Skip to content

When I click cancel when logging in with Twitter or Facebook I get an error #616

pupeno opened this Issue Jun 15, 2012 · 9 comments

8 participants

pupeno commented Jun 15, 2012


When I click cancel in the Twitter or Facebook login or auth pages, I get redirected back to my app and OmniAuth throws an exception (that obviously I can't catch). The exception is: OAuth::Unauthorized (401 Unauthorized), and the stack trace is:

oauth (0.4.6) lib/oauth/consumer.rb:216:in `token_request'
  oauth (0.4.6) lib/oauth/consumer.rb:136:in `get_request_token'
  omniauth-oauth (1.0.1) lib/omniauth/strategies/oauth.rb:29:in `request_phase'
  omniauth-twitter (0.0.11) lib/omniauth/strategies/twitter.rb:50:in `request_phase'
  omniauth (1.1.0) lib/omniauth/strategy.rb:207:in `request_call'
  omniauth (1.1.0) lib/omniauth/strategy.rb:174:in `call!'
  omniauth (1.1.0) lib/omniauth/strategy.rb:157:in `call'
  omniauth (1.1.0) lib/omniauth/strategy.rb:177:in `call!'
  omniauth (1.1.0) lib/omniauth/strategy.rb:157:in `call'
  omniauth (1.1.0) lib/omniauth/builder.rb:48:in `call'
  sass (3.1.19) lib/sass/plugin/rack.rb:54:in `call'
  warden (1.1.1) lib/warden/manager.rb:35:in `block in call'
  warden (1.1.1) lib/warden/manager.rb:34:in `catch'
  warden (1.1.1) lib/warden/manager.rb:34:in `call'
  actionpack (3.2.6) lib/action_dispatch/middleware/best_standards_support.rb:17:in `call'
  rack (1.4.1) lib/rack/etag.rb:23:in `call'
  rack (1.4.1) lib/rack/conditionalget.rb:25:in `call'
  actionpack (3.2.6) lib/action_dispatch/middleware/head.rb:14:in `call'
  actionpack (3.2.6) lib/action_dispatch/middleware/params_parser.rb:21:in `call'
  actionpack (3.2.6) lib/action_dispatch/middleware/flash.rb:242:in `call'
  rack (1.4.1) lib/rack/session/abstract/id.rb:205:in `context'
  rack (1.4.1) lib/rack/session/abstract/id.rb:200:in `call'
  actionpack (3.2.6) lib/action_dispatch/middleware/cookies.rb:338:in `call'
  activerecord (3.2.6) lib/active_record/query_cache.rb:64:in `call'
  activerecord (3.2.6) lib/active_record/connection_adapters/abstract/connection_pool.rb:473:in `call'
  actionpack (3.2.6) lib/action_dispatch/middleware/callbacks.rb:28:in `block in call'
  activesupport (3.2.6) lib/active_support/callbacks.rb:405:in `_run__60653626266012267__call__4496837804684830799__callbacks'
  activesupport (3.2.6) lib/active_support/callbacks.rb:405:in `__run_callback'
  activesupport (3.2.6) lib/active_support/callbacks.rb:385:in `_run_call_callbacks'
  activesupport (3.2.6) lib/active_support/callbacks.rb:81:in `run_callbacks'
  actionpack (3.2.6) lib/action_dispatch/middleware/callbacks.rb:27:in `call'
  actionpack (3.2.6) lib/action_dispatch/middleware/reloader.rb:65:in `call'
  actionpack (3.2.6) lib/action_dispatch/middleware/remote_ip.rb:31:in `call'
  actionpack (3.2.6) lib/action_dispatch/middleware/debug_exceptions.rb:16:in `call'
  actionpack (3.2.6) lib/action_dispatch/middleware/show_exceptions.rb:56:in `call'
  railties (3.2.6) lib/rails/rack/logger.rb:26:in `call_app'
  railties (3.2.6) lib/rails/rack/logger.rb:16:in `call'
  quiet_assets (1.0.1) lib/quiet_assets.rb:20:in `call_with_quiet_assets'
  actionpack (3.2.6) lib/action_dispatch/middleware/request_id.rb:22:in `call'
  rack (1.4.1) lib/rack/methodoverride.rb:21:in `call'
  rack (1.4.1) lib/rack/runtime.rb:17:in `call'
  activesupport (3.2.6) lib/active_support/cache/strategy/local_cache.rb:72:in `call'
  rack (1.4.1) lib/rack/lock.rb:15:in `call'
  actionpack (3.2.6) lib/action_dispatch/middleware/static.rb:62:in `call'
  airbrake (3.1.1) lib/airbrake/rack.rb:30:in `call'
  airbrake (3.1.1) lib/airbrake/user_informer.rb:12:in `call'
  railties (3.2.6) lib/rails/engine.rb:479:in `call'
  railties (3.2.6) lib/rails/application.rb:220:in `call'
  rack (1.4.1) lib/rack/content_length.rb:14:in `call'
  railties (3.2.6) lib/rails/rack/log_tailer.rb:17:in `call'
  thin (1.3.1) lib/thin/connection.rb:80:in `block in pre_process'
  thin (1.3.1) lib/thin/connection.rb:78:in `catch'
  thin (1.3.1) lib/thin/connection.rb:78:in `pre_process'
  thin (1.3.1) lib/thin/connection.rb:53:in `process'
  thin (1.3.1) lib/thin/connection.rb:38:in `receive_data'
  eventmachine (0.12.10) lib/eventmachine.rb:256:in `run_machine'
  eventmachine (0.12.10) lib/eventmachine.rb:256:in `run'
  thin (1.3.1) lib/thin/backends/base.rb:61:in `start'
  thin (1.3.1) lib/thin/server.rb:159:in `start'
  rack (1.4.1) lib/rack/handler/thin.rb:13:in `run'
  rack (1.4.1) lib/rack/server.rb:265:in `start'
  railties (3.2.6) lib/rails/commands/server.rb:70:in `start'
  railties (3.2.6) lib/rails/commands.rb:55:in `block in <top (required)>'
  railties (3.2.6) lib/rails/commands.rb:50:in `tap'
  railties (3.2.6) lib/rails/commands.rb:50:in `<top (required)>'
  script/rails:6:in `require'
  script/rails:6:in `<top (required)>'
  -e:1:in `load'
  -e:1:in `<main>'

