I am trying to connect facebooker and authlogic using this http://github.com/kalasjocke/authlogic_facebook_connect
I was having problems so began to debug the facebooker gem code. I realized that no params are getting set using the facebook login that have anything to do with facebook. I can push the facebook login button, it brings up the facebook window as it should and I accept/sign into facebook. Then in facebooker/rails/controller.secure_with_facebook_params! I print out params, this is what shows:
authenticity_token<pulled out token number>actioncreatecontrollerperson_sessions
person_sessions is the name of my user_sessions. Not sure if this makes a difference though...
This is it. Clearly there should be other parameters here. I checked to make sure that my application numbers are all OK with facebooker.yml (although honestly I don't understand why that would matter as I'm not yet making a facebook app, just want to use connect).
Any ideas?? I would be SOOOO thankful if someone could help me out... any clues would be useful!
K
Argh I think I finally figured it out! Since I don't have an app yet then set_asset_host_to_callback_url in facebooker.yml should be set to false. However, after this is done, you have to close browser as it seems to store previous session. Now to fix my next problem!
I had this same issue, my problem was that I had set a Site Domain on my application settings page on Facebook itself... I wasted lots of time fiddling with my code and my settings in my rails app when it was a facebook setting all along. Big up to Alex Neth on the authlogic google group in the end. So what I had was
Application ID 150132505999999
Application Secret e7fb8001d80e99999999999999999999
Site URL http:// localhost:3000
Site Domain localhost
and what I should have had was
Application ID 150132505999999
Application Secret e7fb8001d80e99999999999999999999
Site URL http:// localhost:3000
Site Domain
duh, probably an obvious one but I hope this helps someone out somewhere.
(I've had to break up the site url there for spam issues on this site)
Related
So, I've been developing my app locally for sometime now and I decided today that I would like to deploy it on Heroku to start getting initial feedback for the app. I went through the guide on Heroku to help deploy my Rails 5 app to heroku.
Deployment was smooth and I was shown my login page. I clicked on Login Via FB and I was returned a white page with the following error response
The parameter app_id is required
Now, my obvious plan of action was to follow the trail, refer SO and hopefully come up with a solution for this. I tried every plausible resource on the web but I still get this error.
I've even updated my APP_ID and APP_SECRET variables on heroku. I've even updated Valid OAuth Redirect URIs section in my fb developer settings with the appropriate Heroku URL.
The funny bit is that everything works smoothly on my localhost but fails on heroku which is strange.
I strongly believe that Facebook would through appropriate errors and that app_id is in fact not being sent to fb. If this is the case, how do I solve this?
If you need code snippets to look at, do ask what might be needed to be looked at and I shall update my post accordingly.
Thank you!
the solution turned out to be a pretty simple one. In my application.yml file I had saved my Facebook vars as facebook_app_id and facebook_secret_key. But in my Heroku config vars I had included them as FACEBOOK_APP_ID and FACEBOOK_SECRET_KEY. I was under the impression keys aren't case sensitive. When I changed them to lowercase for Heroku, it worked.
I want to start my Dropbox-app by linking to a dropbox account as specified here:
https://www.dropbox.com/developers/datastore/tutorial/js
However, dropbox won't redirect back to my website and throws "Invalid redirect_uri"
I specified various redirect urls and double checked my app_key, but i could not get it to work. What am i doing wrong?
Thanks in advance!
When I had this issue, I realized that when refreshing the dropbox app console page, it hadn't saved my domain value. Apparently, ONLY HTTPS prefixed domains will work. When I added https it worked fine and saved my value, then I was able to get that to work with my javascript, but I was wishing that I didn't have to setup a server with a cert just to test. Security security, I guess.
http://blah.com // didn't work
https://blah.com // did work
Make sure the full, exact URL is registered as a redirect URI. (E.g. https://www.mydomain.com/mypage.html) The error message in the browser should tell you the exact URI that was attempted, so you should be able to match it perfectly.
I am brand new on this and ran into the same issue today attempting to follow the "Dropbox Datastores and Drop-Ins" tutorial on net.tutsplus.com
My setup is on a local system as well with the solution in a sub directory called "todo".
By trial and error, I got through to the authorisation screen by adding this URI in the Dropbox Developer Console: "http://LH.LH/todo/" (without quotes, AND because of comment restrictions on this board, please replace "LH.LH" with "localhost")
Btw I can see in the console, that there are some other issues with the code, but I will be looking into that.
I'm facing the same issue. It works fine locally, but not on production. I find it to be because of the redirection URI: it adds the 'http://' bit, while you can't add this to the list of supported URI in the Dropbox app list.
Try changing the url manually from the browser, removing the http:// and leaving only the domain. Does it work? If so, you have the same problem as I do... which I still don't know how to fix :(
After I put my domain under Akamai Edge, my previously working Twitter Connect flow stopped working and users get a login error.
Debugging, I found my OAuth call to this url answers "Bad Authentication data".
I tried to look over the net for solutions but it seems I'm the only one with this problem, thanks in advance to everyone who will try to help me.
Just undo the recent changes you've made if the Twitter Client was running smoothly earlier. you must have messed up somewhere!
