I am doing integration testing on omniauth. I am following this tutorial.
https://github.com/omniauth/omniauth/wiki/Integration-Testing
The tutorial says in order to mock failure we put this line
OmniAuth.config.mock_auth[:twitter] = :invalid_credentials
When i use facebook, it works. i.e it throws invalid credentials
OmniAuth.config.mock_auth[:facebook] = :invalid_credentials
When i use google, it doesn't work. i.e it successfully authenticates
OmniAuth.config.mock_auth[:google] = :invalid_credentials
Why does gmail not work? should i use any other symbol other than :google. I appreciate any help! Thanks!
You are probably using Google Oauth2 Strategy. For that you need to use the key :google_oauth2 instead of :google:
OmniAuth.config.mock_auth[:google_oauth2] = :invalid_credentials
Related
I'm using Sorcery gem with External submodule. For some reason I'm not getting an email back from Facebook and I'm pretty sure I have things configured correctly. I'm trying to troubleshoot this further but I can't figure out how to read what data IS being returned via oauth to verify where things are breaking down. Where can I pry in and read this info? Thanks!
Here is my sorcery config.
Rails.application.config.sorcery.submodules = [:external]
Rails.application.config.sorcery.configure do |config|
config.external_providers = [:facebook, :google]
config.facebook.key = "#{Rails.application.secrets.sorcery_facebook_key}"
config.facebook.secret = "#{Rails.application.secrets.sorcery_facebook_secret}"
config.facebook.callback_url = "#{Rails.application.secrets.sorcery_facebook_callback_url}"
config.facebook.user_info_path = "me?fields=email,first_name,last_name"
config.facebook.user_info_mapping = {:email => "email"}
config.facebook.access_permissions = ["email"]
config.facebook.scope = "email"
config.facebook.display = "popup"
config.facebook.api_version = "v2.5"
config.user_config do |user|
user.authentications_class = Authentication
end
config.user_class = User
end
Well, technically this answers the question of how to find out what is being returned.
Inside your oauth controller if you call access_token.get('me?fields=email') or whatever fields you're wanting you'll get a response with a URL field set. Copy that URL into a browser and you'll get a JSON list of your data. In my case I get nothing with email but I'm able to return first_name, last_name, name. Not quite sure why I still can't get email, but hopefully this helps somebody troubleshoot in the future.
Another way would be to build the URL yourself if you have the access_token available.
https://graph.facebook.com/me?access_token=<access token goes here>&fields=first_name,last_name,email
Access token is retrievable with #access_token.token from oauth controller.
UPDATE
So silly...I had the config correct, but apparently had never logged out of Facebook since I'd made the proper corrections. Logging out and having oauth connect again seems to have fixed things.
I'm using https://github.com/Fullscreen/yt to interact with Youtube API, but after a couple of hours of testing I'm unable to fetch comments from a video.
I suspect the reason is I'm requesting the wrong permissions, but I can't find anything clear in Google docs about what scope to ask. I appears from the OAuth playground it's https://www.googleapis.com/auth/youtube.force-ssl
but still, I'm not able to make it work.
This is the omniauth provider line to request a new token:
provider :google_oauth2, key, secret, {:scope => 'http://gdata.youtube.com,email,profile,youtube,youtube.force-ssl'}
And this is how I try to retrieve the comments:
Yt.configure do |config|
config.client_id = key
config.client_secret = secret
end
youtube_client = Yt::Account.new access_token: 'yadayada'
video = Yt::Video.new id: 'foobar', auth: youtube_client
puts video.comments
What I get is:
Yt::Errors::Forbidden: A request to YouTube API was considered forbidden by the server:
{"error"=>{"errors"=>[{"domain"=>"global", "reason"=>"insufficientPermissions", "message"=>"Insufficient Permission"}], "code"=>403, "message"=>"Insufficient Permission"}}
I've tried pretty much the same on channels too, same problem, that's why I guessed there's something wrong with my access_token.
Has someone done this? What am I doing wrong? Any example?
As per the documentation on the page you have shared the link of, I am not able to see this line of code:
account = Yt::Account.new authorization_code: '4/Ja60jJ7_Kw0', redirect_uri: redirect_uri
Every user who authorizes your app will be redirected to the redirect_uri with an extra code parameter that looks something like 4/Ja60jJ7_Kw0. Just pass the code to the following method to authenticate and initialize the account:
If this does not workout try Configuring with environment variables
As an alternative to the approach above, you can configure your app with variables. Setting the following environment variables:
export YT_CLIENT_ID="1234567890.apps.googleusercontent.com"
export YT_CLIENT_SECRET="1234567890"
export YT_API_KEY="123456789012345678901234567890"
is equivalent to configuring your app with the initializer:
Yt.configure do |config|
config.client_id = '1234567890.apps.googleusercontent.com'
config.client_secret = '1234567890'
config.api_key = '123456789012345678901234567890'
end
so use the approach that you prefer. If a variable is set in both places, then Yt.configure takes precedence.
