PS:- please dont say use this devise, omniauth or any other plugin/gem you know.
I am looking for some example code for google login using authlogic for ruby on rails 3.
Here is what i have tried/checked:-
authlogic-google-account-oauth --- This is sample code for twitter, not google (One of the top rated google result. )
http://www.manu-j.com/blog/add-google-oauth-ruby-on-rails-sites/214/ --> generating keys for google login? There was nothing like this while implementing facebook / twitter or linkedin login. All I need is secret key and application id from the respective sites.
Tons of links on stackoverflow, No-one is giving the solution just recommending other gems/ outdated blog posts like
Ruby on Rails: Best way to add Facebook login, Twitter login, OpenID login, etc
Configuring authlogic-oauth with google and many more.
Anybody knows any running example/ sample code for google login with authlogic in rail 3
EDIT
Have you noticed these warnings, this is from your code. The code you provided is running on my local machine:--
Attempting discovery to verify endpoint
Performing discovery on https://www.google.com/accounts /o8/id?id=AItOawlFBZciVpNUBSlYbz0wHzTgmJWu9PpCvyk
WARNING: making https request to https://www.google.com/accounts/o8/id?id=AItOawlFBZciVpNUBSlYbz0wHzTgmJWu9PpCvyk without verifying server certificate; no CA path was specified.
Using 'check_authentication' with https://www.google.com/accounts/o8/ud
WARNING: making https request to https://www.google.com/accounts/o8/ud without verifying server certificate; no CA path was specified.
You inspired me to hack away at this.
This blog basically worked for me http://blog.sethladd.com/2010/09/ruby-rails-openid-and-google.html
My code is extra ugly though, because it wasn't the first one I tried.
Other resources:
Ruby open_id_authentication with Google OpenID
http://toddsedano.blogspot.com/search?updated-max=2010-05-29T11%3A59%3A00-07%3A00&max-results=7
http://railscasts.com/episodes/170-openid-with-authlogic
Anywho, the rough code that is working for me is here:
https://github.com/softwaregravy/google_authlogic
and here is the running code
It's still very much a prototype. Hope it helps.
Related
So, I'm very new to this. I got a generated json file from my google developer console that holds information like private keys, client id, token stuff, etc.
Now, I'm trying to use the Google Analytics Report V4 api. I put all my code into a concern, and when I run the code I get this error:
Google::Apis::AuthorizationError: Unauthorized
So I know that I have to authorize my app, but I'm not sure how. I have this json file which appears to have all the information I need to authenticate my app.
After some research, I know that (on the following code) I need to assign analytics.authorization to something, I just don't know to what.
analytics = Google::Apis::AnalyticsreportingV4::AnalyticsReportingService.new
analytics.authorization = ???
Do you know of any method I'm supposed to call that takes in the location of my json file as a parameter or something that can in turn, authorize my rails app?
Thank you so so much if you can help.
I know there are other questions like this. But they use omniauth with devise I think, and I can't do that. I already have a specific context in which users need to be logged in to my app, so logging in with google wouldn't work in my case. Also, other question/answers that don't involve omniauth and devise are outdated or don't have an accepted answer.
I'm trying to use Wordpress to authenticate my Rails application users with the following Omniauth plugin:
https://github.com/jwickard/omniauth-wordpress-oauth2-plugin
I've followed the instructions carefully, and duplicated his example, but it doesn't work. Which is really surprising, because there's just not that much to it. However, I've found several threads on here like this one, that talk about the same problem I have:
Devise, OmniAuth & Facebook: "Not found. Authentication passthru."
When I click the "Sign in with Wordpress" (which is automatically inserted in my Devise sign-in page), I simply get a 404, with "Not found. Authentication passthru," which is a stub response for the passthru method in the Devise sources. Routes rake just fine, and look like all the examples. I've restarted the server dozens of times.
Despite several attempts to set site: and authorization_url: in the client_options, in both my devise config, and the plugin sources directly, my app never redirects to my Wordpress site. I've got about 10 hours into screwing around with this, and I don't know what's supposed to be responsible for actually sending me to the site to DO the authentication. Further complicating figuring this out is that almost every reference I can find to redirection in this sort of scenario is about the callback to my Rails site, after the authentication is done. I can never get that far.
