I can't seem to find anything about migrating away from openid for omniauth users? Is this as simple as changing the redirect url?
require "openid/store/filesystem"
require "omniauth-google-oauth2"
config.omniauth :google_apps,
store: OpenID::Store::Filesystem.new('/tmp'),
domain: "example.com",
identifier: "https://www.google.com/accounts/o8/id"
I ended up using gem omniauth-google-oauth2.
The ReadMe explains how to set it up.
gem omniauth-google-apps is now deprecated and no longer maintained. It won't work after April 20, 2015 when google stops supporting openid.
Related
I'm getting the following error using the latest Omniauth Facebook gem:
ERROR -- omniauth: (facebook) Authentication failure! invalid_credentials: OAuth2::Error, :
My credentials are correct and i seem to hit facebook ok but the callback errors out.
Any ideas?
The problem I had was that my app was using an older version of the facebook API.
Omniauth-facebook uses a default API version, in my case 2.4 but my App needed a newer version because that is what it said in my Facebook Developer Console. In my case, all I had to do was to update the omniauth-facebook gem to version 4.0.
If you wish you can set the Facebook API version that you want to use instead of using the default like this (omniauth-facebook docs):
use OmniAuth::Builder do
provider :facebook, ENV['APP_ID'], ENV['APP_SECRET'],
client_options: {
site: 'https://graph.facebook.com/v3.0', # this is the example API version
authorize_url: "https://www.facebook.com/v3.0/dialog/oauth"
}
end
You can check which API verison your app is using by going to your facebook developer console.
You can read more about the omniauth-facebook gem API here:
http://www.rubydoc.info/gems/omniauth-facebook/4.0.0#API_Version
I had the same problem but specifying version didn't help me. I end up passing token_params: { parse: :json } something like below which resolved my issue :
Rails.application.config.middleware.use OmniAuth::Builder do
provider :facebook, Figaro.env.fb_appid, Figaro.env.fb_sec,
{ scope: 'email', token_params: { parse: :json } }
end
I have found the reference #174 comment
If you are not using the gem as a middleware directly and instead configuring your options in config/initializers/devise.rb (like the guide in Devise's wiki suggests), you can solve this issue by adding token_params: { parse: :json } to your config options.
So, in config/initializers/devise.rb:
config.omniauth :facebook, "APP_ID", "APP_SECRET", token_params: { parse: :json }
This problem is explicitly handled in Devise's wiki linked above (see section "If you are seeing something like Could not authenticate you from Facebook because “Invalid credentials”...)
Please try to put as many details as you can, try to be specific about your issue to understand the issue more deeply. It'll help to find out the exact issue and answers.
As you're not specific with your issue. I am putting here my answer which I got after so many tries and research.
MY ERROR
ERROR -- omniauth: (facebook) Authentication failure! invalid_credentials: OAuth2::Error, {"message"=>"Cannot call API for app 67878******** on behalf of user sa97**********", "type"=>"OAuthException", "code"=>200, "fbtrace_id"=>"8987987*********"}:
I was facing the above issue in a case if the Facebook user who is authenticating itself by Signing up with his/her details is only having the mobile number in his Facebook profile and NO EMAIL ID because my app is validating the email id should be present before creating any User object.
Because the same code is working fine with the users having the email id in the profile.
Although the Facebook error should be more specific, which saves the developer time to debug the exact issue.
I would like to add Gmail to my Rails 4 app. So far I have set up everything so user can log in with Google account. I followed this guide.
Now when user tries to log in my Rails 4 app he receives such onscreen :
After "Allow" user is redirected back to my Rails 4 app.
Initializers/omioauth.rb
OmniAuth.config.logger = Rails.logger
Rails.application.config.middleware.use OmniAuth::Builder do
provider :google_oauth2, Rails.application.secrets.client_id, Rails.application.secrets.client_secret, {scope: ['email',
'https://www.googleapis.com/auth/gmail.modify'],
access_type: 'offline', client_options: {ssl: {ca_file: Rails.root.join("cacert.pem").to_s}}}
end
All authorization data from Google is located in secrets.yml.
Installed gems:
gem "omniauth-google-oauth2", "~> 0.2.1"
gem "google-api-client"
Question: What are the next steps to implement Gmail API in Rails project? How to retrieve my Gmail inbox content..
So far I haven't found complete and self-explaining guide to do so.
I found Gmail gem, but the guide is very incomplete for Rails begginers.
For example, I installed this gem and then tried to require 'gmail' in rails c . Then I received error uninitialized constance 'gmail'.
Note: I don't need full solution to my problem,but just a push to start going and I could understand idea.
Thanks in advance.
Try to check the Ruby implementation of Gmail API in the Google Documentation itself.
Just complete the steps described in the rest of this page, and you'll have a simple Ruby command-line application that makes requests to the Gmail API.
For more information, you can also check these threads:
How to access the Gmail API with Ruby
google/google-api-ruby-client
Gmail API Client Library for Ruby
Gmail API and Rails – Authorize with OAuth via Omniauth
I am having a rails project in which my client's requirement is to login user with yahoo So, I need to integrate user authentication using yahoo.
I am badly stuck due to limited resources in order to achieve this so finally I came on SO.
Well, after struggling much this code give me some hope but it is very basic level of startup and I dont know where and what to do now.
Here is my some code part:
client = OAuth2::Client.new(oauth_consumer_key,oauth_consumer_secret, {
access_token_path: '/oauth/v2/get_token',
authorize_path: '/oauth/v2/request_auth',
authorize_url: 'https://api.login.yahoo.com/oauth/v2/request_auth',
request_token_path: '/oauth/v2/get_request_token',
site: 'https://api.login.yahoo.com'
})
puts client.auth_code.authorize_url( redirect_uri: "http://lvh.me:3000")
code = gets.chomp
token = client.auth_code.get_token(code, redirect_uri: "http://lvh.me:3000")
OK so there are like a million tutorials about how to use Devise with OmniAuth. There is a gem for omniauth yahoo. This is my favorite tutorial for it: https://www.digitalocean.com/community/tutorials/how-to-configure-devise-and-omniauth-for-your-rails-application.
I would just use the yahoo gem instead of the digital ocean one they suggest.
Yahoo Gem: https://github.com/timbreitkreutz/omniauth-yahoo
Also refer to this SO question where he walks through an install with Facebook: How to use and configure omniauth with yahoo, google, facebook strategies in various environments?
I'm using devise and omniauth-facebook authentication in my rails 4 application.
Facebook has moved on to v2.x graph API. (deadline for api migration is April 30, 2015).
During authentication, facebook's login dialog show the following message
"You must upgrade this app to Graph API v2.x
v1.0 will be deprecated on April 30, 2015
Learn how to upgrade"
I figured this is because omniauth-facebook/devise right now uses facebook graph api v1.x.
How do I configure it to point to v2.x ?
Found the solution, hope it helps someone as well
The link is https://github.com/mkdynamic/omniauth-facebook/issues/152
Solution is to configure provider for omniauth-facebook in initializer file as:
provider :facebook, ENV['APP_ID'], ENV['APP_SECRET'],
:scope => 'email,read_stream',
:client_options => {
:site => 'https://graph.facebook.com/v2.0',
:authorize_url => "https://www.facebook.com/v2.0/dialog/oauth"
}
I'm trying to make Facebook login with omniauth-facebook in Rails 3.2.9; I have followed the steps of Ryan Bates in http://railscasts.com/episodes/360-facebook-authentication and in this very moment I have the same code.
If I try to login without the Javascript it works (it takes me to Facebook, I grant the permissions, and gets me back to the app successfully), but if I try with the Javascript (for the Facebook popup) it initially shows the popup to login, but then makes a redirect and throws me this error (without asking for the permissions):
Started GET "/auth/facebook/callback" for 127.0.0.1 at 2012-11-16 15:16:03 -0600
(facebook) Callback phase initiated.
(facebook) Authentication failure! invalid_credentials: OmniAuth::Strategies::OAuth2::CallbackError, OmniAuth::Strategies::OAuth2::CallbackError
OmniAuth::Strategies::OAuth2::CallbackError (OmniAuth::Strategies::OAuth2::CallbackError)
This is a very common error; I made the research and tried all the solutions (mostly are from some months ago) but none of them work. This is what I have tried:
Checking the sandbox in Facebook is disable (and I have waited hours for the propagation)
Checking the Site URL to http://localhost:3000/
Checking the App ID and App Secret
Downgrading the omniauth-facebook gem to 1.4, and throws me this error: omniauth-facebook must pass either acodeparameter or a signed request (viasigned_requestparameter or afbsr_XXXcookie)
Downgrade to Rails 3.2.8
What else should I do? (I think the key is in the Javascript, and right now I have the same code of the video, with CoffeeScript). Thanks in advance!
I followed that Railscast just now and managed to get it working. You'll notice people discussing your problem in the comments. Following the links there, I ended up on this issue on Github and this question on StackOverflow.
I recommend updating to 1.6.0 and to 2.0.0 when it finally comes out. In the meantime, make sure you aren't making any of these mistakes:
Defining your app credentials in two different initializers, usually omniauth.rb and devise.rb. source
Having a domain name mismatch between your live site and the site url configured within your facebook application. source
Leaving the facebook application in sandbox mode, so the domain name doesn't match the production one. source
Adding a before_filter :authenticate to the OmniauthCallbacksController or ApplicationController (since OmniauthCallbacksController inherits from ApplicationController). source
Using omniauth-facebook in conjunction with Facebook's client-side flow. source
Messing with the state param.
Solution without downgrading (using 1.5.1 right now) :
https://github.com/intridea/omniauth-oauth2/issues/32 ->
Add this to your provider declaration :
provider :facebook, xxxxxxxxx, yyyyyyyyy, {:provider_ignores_state => true}