Ruby,Sinatra,omniauth-github身份验证失败回调错误

时间:2012-07-26 01:44:01

标签: ruby authentication github sinatra omniauth

好吧,它已经超过5个小时,我仍然没有在哪里。我想要做的是在我的一个基于Ruby-Sinatra的应用程序中设置omniauth-gihub gem。以下是我的所作所为。

将Gems添加到Gemfile(& Ran bundler update命令):

source 'https://rubygems.org'

gem 'sinatra'
gem 'haml'
gem 'shotgun'
gem 'omniauth', :git => 'git://github.com/intridea/omniauth.git'
gem 'omniauth-github', :git => 'git://github.com/intridea/omniauth-github.git'

在我的app.rb文件中,我有以下代码:

#imports
require 'rubygems'
require 'bundler'
require 'sinatra'
require 'omniauth'
require 'omniauth-github'
require 'haml'
require './helpers.rb'

#Configure OmniAuth
use OmniAuth::Builder do
  provider :github, ENV['api_key'], ENV['secret'], # Removing the key and secret for security reasons
  scope: "user,repo,gist"
end

#Application Settings
set :sessions, true
set :views, 'templates'


#Get Method for Application Root
get '/' do
  haml :index
end

#Get/Post Methods For Authentication
%w(get post).each do |method|
  send(method, "/auth/:provider/callback") do
    env['omniauth.auth']
  end 
end

Github应用程序的设置如下:

URL = http://127.0.0.1:4567
Callback URL = http://127.0.0.1:4567/auth/github/callback

现在每当我访问127.0.0.1:4567/auth/github/callback时,我都会收到以下错误:

I, [2012-07-26T07:05:23.540462 #30458]  INFO -- omniauth: (github) Callback phase initiated.
E, [2012-07-26T07:05:23.540700 #30458] ERROR -- omniauth: (github) Authentication failure! invalid_credentials: OmniAuth::Strategies::OAuth2::CallbackError, OmniAuth::Strategies::OAuth2::CallbackError
localhost - - [26/Jul/2012:07:05:23 IST] "GET /auth/github/callback HTTP/1.1" 302 9
- -> /auth/github/callback
localhost - - [26/Jul/2012:07:05:23 IST] "GET /auth/failure?message=invalid_credentials&strategy=github HTTP/1.1" 404 448
- -> /auth/failure?message=invalid_credentials&strategy=github
localhost - - [26/Jul/2012:07:05:23 IST] "GET /favicon.ico HTTP/1.1" 404 447
- -> /favicon.ico

似乎它甚至没有尝试连接到github,我以为我已经登录了所以我退出了github并尝试再次访问127.0.0.4567/auth/github/callback,是的,它甚至没有连接或发送任何信息给github。

我检查了我的api密钥和秘密,他们是正确的。我无法弄清楚我错过了什么,我真的很累。任何帮助或建议将不胜感激。

EDIT ::

好的,我发现提出错误的代码如下oauth2.rb

def callback_phase
    if request.params['error'] || request.params['error_reason']
      raise CallbackError.new(request.params['error'], request.params['error_description'] || request.params['error_reason'], request.params['error_uri'])
    end 
    if request.params['state'].to_s.empty? || request.params['state'] != session.delete('omniauth.state')
      raise CallbackError.new(nil, :csrf_detected)
    end

我觉得这与CSRF有关。

2 个答案:

答案 0 :(得分:2)

这可能是有趣的: https://github.com/intridea/omniauth-github/issues/12

我收到了与你相同的错误,并添加了范围:'user'为我修复了它。

我发现你已经在使用示波器,但链接可能会让你走上正轨。

答案 1 :(得分:2)

有同样的问题 - 将omniauth-facebook降级到1.4.0为我修复了它。 https://github.com/mkdynamic/omniauth-facebook/issues/73