2

Getting this when trying to obtain a request_token from my Rails OAuth API:

Started POST "/oauth/request_token" for 127.0.0.1 at 2012-04-18 13:09:18 +0300
Processing by OauthController#request_token as */*
  Rendered text template (0.0ms)
Filter chain halted as #<OAuth::Controllers::ApplicationControllerMethods::Filter:0x00000001c82d68 @options={:interactive=>false, :strategies=>:two_legged}, @strategies=[:two_legged]> rendered or redirected
Completed 401 Unauthorized in 26ms (Views: 25.1ms | ActiveRecord: 0.0ms)

Using following gems:

  • oauth 0.4.5
  • oauth2 0.5.2
  • oauth-plugin 0.4.0

This API was working fine in Rails 3.0, and stopped working after migration to Rails 3.2 and updating all the gems. I wonder what could go wrong.

Here is how I get the request_token:

consumer2 = OAuth::Consumer.new("kwqAtXlMn5hhpmL1AnaDb2L9qXwI6qK4dgiWcKAh", "H51lKIleX4IymCdbdkWLO5ooPM3SWVTjtnhiqhGz", :site => "http://localhost:3000")

url = "http://localhost:3000/callback"

request_token = consumer2.get_request_token(:oauth_callback => url)

The keys are checked and correct.

Here is the oauth_controller.rb (which, I suppose, is responsible for granting request_token ?)

require 'oauth/controllers/provider_controller'
class OauthController < ApplicationController
  include OAuth::Controllers::ProviderController

  def login_required
    authenticate_user!
  end

  protected
  # Override this to match your authorization page form
  # It currently expects a checkbox called authorize
  # def user_authorizes_token?
  #   params[:authorize] == '1'
  # end

  # should authenticate and return a user if valid password.
  # This example should work with most Authlogic or Devise. Uncomment it
  def authenticate_user(username,password)
     user = User.find_by_email params[:username]
     if user && user.valid_password?(params[:password])
       user
     else
       nil
     end
   end

end

Update: I've digged a little into the Oauth-plugin gem, and I think the problem is somewhere here:

provider_controller.rb:

module ProviderController
      def self.included(controller)
        controller.class_eval do
          before_filter :login_required, :only => [:authorize,:revoke]
          oauthenticate :only => [:test_request]
          oauthenticate :strategies => :token, :interactive => false, :only => [:invalidate,:capabilities]
          oauthenticate :strategies => :two_legged, :interactive => false, :only => [:request_token]
          oauthenticate :strategies => :oauth10_request_token, :interactive => false, :only => [:access_token]
          skip_before_filter :verify_authenticity_token, :only=>[:request_token, :access_token, :invalidate, :test_request, :token]
        end
      end

The authentication goes wrong for some reason when requesting for the request_token. I wonder what could be the smart way to fix this.

Alexander Savin
  • 6,202
  • 3
  • 29
  • 41
  • I know this is a long shot, but did you ever find a solution to this? Been troubleshooting the same problem for a while now with no success – Peter Phillips Oct 28 '16 at 17:23

0 Answers0