I asked about this in StackOverflow but I think it might be a bug:

pupeno commented Jun 15, 2012

Adding this to the omniauth initializer of my Rails project fixed/workarounded this issue:

class NonExplodingFailureEndpoint
  attr_reader :env


  def initialize(env)
    @env = env

  def call

  def raise_out!
    raise env['omniauth.error'] ||['omniauth.error.type'])

  def redirect_to_failure
    message_key = env['omniauth.error.type']
    new_path = "#{env['SCRIPT_NAME']}#{OmniAuth.config.path_prefix}/failure?message=#{message_key}"["302 Moved"], 302, 'Location' => new_path).finish

OmniAuth.config.on_failure = NonExplodingFailureEndpoint

Note the lack of missing:

raise_out! if ENV['RACK_ENV'].to_s == 'development'
pupeno commented Jun 15, 2012

A smaller workaround:

class NonExplodingFailureEndpoint < OmniAuth::FailureEndpoint
  def call

OmniAuth.config.on_failure = NonExplodingFailureEndpoint

I had this problem also, but stumbled into an entry in the FAQ. It contains the following even more concise solution, which I prefer:

# Added to config/initializers/omniauth.rb
OmniAuth.config.on_failure = { |env|

And fwiw - the default behavior feels wrong, as authentication failure is not an exceptional event.


This feels wrong to me as well. Please fix!

INTRIDEA Inc. member
sferik commented Nov 20, 2012

Patches welcome!


I have the same problem with LinkedIn, your solutions helped me, but then I cannot define the reason of the failure - invalid_credentials or user_refused. So need patch for fixing this problem. Thanks.


For what it's worth the same things happens when applied to accessing Github. As a new developer, my thanks to those who of you who posted solutions, they helped me. Seems that this needs needs a better defined behavior.

pas256 commented Feb 4, 2014

@doublemarked That did the trick. Thanks!

grosser commented Jul 3, 2015

Using this now to get users back to where they came from ... or root ... setting a flash would be nice but ...

OmniAuth.config.on_failure = -> (env) do['302 Moved'], 302, 'Location' => env['omniauth.origin'] || "/").finish
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.