CODEWITHSUNDEEP
rubyauthenticationgithubsinatraomniauth
Amyth
Amyth

Reputation: 32969

Ruby, Sinatra , omniauth-github Authentication Failure Callback Error

ok it has been over 5 hours and I am still getting no where. What I am trying to do is setup omniauth-gihub gem in one of my Ruby-Sinatra based applications. Following is What I have done yet.

Added the Gems to the Gemfile (& Ran bundler update command ofcourse):

source 'https://rubygems.org'

gem 'sinatra'
gem 'haml'
gem 'shotgun'
gem 'omniauth', :git => 'git://github.com/intridea/omniauth.git'
gem 'omniauth-github', :git => 'git://github.com/intridea/omniauth-github.git'

Under my app.rb file I have the following code:

#imports
require 'rubygems'
require 'bundler'
require 'sinatra'
require 'omniauth'
require 'omniauth-github'
require 'haml'
require './helpers.rb'

#Configure OmniAuth
use OmniAuth::Builder do
  provider :github, ENV['api_key'], ENV['secret'], # Removing the key and secret for security reasons
  scope: "user,repo,gist"
end

#Application Settings
set :sessions, true
set :views, 'templates'


#Get Method for Application Root
get '/' do
  haml :index
end

#Get/Post Methods For Authentication
%w(get post).each do |method|
  send(method, "/auth/:provider/callback") do
    env['omniauth.auth']
  end 
end

The Github application's settings are as follows:

URL = http://127.0.0.1:4567
Callback URL = http://127.0.0.1:4567/auth/github/callback

Now whenever I visit 127.0.0.1:4567/auth/github/callback I get the following error:

I, [2012-07-26T07:05:23.540462 #30458]  INFO -- omniauth: (github) Callback phase initiated.
E, [2012-07-26T07:05:23.540700 #30458] ERROR -- omniauth: (github) Authentication failure! invalid_credentials: OmniAuth::Strategies::OAuth2::CallbackError, OmniAuth::Strategies::OAuth2::CallbackError
localhost - - [26/Jul/2012:07:05:23 IST] "GET /auth/github/callback HTTP/1.1" 302 9
- -> /auth/github/callback
localhost - - [26/Jul/2012:07:05:23 IST] "GET /auth/failure?message=invalid_credentials&strategy=github HTTP/1.1" 404 448
- -> /auth/failure?message=invalid_credentials&strategy=github
localhost - - [26/Jul/2012:07:05:23 IST] "GET /favicon.ico HTTP/1.1" 404 447
- -> /favicon.ico

it seems it's not even trying to connect to github, I thought I was already logged in so I logged out of github and try visiting 127.0.0.4567/auth/github/callback again and yes it is not even connecting or sending any information to github.

I have check my api key and the secret and they are correct. I can't really figure out what am I missing and am really tired. Any help or suggestion will be much appreciated.

EDIT::

Okay I found that the code raising the error is as follows in oauth2.rb

def callback_phase
    if request.params['error'] || request.params['error_reason']
      raise CallbackError.new(request.params['error'], request.params['error_description'] || request.params['error_reason'], request.params['error_uri'])
    end 
    if request.params['state'].to_s.empty? || request.params['state'] != session.delete('omniauth.state')
      raise CallbackError.new(nil, :csrf_detected)
    end

I feel it is something to do with CSRF.

Upvotes: 2

Views: 4412

Answers (2)

Aidan Feldman
Aidan Feldman

Reputation: 5457

Had the same issue - downgrading omniauth-facebook to 1.4.0 fixed it for me. https://github.com/mkdynamic/omniauth-facebook/issues/73

Upvotes: 2

Petercopter
Petercopter

Reputation: 1257

This might be of interest: https://github.com/intridea/omniauth-github/issues/12

I was getting the same error as you, and adding scope: 'user' fixed it for me.

I see you're already using scope, but the link might put you on the right track.

Upvotes: 2

Related Questions