There's a lot of confusing references to this problem on SO and the internet at large. There's some talk about making a "real" passthru or action_missing method in my OmniauthCallbacksController, but that seems to be outdated information. There's a lot of talk about making sure that I've defined the omniauth_providers in my User model, and I've tried it with and without, but that's not in any of the documentation about this plugin.
I've been trying to look at the plugin's strategy file, and it just doesn't seem that different than other Oauth2 plugins for Facebook, Google, or whatever, that I've been reviewing. It seems like there's a very simple thing I need to set in order to make this all work, but I can't find it, and I've run out of ideas on how to track it down. The plugin was last updated about 5 years ago. Does anyone still use this with modern versions of Devise, Omniauth, and Wordpress? If so, is there a clue you can give me to make it work?
I finally started tracing through the gem, and found where it was failing. As I searched on those further problems, I finally figured out that there were about 25 forks of this gem, and many of them addressed the problem. I used this particular one: https://github.com/bkno/omniauth-wordpress-oauth2-plugin
I have a rails 3 app that is currently using Devise for authentication. I would like to send an email to users from time to time that would contain a link. When they click the link they would...
bypass the login page
go directly to the page i'm directing them to
and authenticate in the process
I tried several Google searches that would shed some light but came up empty. I am interested in the how to's, the risks and how to make it as secure as possible.
Also, are there any other Tags that would be relevant to this question?
Thanks!
I think you're really looking for token authentication.
Take a look at this blog (deleted) which is linked to from the devise wiki here.
It's a bit of a weird example in that UI given is for a user to generate a login link for themselves. Still - it presents the correct approach to login-using-a-link.
Update: Token Authentication has been removed from Devise. This gist and this Stack Overflow post address the issue.
I've got an application at http://github.com/rails3book/ticketee that contains an OAuth portion provided by Devise. The configuration is at config/initializers/devise.rb. I have got this working with Twitter but always get this "invalid credentials" message back from GitHub.
I cannot see what I am doing differently between Twitter and GitHub. To my knowledge, this should Just Work(tm).
This is actually because GitHub's OAuth2 support doesn't mesh with the current draft of the OAuth2 specification. Basically, they want a parameter called "access_token" but the oauth2 gem's latest version (0.3.0 as of this writing) passes this through as "oauth_token", as the latest version of the draft requires.
This basically works with every other provider except GitHub because they haven't yet updated their support for this alternatively named parameter.
Did you register your application with Github? Do you provide the correct keys? I have a similar authentication here, without Devise, however, configuration (in development.rb) should be nearly the same: http://github.com/markusproske/omniauth_pure
Edit: you need different registrations for development and production due to the callback route.
I'm think something like Facebook apps here. User generated pieces of code that people can write to interact with my app.
I understand how an authenticated API works, but this seems a little more complicated because not only does the APP have to authenticate itself (with a regular api-key) but the USER using the app has to be authenticated somehow too, without giving the app free reign.
I've been reading a bit here to see how FB does it: http://wiki.developers.facebook.com/index.php/How_Facebook_Authenticates_Your_Application
And it looks like you have to pass a signature in addition to the api-key along with every call, but I'm having trouble wrapping my head around how this gets generated and used on the other end (my server).
Figure there must be a simple explanation of this out there? Thanks!
P.S. I'm building a Rails app if there are any applicable gems/plugins.
This may be what I need:
http://github.com/phurni/authlogic_api
Did you have any success with authlogic_api? I'm working on the server-side for a Steam game, where users are logged in through Steam, so I'm only responding to REST calls from the client (no user login required). The rdocs for authlogic_api give some brief set-up info, but I'm struggling with what to do in the application_controller to restrict access; essentially the equivalent of this code from the authlogic example:
http://github.com/binarylogic/authlogic_example/blob/5819a13477797d758cb6871f475ed1c54bf8a3a7/app/controllers/application_controller.rb