FAQ

Rodrigo Serrano edited this page Sep 25, 2016 · 12 revisions

FAQ

How to fix OAuth::Unauthorized error for Twitter provider?

First and foremost, check your system clock, especially if you're finding this issue in a virtualized environment. Try:

$ date

If the system date is wrong, either set it manually or install NTP.

Also, you may need to set the Callback URL in Twitter settings. Example configuration for development environment can look like:

http://127.0.0.1:3000/auth/twitter/callback

Rails session is clobbered after callback on OpenID providers

OpenId callbacks are sent using POST request, so remember to disable forgery protection for given action, otherwise session will be clobbered by rails.

skip_before_action :verify_authenticity_token, only: :create

Rails session is clobbered after callback on Developer strategy

The developer strategy callback is sent using POST request. Disable forgery protection for given action, otherwise session will be clobbered by rails.

skip_before_action :verify_authenticity_token, only: :create

Problems with CA certificates during OpenID request (google, yahoo)

If you see warning like this one:

WARNING: making https request to https://www.google.com/accounts/o8/id?id=someid without verifying server certificate; no CA path was specified

You can fix it by adding code to omniauth configuration:

require "openid/fetchers"
OpenID.fetcher.ca_file = "/etc/ssl/certs/ca-certificates.crt"

Change certificate path if you need.

OmniAuth::FailureEndpoint does not redirect in development mode

By default, OmniAuth 1.1.0 and later raises an exception in development mode when authentication fails. If you'd prefer it to redirect to a failure page instead, you can include the following code to your omniauth configuration:

OmniAuth.config.on_failure = Proc.new { |env|
  OmniAuth::FailureEndpoint.new(env).redirect_to_failure
}