Hope this Helps!!
I'm trying to integrate Withings with a rails apps. I'm using an Omniauth provider someone wrote called omniauth-withings. I was able to configure the provider to allow me to visit /auth/withings which redirects to the Withings authorization page. After I allow access, the browser is redirected to the callback url /auth/withings/callback. I have this routed to a controller action that attempts to get the measurement data from Withings using the simplificator-withings gem.
Withings.consumer_secret = ENV['withings_app_key']
Withings.consumer_key = ENV['withings_app_secret']
auth_hash = request.env['omniauth.auth']
user_id = auth_hash.extra.raw_info.body.users.first.id
withings_user = User.authenticate(user_id, auth_hash.credentials.token, auth_hash.credentials.secret)
measurements = withings_user.measurement_groups(:device => Withings::SCALE)
The problem happens when I call User.authenticate(), I get this:
An unknown error occurred - Status code: 2555
Is there something I'm missing here?
I was getting the same error with a django app. It turns out I was using the wrong token and secret. I was using the oauth_token and oauth_token_secret returned from step 1 of the authorization process, rather than the oauth_token and oauth_token_secret from step 3. Make sure you are using the values from step 3. The API documentation shows the same values returned from these calls, but they will be different. Hopefully this helps you too.
Our Rails 3 app uses facebook-omniauth, allowing users to authenticate with facebook.
It'd be nice to use as much of the web based authentication system as possible, so I tried following the answer (the one that hasn't been down-voted) to this SO question but I can't get it to work.
The gist of the answer is:
omniauth-facebook will handle requests to the callback endpoint with an access_token parameter without any trouble. Easy :)
So to test this, in my browser I'm issuing the following request:
/users/auth/facebook_api/callback?access_token=BAAB...
But in my server log, I see:
(facebook) Callback phase initiated.
(facebook) Authentication failure! invalid_credentials: OAuth2::Error, :
{"error":{"message":"Missing authorization code","type":"OAuthException","code":1}}
I can't figure out what I'm doing wrong. Is the fact that I'm trying to do this through the browser to test messing something up? Any other ideas on how I can reuse my www based auth logic for my ios app?
UPDATE:
I'm not sure, but I'm following this guide in order to have multiple facebook omniauth strategies, one for www and another for mobile.
I never found a solution in line with what I was asking originally, but here is how I solved it: Take the access token you get on the iPhone and send it up to your server and perform the login manually.
def facebook_login
graph = Koala::Facebook::API.new(params[:user][:fb_access_token])
profile = graph.get_object('me')
omniauth = build_omniauth_hash(profile)
#user = User.find_or_create_for_facebook_oauth(omniauth)
end
On www we already had a method called find_or_create_for_facebook_oauth, and that took the result from Omniauth and either found the user or created a new one. In order to utilize that method for mobile, I had to build up a similar structure by hand so I could pass it as an argument.
def build_omniauth_hash(profile)
struct = OpenStruct.new
struct.uid = profile['id']
struct.info = OpenStruct.new
struct.info.email = profile['email']
struct.info.image = "http://graph.facebook.com/#{profile['id']}/picture?type=square"
struct.info.first_name = profile['first_name']
struct.info.last_name = profile['last_name']
struct.info.bio = profile['bio']
struct.info.hometown = profile['hometown']['name'] if profile['hometown']
struct.info.location = profile['location']['name'] if profile['location']
struct
end
I want use this API in rails.
It says should include an Authorization header.(use oauth2)
So I use google-api-ruby-client this lib like below.
I write below code by this sample.
#client = Google::APIClient.new
#client.authorization.client_id = CONSUMER_KEY
#client.authorization.client_secret = CONSUMER_SECRET
#client.authorization.scope = 'https://apps-apis.google.com/a/feeds/domain/'
#client.authorization.redirect_uri = "http://#{request.host}:#{request.port.to_s}
/google_app/oauth2callback"
redirect_to #client.authorization.authorization_uri.to_s
But it cause redirect_uri_mismatch error.
I don't know whether my usage is correct.
Note:
Before use this API, I have logined with Google Openid successfully.
might be a duplicate of OAuth 2.0 sample error when accessing Google API
the problem there is, that the javascript is missing the port-number.