I'm working on an app using facebook & oauth. The app lives inside a facebook canvas, and the authentication is done server side. The app is done w/ Ruby on Rails 3.2, using Koala for dealing with the api (and mongodb as backend, for what it's worth), and hosted on heroku.
So, I supply the heroku url as redirect_url for the callback. Which makes the user go out of the canvas after the authentication, and well, I want it to stay inside. I read a few threads about this that suggested I redirect to the canvas url with js once the authentication is done. I did that, but now it seems that my session token is never set, and the user goes through the auth flow every time he tries to see a non-public page (which means he loops on the welcome page, having an "invisible" exchange with facebook each time).
I don't really get what I'm doing wrong here, so any help is welcome. If you need more informations, just ask.
Thanks for your time!
So I found what was my problem : the page my canvas pointed to was a "public" page, and did not handle anything authentication related, meaning it didn't parse the signed_request, or anything else. I ended up setting a special endpoint for the canvas in charge of handling the signed_request logic, and now it works as one would expect.
I am using the ruby twitter gem and oauth to gain access to users twitter accounts. In my code, I have:
unless #user.twitter_authd?
oauth = Twitter::OAuth.new('token', 'secret')
session[:twitter_request_token] = oauth.request_token.token
session[:twitter_request_secret] = oauth.request_token.secret
#twitter_auth_url = oauth.request_token.authorize_url
end
where token and secret have my actual token and secret inserted. When I click on the link to the #twitter_auth_url, I am taken to twitter and asked to grant access. I click allow and then twitter redirects me to my callback URL http://www.mydomain.com/twitter_callback/?oauth_token=fmy2aMvnjVgaFrz37bJ4JuB8r5xN79gsgDQRG4BNY which then hits this code:
oauth = Twitter::OAuth.new('token', 'secret')
logger.info("session[:twitter_request_token] = #{session[:twitter_request_token]}")
logger.info("session[:twitter_request_secret] = #{session[:twitter_request_secret]}")
oauth.authorize_from_request(session[:twitter_request_token], session[:twitter_request_secret])
session[:twitter_request_token] = nil
session[:twitter_request_secret] = nil
#user.update_attributes({
:twitter_token => oauth.access_token.token,
:twitter_secret => oauth.access_token.secret,
})
redirect_to root_path
The twitter request token and secret are being set just fine. However I end up with an authorization error:
OAuth::Unauthorized in MainController#twitter_callback
401 Unauthorized
RAILS_ROOT: /Users/TAmoyal/Desktop/RoR_Projects/mls
Application Trace | Framework Trace | Full Trace
/Library/Ruby/Gems/1.8/gems/oauth-0.3.4/lib/oauth/consumer.rb:167:in `token_request'
/Library/Ruby/Gems/1.8/gems/oauth-0.3.4/lib/oauth/tokens/request_token.rb:14:in `get_access_token'
/Library/Ruby/Gems/1.8/gems/erwaller-twitter-0.6.13.1/lib/twitter/oauth.rb:29:in `authorize_from_request'
/Users/TAmoyal/Desktop/RoR_Projects/mls/app/controllers/main_controller.rb:70:in `twitter_callback'
The code is failing at this line:
oauth.authorize_from_request(session[:twitter_request_token], session[:twitter_request_secret])
when it tries to get an access token. You can see the source code of authorize_from_request here. I am not sure why this is happening. Anyone have ideas?
A bit late to the party but just ran into the same issue myself. I tracked the issue down to the setup of my OAuth app in Twitter. I had initially not specified a callback URL as I was unsure of it.
Once I had setup my rails app I went back to find Twitter had assumed I was a desktop application as I hadn't specified a callback URL. Once I changed this to website and entered a callback URL I stopped getting 400s.
If you're getting error 401 - OAuth::Unauthorized, make sure you edit the settings of your Twitter application as follows:
Application Type: Browser
Callback URL: http://127.0.0.1:3000/auth/twitter/callback
this is an issue about time synchronization of your system with twitter server.
Twitter doesn't allow localhost as part of a valid callback URL.
Instead use http://127.0.0.1:3000/auth/twitter/callback
Hope this helps
This was one of the most annoying things to debug that I have come across. I was outputting in a couple places by accident because the URL's are dynamic and they happened to not be defined in my test case (i use this to display chart data and there is not enough right now so the google chart api URL's are blank). This caused my browser to make multiple requests to my localhost when some pages were loaded. Somehow that made the oauth process crap out. Obviously there is no way for people on S.O. to know about my application specific issue so I had to answer my own question.
I had this same problem and none of the suggestions in this thread worked for me.
I found the problem for me was the TIMESTAMP on my request. The mobile device I was running my scripts on had a jacked up clock. When I updated the system time on my device to the correct time (i.e. now), all of my requests came back "200 OK" instead of "401 Unauthorized".
This problem seems to be caused by twitter not being able to handle connection keep-alive correctly. Make sure you set connection=close http header in the request to twitter. Wasted a weekend debugging this.
not enough info for me, but when was twitter gem last updated? twitter changed their oauth 'stuff' in mid may approx. perhaps you have an old one. I'd update your question to show the callback_url, and make sure you have the right token and secret, which it looks like you don't have.
also, did you put the right callback url in your twitter app page? alot of times that screws you up too.
if that fails use mbleighs twitter_auth instead. it worked for me and is pretty slick.