I am working on a making a personal soundcloud app on Rails 5 and i'm having some trouble with OAuth. I'm able to redirect to Soundcloud's app and give permission to my user. When I try to exchange the code for token on redirect_uri, get an error. I have included my code and image of the error I'm getting below.
def connected
client = Soundcloud.new(:client_id => 'My ID',
:client_secret => 'my secret',
:redirect_uri => "http://localhost:3000/login/soundcloud/callback")
code = params[:code]
value = client.exchange_token(:code => code) #get an error on this line
#my code to save access token into db goes here.
end
I have added this image
for the error that I'm getting. I thought it might be more helpful.
I was having the same issues, so I just did created the request manually for this step. Soundcloud gem is pretty dated, I'm sure it has something to do with that.
#client = Soundcloud.new(client_id: client_id,
client_secret: client_secret,
redirect_uri:'http://localhost:3000/soundcloud/connected')
#code = params[:code]
response = HTTParty.post("https://api.soundcloud.com/oauth2/token",
body: {
"client_id" => client_id,
"client_secret" => client_secret,
"redirect_uri" => 'http://localhost:3000/soundcloud/connected',
'grant_type'=> 'authorization_code',
"code" => #code
}
)
access_token = response["access_token"]
#authed_client = Soundcloud.new(access_token: access_token)
soundcloud_user = #authed_client.get('/me')
end
Hope this helps.
Related
I am trying to access Google Adword's api through google's gem google-api-ads-ruby. I was able to oauth in perfectly fine and grabbed the access token, refresh token, and id_token fine. When I try to access the data it gives me the oauth token invalid error. I retrieved my access token and inputed it on this link and it returned me a valid result.
https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=[TOKEN]
The code below is how I am trying to access the Report Definition Service.
config = {
:authentication => {
:method => 'OAuth2',
:oauth2_client_id => #plugin.oauth_client_id,
:oauth2_client_secret => #plugin.oauth_client_secret,
:developer_token => #plugin.developer_token,
:client_customer_id => #plugin.client_customer_id,
:oauth2_token => {"access_token"=>ACCESSTOKEN,
"refresh_token"=>REFRESHTOKEN,
"issued_at"=>"2017-09-18T16:36:55.973-04:00",
"expires_in"=>3600,
"id_token"=>IDTOKEN,
:user_agent => 'Example'
},
:service => {
:environment => 'PRODUCTION'
}
}
api = AdwordsApi::Api.new(config)
report_def_srv = api.service(:ReportDefinitionService, :v201708)
report_type = "ACCOUNT_PERFORMANCE_REPORT"
This code below causes the error
fields = report_def_srv.get_report_fields(report_type)
Why do I keep getting the oauth token is invalid error when it hasn't expired yet?
If the question is still actual..
Try to replace
"expires_in"=>3600
field with
"expires_at"=>"2017-09-18T17:36:55.973-04:00"
It helped to resolve the similar issue in my case.
I'm using stripe connect on my website, and when a user in production tries to connect his stripe account to my web site, I have the following error in the stripe callback :
{
"error": "invalid_redirect_uri",
"error_description": "Invalid redirect URI 'http://www.mywebsite.com/stripe_connections/callback'. Ensure this uri exactly matches one of the uris specified in your application settings",
"state": "4 ยป
}
whereas my redirecti URIS in my stripe application setting is https://www.mywebsite.com/stripe_connections/callback
here is my controller :
require 'oauth2'
class StripeConnectionsController < ApplicationController
skip_after_action :verify_authorized
def new
stripe_auth_url = "https://connect.stripe.com/oauth"
client = OAuth2::Client.new(ENV['STRIPE_CONNECT_CLIENT_ID'], ENV['STRIPE_SECRET_KEY'], :site => stripe_auth_url)
#stripe_url = client.auth_code.authorize_url(:redirect_uri => "#{request.protocol}#{request.host_with_port}/stripe_connections/callback", :scope => 'read_write', state: params[:brief_id])
end
def callback
#brief = Brief.find(params[:state])
stripe_auth_url = "https://connect.stripe.com/oauth"
#user = current_user
client = OAuth2::Client.new(ENV['STRIPE_CONNECT_CLIENT_ID'], ENV['STRIPE_SECRET_KEY'], :site => stripe_auth_url)
access_token = client.auth_code.get_token(params[:code], :redirect_uri => '#{request.protocol}#{request.host_with_port}/oauth2/callback')
stripe_connection = StripeConnection.find_or_create_by(user_id: #user.id)
stripe_connection.update_attributes(access_token: access_token.token,
refresh_token: access_token.refresh_token,
livemode: access_token.params['livemode'],
stripe_user_id: access_token.params['stripe_user_id'],
publishable_key: access_token.params['stripe_publishable_key']
)
#user.profile.projects.where(state: 'pending').update_all(state: "on_sale")
end
end
I'm using heroku and paying the SSL add-ons already.
