What are the params? #20
Comments
|
+1 |
|
@ebosantos @biske Please remember you also do have to provide $.post 'https://domain.com/oauth2/token',
client_id: d017e2ecd288d3141478af6667d9b7e1401e40b9c8e6290c52ad345bd7b99fe8
client_secret: 67ac711924cc8c46cd4395c13cfe4af91eda7408dc27afbf0303492445b02ffc
grant_type: assertion
assertion: <access_token> |
|
@matfiz, is it ok to expose client_secret on mobile devices? |
|
@biske I agree it is not safe- then they are not confidential any more and such OAuth2 consumer is called public client. Ref. http://stackoverflow.com/a/36304034/1851563 |
|
This should probably not require client_secret — this only makes sense on server-side clients, and the "assertion" grant makes minimal sense in the context of a server-side client. iirc (it's been a while since I read RFC 6749) public clients should not have a secret |
|
+1 |
|
I'm getting also the same error with |
|
@dsantosmerino, after adding client_id it works for me. Can you provide example app to reproduce issue? |
|
@biske I'm trying to get the token from Postman, and this is my body request: I've tried also providing de client info as get parameter, but I always get the same error than @ebosantos
I have a password strategy with doorkeeper working properly but I need 3rd parties, like Fb. |
|
@biske I've found the problem. I was using http://rubygems.org as source and there are some needed changes not updated in the gem. |
|
I'm getting also the same error with cliend_id, client_secret, grant_type and assertion. How to resolve it? |
|
@adityamajeti I solved it just requiring the gem from this repo instead of rubygems. |
|
Thanks, dsantosmerino After adding that gem file my resource_owner_from_assertion is executed but after identifying user also i'm not getting access_token getting 404 error somthing like message: application id is taking internal db's app id but not taking fb app id |
|
@adityamajeti Can you show us your |
|
resource_owner_from_assertion do one more thing in my application I want fb and eamil intregartion |
|
@dsantosmerino, I'm using doorkeeper 4.0.0.rc1 gem to generate access_token. but this gem 'doorkeeper-grants_assertion', git: 'https://github.com/Badiapp/doorkeeper-grants_assertion' requires gem doorkeeper 4.0.0. while changing 4.0.0. my doorkeeper logic is not working could you pl help me |
|
hey @adityamajeti, I didn't try it, but you can fork this repo and modify your required doorkeeper version. Anyway, I've realized that I copy-pasted our fork (from Badiapp), I wanted to say the original one, something like |
|
BTW, I would like to know how many people are actively using this gem. We need to take care about it and maintain the integration with doorkeeper main project. @tute do you have any suggestion or idea to improve this repo? We could start fixing the RubyGems version. |
|
Thanks for the text, @dsantosmerino. If you send over PRs improving the gem I will merge them, and then grant you access as maintainer if it's your will. |
|
@ebosantos @tute I think this is fixed on master. Maybe all we need is a 0.0.2 release. |
|
This is fixed in the latest release, closing |
I'm POSTing the following JSON to: /oauth/token
{ "grant_type": "assertion", "assertion": "social_provider_token" }But I'm getting the following error message:
initializers/doorkeeper.rb
Could you please help me?
The text was updated successfully, but these errors were encountered: