makes much more sense for my use cases than relying just on oauth and implementing custom identity endpoints like "/api/v1/me.json"
For those who read this, avoid that link in the first post and follow the official documentation. :)
from omniauth.
Try and see if this works w/o the monkey patch, as monkey patching it could break other strategies if you use them.
Devise.setup do |config|
config.omniauth :doorkeeper, "fake_client_id", "fake_client_secret, scope: 'read', auth_scheme: :request_body
end
from omniauth.
@raivil I am having similar issue when trying to connect Instagram Basic to my app: users cannot authenticate thru it but can connect their Instagram links to their profiles on my app.
Have you tried using curl to pass the requests and see if it works or not? In my case curl was working perfectly, but the app did not and the difficult part was that the issue was somewhere within the gems' source code.
My issue was that the authorization code incoming from the IG server was being processed within oauth2 as authentication method. Apparently OAuth2::Client
has auth_scheme
variable, which is set to basic_auth
by default and should have been request_body
in my case.
I ended up monkey patching the OAuth2::Client
as follows:
module OAuth2
class Client
def initialize(client_id, client_secret, options = {}, &block)
opts = options.dup
@id = client_id
@secret = client_secret
@site = opts.delete(:site)
ssl = opts.delete(:ssl)
@options = {
authorize_url: 'oauth/authorize',
token_url: 'oauth/token',
token_method: :post,
auth_scheme: :request_body,
connection_opts: {},
connection_build: block,
max_redirects: 5,
raise_errors: true,
logger: ::Logger.new($stdout),
access_token_class: AccessToken,
}.merge(opts)
@options[:connection_opts][:ssl] = ssl if ssl
end
end
end
And for now it seems to work fine. I hope it will help you and others to save time trying to pinpoint the source of this bug. Cheers!
from omniauth.
@msuliq you shouldn't need to monkey patch that, you should be able to pass that key/value into the options hash
from omniauth.
Thank you @BobbyMcWho for the suggestion, but the config does not help, since the options are being set in the OAuth2. I figured that I can pass the auth_scheme
inside the options
hash (opts
in the OAuth2::Client
), which will be then merged with the pre-set @options
, so my value in opts
should overwrite the default auth_scheme
. I have updated my strategy to look like following:
require 'omniauth-oauth2'
module OmniAuth
module Strategies
class Instagram < OmniAuth::Strategies::OAuth2
option :client_options, site: 'https://api.instagram.com',
authorize_url: 'https://api.instagram.com/oauth/authorize',
token_url: 'https://api.instagram.com/oauth/access_token',
auth_scheme: :request_body
...
And this should a better solution than monkey patch. Thanks for the help and time!
from omniauth.
Related Issues (20)
- Really confused about implementation HOT 4
- How to configure OmniAuth::AuthenticityTokenProtection for Hanami HOT 1
- Loading strategies from database HOT 1
- Feature Request: sign in with Ethereum HOT 3
- Omniauth failed to detect the url -> Authentication passthru HOT 1
- nil error in `callback_path` after omniauth 2 update HOT 8
- Programatically invoke an omniauth strategy HOT 3
- `Rack::Builder#to_app` is not designed to be called for every request. HOT 18
- CSRF in Rack for callbacks requests
- Compatibility issues with rack-protection 3.x HOT 5
- Add Bake test for devise
- SSO Attlassian -> Gitlab (new user) HOT 1
- Memory leak possible HOT 2
- Allow customization of the login form? HOT 2
- Request phase - ActionController::InvalidAuthenticityToken even after skip_before_action HOT 1
- why user_response_structure's image have no effect HOT 2
- Need to update rack configuration from 2.2.3 to 2.2.3.1 HOT 1
- rack's executable "rackup" conflicts with rackup HOT 4
- Authentication failure! undefined method 'headers' HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from omniauth.