I don't know why stripe is returning http instead of https. Does anyone have an idea? thx.
ps: this has already worked before in production and works in the beta version of the website
Do you have a button that the user clicks to connect to stripe? I just removed the redirect_uri parameter.
You have to remove the redirect_uri of client.auth_code.authorize_url() in the new method and also the redirect_uri in the callback method and put the right protocol in the dashboard stripe.
I am developing a rails application which uses oauth2 gem to Authenticate a User against Windows azure AD .
I am able to authenticate the user with Azure AD ,but my problem is i need to extract the parameters inside token response.
#token = client.auth_code.get_token(params[:code], :redirect_uri => "#{APP_URL}/callback", :resource => "#{RES_URL}")
I tried puts #token in controller but i am getting some Hash values.
#<OAuth2::AccessToken:0x000000030ed960>
Is it possible to see the contents inside #token.
And also can i set headers inside token request.
#token = client.auth_code.get_token(params[:code], :redirect_uri => "#{APP_URL}/callback", :resource => "#{RES_URL}",:headers => {'Content-Type' => 'application/json' })
Any help is appreciated.
Yo can try to use puts #token.to_yml
to see the contents of #token
I'm trying to authenticate a user with Instagram gem. So I have a page with code param returned by instagram, and I only need to send it back with POST request. According to gem documentation I need to do something like:
get "/oauth/callback" do
response = Instagram.get_access_token(params[:code], :redirect_uri => CALLBACK_URL)
session[:access_token] = response.access_token
redirect "/feed"
end
so I have
def authenticate
response = Instagram.get_access_token(params[:code], :redirect_uri => "http://127.0.0.1:3000")
session[:access_token] = response.access_token
redirect "/feed"
end
And I'm getting
Completed 500 Internal Server Error in 957ms
Instagram::BadRequest (POST https://api.instagram.com/oauth/access_token/: 400):
app/controllers/instagram_controller.rb:25:in `authenticate'
I tried making curl request as per Instagram api documentation, and it works with the same params.
About client_id, I store those keys in instagram.rb in initializers, so it looks like
require "instagram"
Instagram.configure do |config|
config.client_id = "123345"
config.client_secret = "123123"
end
CALLBACK_URL = "http://127.0.0.1:3000"
Thanks a lot in advance.
Found the problem. So, I have devise in my app as well, and I didn't put "redirect_url" in config.omniauth over there. Exactly the same thing people talking about over here https://github.com/Instagram/instagram-ruby-gem/issues/22.
Thanks for help.
The following is the code I am using to allow users to allow users to authorise my app to access their Google Calendar via OAuth. I based it off this sample code.
It works most of the time, but sometimes, there is an ArgumentError: Missing authorization code error on the client.authorization.fetch_access_token! line in the create_google_calendar action in the services controller. If I comment out that line, all of the client.authorization attributes are null.
I am using Rails 3.2.0 and Ruby 1.9.2.
What is causing this?
Gemfile
gem 'google-api-client', :require => 'google/api_client'
service.rb
def self.google_calendar_client google_calendar_service=nil
client = Google::APIClient.new
client.authorization.client_id = xxx
client.authorization.client_secret = xxx
client.authorization.scope = 'https://www.googleapis.com/auth/calendar'
url_prefix = Rails.env.production? ? xxx : 'http://localhost:3000'
client.authorization.redirect_uri = "#{url_prefix}/create_google_calendar"
if google_calendar_service.present?
client.authorization.update_token! :access_token => google_calendar_service.token, :refresh_token => google_calendar_service.google_calendar_refresh_token, :expires_in => google_calendar_service.google_calendar_expires_in, :issued_at => Time.at(google_calendar_service.google_calendar_issued_at)
client.authorization.fetch_access_token! if client.authorization.expired?
end
client
end
services_controller.rb
def connect_google_calendar
#google_calendar_url = Service.google_calendar_client.authorization.authorization_uri.to_s
end
def create_google_calendar
client = Service.google_calendar_client
client.authorization.code = params[:code]
client.authorization.fetch_access_token!
current_user.services.create :provider => 'google_calendar', :token => client.authorization.access_token, :google_calendar_refresh_token => client.authorization.refresh_token, :google_calendar_expires_in => client.authorization.expires_in, :google_calendar_issued_at => client.authorization.issued_at
end
The truth is, I don't know. Your code looks right to me. But I can at least tell you what the error means. Missing authorization code means that it thinks you're trying to do an "authorization code" grant type when you fetch the access token. If you're actually trying to obtain an access token off a refresh token as opposed to doing it on the first pass after obtaining authorization from the user, then you may not have correctly set up the authorization object.
You can check this by inspecting the client.authorization.grant_type value. In very recent versions of the client you can manually set the grant_type value to force a particular mode, which may give you more informative error messages, depending on what the actual issue is.