验证失败! invalid_credentials:OAuth ::未经授权,需要401授权

时间:2019-01-02 03:37:25

标签: ruby-on-rails ruby devise omniauth omniauth-twitter

我想创建Twitter登录功能,但发生错误。

我的错误是

Authentication failure! invalid_credentials: OAuth::Unauthorized, 401 Authorization Required
Processing by Users::OmniauthCallbacksController#failure as HTML
  Parameters: {"oauth_token"=>"OFSEOwAAAAAA9LdUAAABaAyY_Uc", "oauth_verifier"=>"hogehogehoge"}
Redirected to http://localhost:3000/

initializers / omniauth.rb

Rails.application.config.middleware.use OmniAuth::Builder do
  provider :twitter, 'agfrfgagfkfuauR1U8Busfd4KAiq', 'djkjsgkjgkasjkdfjskajfkjdskfjsk'
end

initializers / divise.rb

 config.omniauth :twitter, ENV['TWITTER_API_KEY'], ENV['TWITTER_API_SECRET'], scope: 'email', oauth_callback: "#{ENV['HOST']}/users/auth/twitter/callback"

routes.rb

 devise_for controllers: { registrations: "registrations", omniauth_callbacks: 'users/omniauth_callbacks' }

controllers / users / ominiauth.rb

class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController

  # callback for twitter
  def twitter
    callback_for(:twitter)
  end

  def callback_for(provider)
    @user = User.from_omniauth(request.env["omniauth.auth"])
    if @user.persisted?
      sign_in_and_redirect @user, event: :authentication #this will throw if @user is not activated
      set_flash_message(:notice, :success, kind: "#{provider}".capitalize) if is_navigational_format?
    else
      session["devise.#{provider}_data"] = request.env["omniauth.auth"].except("extra")
      redirect_to new_user_registration_url
    end
  end

  def failure
    redirect_to root_path
  end
end

model / user.rb

devise :omniauthable, omniauth_providers: %i[twitter]
  def self.from_omniauth(auth)
    where(provider: auth.provider, uid: auth.uid).first_or_create do |user|
      user.email = auth.info.email
      user.password = Devise.friendly_token[0,20]
    end
  end

请教我一个提示!

1 个答案:

答案 0 :(得分:0)

假设您使用宝石deviseomniauth-oauth2omniauth-twitter

检查Rails应用程序中提供的API密钥和API密钥是否与您注册的Twitter应用程序中的API密钥和API密钥匹配。