我正在尝试使用Rails 4.1对Oauth2提供程序进行身份验证。在被重定向到授权/拒绝提示,然后单击授权后,我被重定向到我的回调网址并遇到以下错误:
Started GET "/auth/</callback?code=<code>&state=<state>" for 127.0.0.1 at 2014-08-25 12:47:57 +0200
I, [2014-08-25T12:47:57.981471 #12769] INFO -- omniauth: (<provider>) Callback phase initiated.
E, [2014-08-25T12:47:58.697527 #12769] ERROR -- omniauth: (<provider>) Authentication failure! invalid_credentials: OAuth2::Error, invalid_client: Client authentication failed due to unknown client, no client authentication included, or unsupported authentication method.
{"error":"invalid_client","error_description":"Client authentication failed due to unknown client, no client authentication included, or unsupported authentication method."}
OAuth2::Error (invalid_client: Client authentication failed due to unknown client, no client authentication included, or unsupported authentication method.
{"error":"invalid_client","error_description":"Client authentication failed due to unknown client, no client authentication included, or unsupported authentication method."}):
oauth2 (0.9.4) lib/oauth2/client.rb:113:in `request'
oauth2 (0.9.4) lib/oauth2/client.rb:138:in `get_token'
oauth2 (0.9.4) lib/oauth2/strategy/auth_code.rb:29:in `get_token'
omniauth-oauth2 (1.1.2) lib/omniauth/strategies/oauth2.rb:93:in `build_access_token'
omniauth-oauth2 (1.1.2) lib/omniauth/strategies/oauth2.rb:75:in `callback_phase'
omniauth (1.2.2) lib/omniauth/strategy.rb:227:in `callback_call'
omniauth (1.2.2) lib/omniauth/strategy.rb:184:in `call!'
omniauth (1.2.2) lib/omniauth/strategy.rb:164:in `call'
omniauth (1.2.2) lib/omniauth/builder.rb:59:in `call'
rack (1.5.2) lib/rack/etag.rb:23:in `call'
rack (1.5.2) lib/rack/conditionalget.rb:25:in `call'
oauth2 gem会抛出错误,并且在开发过程中它永远不会到达我的/ auth / failure端点。我的routes.rb如下
Rails.application.routes.draw do
root 'static_pages#home'
# Auth routes
get '/auth/:provider/callback', to: 'sessions#create'
get '/signin', to: 'sessions#new', as: :signin
get '/signout', to: 'sessions#destroy', as: :signout
get '/auth/failure', to: 'sessions#failure'
end
我的会话控制器只是一个骨架,但它永远不会像我之前说的那样到达那里:
class SessionsController < ApplicationController
def new
redirect_to '/auth/<provider>'
end
def create
redirect_to root_url, notice: 'Signed in'
end
def destroy
redirect_to root_url, notice: 'Signed out'
end
def failure
redirect_to root_url, alert: "Oops: #{params[:messsage].humanize}"
end
end
我确定我使用的ID和密钥有效(他们使用此工具https://www.runscope.com/oauth2_tool)。我使用以下策略,由Oauth提供商实施:
module OmniAuth
module Strategies
class <Provider> < OmniAuth::Strategies::OAuth2
# Give your strategy a name.
option :name, '<provider_name>'
option :provider_ignores_state, true
# This is where you pass the options you would pass when
# initializing your consumer from the OAuth gem.
option :client_options, {
site: 'https://<provider>/api/3',
authorize_url: 'https://<provider>/oauth2/authorize',
token_url: 'https://<provider>/oauth2/token'
}
option :authorize_params, {
response_type: 'code'
}
# These are called after authentication has succeeded. If
# possible, you should try to set the UID without making
# additional calls (if the user id is returned with the token
# or as a URI parameter). This may not be possible with all
# providers.
uid{ raw_info['id'] }
info do
{
:name => [ raw_info['first_name'], raw_info['last_name'] ].join(' '),
:email => raw_info['email']
}
end
extra do
{
'raw_info' => raw_info
}
end
def raw_info
@raw_info ||= access_token.get("#{options[:client_options][:site]}/me").parsed
end
end
end
end
我怀疑它没有发送一个正确的access_token请求,但我还没有设法诊断它。任何帮助将不胜感激。