When I try to log in with omniauth(facebook) I get Invalid credentials error in production but it works fine in local.
I already added the urls in Valid OAuth redirect URIs
The callbacks I get are
/auth/facebook/callback?code=....
CallbacksController#failure
The gems I have.
oauth2 (1.2.0)
omniauth (1.3.1)
omniauth-facebook (4.0.0)
omniauth-oauth2 (1.4.0)
The solution was removing my IP from Server IP Whitelist
OAuth Error: This IP can't make requests for that application
Related
My pplication is running on Ruby 2.7 / Rails 5.2.4 on Windows 10 and SUSE (SLES 15.SP3).
It uses Devise for authentication, with omniauth-keycloak, which worked fine for several months.
This morning I had tu run "bundle update" for an unrelated subject. After this update, invoking the link to Keycloak remote server for authentication issues the following error:
DEBUG -- omniauth: (keycloakopenid) Going to get Keycloak configuration. URL: https://identity-a.manage.ch/realms/bfs-sis-a/.well-known/openid-configuration
E, [2022-07-19T08:57:43.384693 #13364] ERROR -- omniauth: (keycloakopenid) Authentication failure! uninitialized constant OmniAuth::Strategies::KeycloakOpenId::MultiJson: NameError, uninitialized constant OmniAuth::Strategies::KeycloakOpenId::MultiJson
Processing by Users::OmniauthCallbacksController#failure as HTML
And redirects to the sign-in page.
The OmniAuth::Strategies::KeycloakOpenId::MultiJson constant does not exist in the project indeed.
The closest constant OmniAuth::Strategies::KeycloakOpenId is used in the devise.rb initializer:
config.omniauth :keycloak_openid,
"BFS.SIS",
client_options: { base_url: '', site: Rails.application.credentials.integration[:authentication_url], realm: "bfs-sis-a" },
strategy_class: OmniAuth::Strategies::KeycloakOpenId
Installed gem versions are:
devise (4.8.1)
oauth2 (2.0.6)
omniauth (2.1.0)
omniauth-oauth2 (1.7.3)
omniauth-keycloak (1.4.2)
omniauth-rails_csrf_protection (1.0.1)
How could I solve this issue?
I'm having trouble in production on Heroku, with Devise confirmable email. I'd been using Mailgun for this and am migrating to Mandrill. All references to Mailgun have been removed from the code, so a search for "mailgun" comes up empty, including my vendor folder. My new setup is for Mandrill SMTP. When I test signing up a user on Heroku my output includes this:
Net::SMTPAuthenticationError (535 5.7.0 Mailgun is not loving your login or password
vendor/ruby-2.1.2/lib/ruby/2.1.0/net/smtp.rb:969:in `check_auth_response'
vendor/ruby-2.1.2/lib/ruby/2.1.0/net/smtp.rb:740:in `auth_plain'
vendor/ruby-2.1.2/lib/ruby/2.1.0/net/smtp.rb:732:in `authenticate'
vendor/ruby-2.1.2/lib/ruby/2.1.0/net/smtp.rb:567:in `do_start'
vendor/ruby-2.1.2/lib/ruby/2.1.0/net/smtp.rb:520:in `start'
vendor/bundle/ruby/2.1.0/gems/mail-2.6.3/lib/mail/network/delivery_methods/smtp.rb:112:in `deliver!'
I've removed my Heroku ENV variables, removed the Mailgun addon but it seems like there's a setting which is not part of my code that needs to be updated to resolve this. Why is it stuck on Mailgun?
I am an idiot. I had an ENV variable for SMTP_ADDRESS which I was using for both applications. It was still set to Mailgun's url.
I'm using a Rails app with Devise (for authentication) and the omniauth gem on a remote server. When I used to deploy to Heroku, I could set environment variables in the terminal, but that's not offered on the remote server I'm using. I therefore added the following to the bottom of .bashrc
export TWITTER_KEY="LxAuQ1Chmas;dlfkjdsal;fjds" TWITTER_SECRET="CC2XpLOeMJbvYphlafsdlkfjdsalkfj"
hoping that would set the environment variables configured in the Devise.rb file
config.omniauth :twitter, ENV["TWITTER_KEY"], ENV["TWITTER_SECRET"]
However, when I try to sign in with Twitter, I'm getting this
OAuth::Unauthorized (401 Unauthorized):
oauth (0.4.7) lib/oauth/consumer.rb:216:in `token_request'
oauth (0.4.7) lib/oauth/consumer.rb:136:in `get_request_token'
omniauth-oauth (1.0.1) lib/omniauth/strategies/oauth.rb:29:in `request_phase'
omniauth-twitter (1.0.0) lib/omniauth/strategies/twitter.rb:63:in `request_phase'
omniauth (1.1.4) lib/omniauth/strategy.rb:214:in `request_call'
so I'm assuming the environment variables aren't be read correctly. Can you explain another way I might set them?
I would suggest managing environment variables with the figaro gem.
