-
Notifications
You must be signed in to change notification settings - Fork 53
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
What are the params? #20
Comments
+1 |
@ebosantos @biske Please remember you also do have to provide $.post 'https://domain.com/oauth2/token',
client_id: d017e2ecd288d3141478af6667d9b7e1401e40b9c8e6290c52ad345bd7b99fe8
client_secret: 67ac711924cc8c46cd4395c13cfe4af91eda7408dc27afbf0303492445b02ffc
grant_type: assertion
assertion: <access_token> |
@matfiz, is it ok to expose client_secret on mobile devices? |
@biske I agree it is not safe- then they are not confidential any more and such OAuth2 consumer is called public client. Ref. http://stackoverflow.com/a/36304034/1851563 |
This should probably not require client_secret — this only makes sense on server-side clients, and the "assertion" grant makes minimal sense in the context of a server-side client. iirc (it's been a while since I read RFC 6749) public clients should not have a secret |
+1 |
I'm getting also the same error with |
@dsantosmerino, after adding client_id it works for me. Can you provide example app to reproduce issue? |
@biske I'm trying to get the token from Postman, and this is my body request: I've tried also providing de client info as get parameter, but I always get the same error than @ebosantos
I have a password strategy with doorkeeper working properly but I need 3rd parties, like Fb. |
@biske I've found the problem. I was using http://rubygems.org as source and there are some needed changes not updated in the gem. |
I'm getting also the same error with cliend_id, client_secret, grant_type and assertion. How to resolve it? |
@adityamajeti I solved it just requiring the gem from this repo instead of rubygems. |
Thanks, dsantosmerino After adding that gem file my resource_owner_from_assertion is executed but after identifying user also i'm not getting access_token getting 404 error somthing like message: application id is taking internal db's app id but not taking fb app id |
@adityamajeti Can you show us your |
resource_owner_from_assertion do one more thing in my application I want fb and eamil intregartion |
@dsantosmerino, I'm using doorkeeper 4.0.0.rc1 gem to generate access_token. but this gem 'doorkeeper-grants_assertion', git: 'https://github.com/Badiapp/doorkeeper-grants_assertion' requires gem doorkeeper 4.0.0. while changing 4.0.0. my doorkeeper logic is not working could you pl help me |
hey @adityamajeti, I didn't try it, but you can fork this repo and modify your required doorkeeper version. Anyway, I've realized that I copy-pasted our fork (from Badiapp), I wanted to say the original one, something like |
BTW, I would like to know how many people are actively using this gem. We need to take care about it and maintain the integration with doorkeeper main project. @tute do you have any suggestion or idea to improve this repo? We could start fixing the RubyGems version. |
Thanks for the text, @dsantosmerino. If you send over PRs improving the gem I will merge them, and then grant you access as maintainer if it's your will. |
@ebosantos @tute I think this is fixed on master. Maybe all we need is a 0.0.2 release. |
This is fixed in the latest release, closing |
I'm POSTing the following JSON to: /oauth/token
{ "grant_type": "assertion", "assertion": "social_provider_token" }
But I'm getting the following error message:
initializers/doorkeeper.rb
Could you please help me?
The text was updated successfully, but these errors were encountered: