1

I'm using Omniauth to do OAuth2 authorization. (See my fruitless cries for help.) I tried changing how we did auth, but that's failing. So I reverted all my changes to go back to a system which worked... and now that doesn't work either. (I'm getting "Could not authenticate access code" errors.)

Nothing has changed in the code, I've verified this in git. But the deployed production version works and my development version doesn't. In an attempt to debug this, I'd like to look at the conversation between my app and the IDP, but I'll be damned if I can see a bit of it.

Is there a way to get Omniauth to log some more about what it's doing, like "Requesting OAuth token from #{url} with credentials #{whatever}"? Then maybe I could figure out what's wrong.

Community
  • 1
  • 1
pjmorse
  • 9,204
  • 9
  • 54
  • 124
  • The error I've described above - the "could not authenticate" errors - came because I had more than one "client" entry on the IDP side, so even though I was providing a valid client secret, the IDP wasn't finding that entry in the table. Clearing that table solved the problem. But I still want better logging from Omniauth! How? – pjmorse Dec 30 '13 at 19:49

2 Answers2

3

One other option with the gem is to change the environment variable:

ENV['OAUTH_DEBUG'] = 'true'

That does some additional logging in some places, like here

stevenspiel
  • 5,775
  • 13
  • 60
  • 89
2

Looks like passing a block to Oauth2::Client.new allows you to tack in additional Faraday middleware - the :logger middleware will dump requests + responses to STDOUT:

client = OAuth2::Client.new('client_id', 'client_secret', :site => 'https://example.org') do |connection|
  connection.response :logger
end
Matt Jones
  • 544
  • 3
  • 5
  • 1
    Any ideas on how to make Omniauth gem itself to be more verbouse? I keep getting redirect_uri_mismatch and need to know if its sending the right uri. – hakunin Apr 21 '14 at 06:43
  • @hakunin - Not aware of any specific options, but you could add a 'request' middleware to the client's stack as well to get access to the outbound requests. Or there's always "bundle open" followed by hacking in print statements. :) – Matt Jones Apr 25 '14 at 15:03