Put environment variables in the yaml configuration file and they will be available in ENV.
It also provides a helpful rake task to set the variables on Heroku.
Apologies if this has been answered already, but I'm going through the posts here and can't find something that works.
I've got Devise working with rails for authentication, and I'm trying to integrate OmniAuth for facebook. I'm getting the SSL error that has been posted about in the past.
My error:
SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
I've been through the solutions for windows and none seem to work. I'm just trying to get this working in dev on a windows machine, so I'm willing to take unsecure shortcuts to get it up and running and then figure out what's necessary in production later on.
I'm using:
rails 3.2.2
warden 1.1.1
devise 2.0.4
faraday 0.7.6
oauth2 0.5.2
omniauth 1.0.3
omniauth-oauth2 1.0.0
omniauth-facebook 1.2.0
I've tried a couple different things in omniauth.rb:
omniauth.rb:
Rails.application.config.middleware.use OmniAuth::Builder do
provider :facebook, APP_ID, APP_SECRET, {client_options: {ssl: {ca_file: Rails.root.join('lib/assets/cacert.pem').to_s}}}
#provider :facebook, APP_ID, APP_SECRET, {:client_options => {:ssl => {:verify => false}}}
end
The second option (commented) is supposed to suppress ssl cert checking entirely, as far as I understand it. But that doesn't work - same error. With the first option, I downloaded the appropriate file and put it in by lib/assets directory, but that doesn't seem to work either.
Has something changed recently with this? Am I missing something obvious?
Looks like the way to do it is here:
https://gist.github.com/867550
Try following the instructions given in this link:
http://jimneath.org/2011/10/19/ruby-ssl-certificate-verify-failed.html
And you have to make this minor change in fix_ssl.rb at the end:
self.ca_file = Rails.root.join('lib/ca-bundle.crt').to_s
I hope this helps.
I have been scouring the Internet for an answer to this but I'm out of ideas. I am using Devise with Rails 3 to authenticate with LDAP. I'm using Rails 3 with Ruby 1.9.2. I'm using mysql2 as the database connector.
I can get this to work with the rails console so I know my addresses and everything are correct.
We have an active directory and in order to authenticate we have to prefix the login name with systems. So my login would be systems\crudbasher.
This works in the console but when I have a form with login name and password I get this error.
Encoding::CompatibilityError in Devise::SessionsController#create
incompatible character encodings: ASCII-8BIT and UTF-8
Ok I get that it is having a problem with the backslash. What I don't understand is how to fix it.
The full stack trace if it helps is this:
net-ldap (0.2.2) lib/net/ber/core_ext/array.rb:62:in `to_ber_seq_internal'
net-ldap (0.2.2) lib/net/ber/core_ext/array.rb:54:in `to_ber_contextspecific'
net-ldap (0.2.2) lib/net/ldap/filter.rb:509:in `to_ber'
net-ldap (0.2.2) lib/net/ldap.rb:1380:in `block in search'
net-ldap (0.2.2) lib/net/ldap.rb:1361:in `loop'
net-ldap (0.2.2) lib/net/ldap.rb:1361:in `search'
net-ldap (0.2.2) lib/net/ldap.rb:635:in `search'
devise_ldap_authenticatable (0.6.0) lib/devise_ldap_authenticatable/ldap_adapter.rb:208:in `search_for_login'
devise_ldap_authenticatable (0.6.0) lib/devise_ldap_authenticatable/ldap_adapter.rb:86:in `dn'
devise_ldap_authenticatable (0.6.0) lib/devise_ldap_authenticatable/ldap_adapter.rb:124:in `authorized?'
devise_ldap_authenticatable (0.6.0) lib/devise_ldap_authenticatable/ldap_adapter.rb:14:in `valid_credentials?'
devise_ldap_authenticatable (0.6.0) lib/devise_ldap_authenticatable/model.rb:39:in `valid_ldap_authentication?'
activesupport (3.1.1) lib/active_support/core_ext/object/try.rb:32:in `try'
devise_ldap_authenticatable (0.6.0) lib/devise_ldap_authenticatable/model.rb:85:in `authenticate_with_ldap'
devise_ldap_authenticatable (0.6.0) lib/devise_ldap_authenticatable/strategy.rb:12:in `authenticate!'
I'm really stumped. Thank you to anyone who can help!!
Encoding is always a mess. Have you tried toying around with encode and force_encoding?
I had this same problem and I fixed by updating net-ldap library to 0.3.1, but that broke mine get_ldap_email (which is just like devise_ldap_authenticatable main page example, Querying LDAP)
Also everything seemed to be ok but I'm not 100% sure if nothing else is broken.
Edit: Apparently I also need to update devise_ldap_authenticatable to version 0.4.7 or higher -> Ruby on Rails 3: Devise::LdapAdapter.get_ldap_param undefined method error
But I'm not sure how to update both, devise_ldap and net-ldap, and not breaking my bundle update