request.env['omniauth.origin'] => nil in /auth/failure

[eagsalazar]

Hi, I have checked out these issue but am having the same problem:

#227
#483

Versions I'm using:

• omniauth (1.0.2)
• omniauth-facebook (1.0.0.rc2)
• omniauth-oauth (1.0.0)
• rack (1.3.3)
• rails (3.1.1)

Please let me know what other information you need.

app/controllers/authentications_controller.rb @ line 31 in AuthenticationsController#failure:

    26:     @authentication.destroy
    27:     redirect_to edit_user_path(current_user), :notice => "Disconnected from #{provider}."
    28:   end
    29: 
    30:   def failure
 => 31:     binding.pry
    32:     flash[:notice] = "Failed to connect to service."
    33:     if current_user
    34:       redirect_to edit_user_path(current_user)
    35:     else
    36:       redirect_to root_path
[1] pry(#<AuthenticationsController>)> request.env["rack.session"]["omniauth.origin"]
=> nil
[2] pry(#<AuthenticationsController>)> request.env["rack.session"]
=> {"session_id"=>"30262de6db88a559ee2927ef9cfed07d",
 "_csrf_token"=>"B4xXH8HmB7jH9KAjvMsuHwe9auHVsF6uz783Cglh8fw=",
 "oauth"=>{"twitter"=>{"callback_confirmed"=>true}}}
[3] pry(#<AuthenticationsController>)> env["action_dispatch.request.unsigned_session_cookie"]
=> {"session_id"=>"30262de6db88a559ee2927ef9cfed07d",
 "_csrf_token"=>"B4xXH8HmB7jH9KAjvMsuHwe9auHVsF6uz783Cglh8fw=",
 "oauth"=>{"twitter"=>{"callback_confirmed"=>true}}}
[4] pry(#<AuthenticationsController>)> request.env["action_dispatch.request.unsigned_session_cookie"]
=> {"session_id"=>"30262de6db88a559ee2927ef9cfed07d",
 "_csrf_token"=>"B4xXH8HmB7jH9KAjvMsuHwe9auHVsF6uz783Cglh8fw=",
 "oauth"=>{"twitter"=>{"callback_confirmed"=>true}}}
[5] pry(#<AuthenticationsController>)> request.env['omniauth.origin']
=> nil

[simple10]

I ran into the same issue. It turns out OmniAuth is behaving as expected. It's the default on_failure proc that's to blame.

See line 25 in lib/omniauth.rb

All you have to do is configure a new on_failure block.

Rails.application.config.middleware.use OmniAuth::Builder do
  provider :twitter, 'consumer_key', 'consumer_secret'  
  on_failure do |env|
    message_key = env['omniauth.error.type']
    origin = env['omniauth.origin'].split('?').last
    new_path = "#{env['SCRIPT_NAME']}#{OmniAuth.config.path_prefix}/failure?message=#{message_key}&#{origin}"
    [302, {'Location' => new_path, 'Content-Type'=> 'text/html'}, []]
  end
end

Now your failure method will have the origin URL params available to it.

[eagsalazar]

Awesome, thanks! I don't understand how this is omniauth behaving as expected though. The advertised behavior is that the origin should be available in the failure callback but it isn't. I'm glad there is a workaround however. Probably the default on_failure just needs to be updated to include the origin as you have done.

[guilhermesimoes]

Shouldn't omniauth also pass extra params defined by the user on failure? I encountered this problem and ended up on this page. I was able to solve it using the same method detailed here but it doesn't seem intuitive. This should at the very least be better documented in the wiki. There's even a 3 month old open issue about this.

Now, since a pull request which added the provider to the redirect was accepted, it would make sense to add another pull request that adds user defined params to the redirect, don't you agree?