2

This code definitely worked when I had the "was" versions of the gems.

  • oauth2 1.0.0 (was 0.9.3)
  • omniauth 1.2.2 (was 1.2.1)
  • omniauth-oauth2 1.2.0 (was 1.1.2)
  • omniauth-google-oauth2 0.2.5 (was 0.2.2)
  • devise 3.2.4 (was 3.2.3)

I used this heavily: https://github.com/plataformatec/devise/wiki/OmniAuth:-Overview#google-oauth2-example

I recently had a need to upgrade.

I'm trying to use google_oauth2 to verify the gmail address of a user. If it matches a pre-approved list of users, then I want consider them as authorized, If not , then not. It's a very basic setup.

Here is my setup.

app/models/user.rb ```

class User < ActiveRecord::Base
  # Include default devise modules. Others available are:
  # :token_authenticatable, :confirmable,
  # :lockable, :timeoutable and :omniauthable
  devise :omniauthable, :omniauth_providers => [:google_oauth2]

```

config/routes.rb ```

devise_for :users, controllers: { omniauth_callbacks: "omniauth_callbacks" }
devise_scope :user do
    get 'sign_in', :to => 'devise/sessions#new', :as => :new_user_session
    get 'sign_out', :to => 'devise/sessions#destroy', :as => :destroy_user_session
end

app/controllers/application_controller.rb 

  class ApplicationController < ActionController::Base
  # Prevent CSRF attacks by raising an exception.
  # For APIs, you may want to use :null_session instead.
  protect_from_forgery with: :exception
  def new_session_path(scope)
      new_user_session_path
  end
end

```

And the error I get is:

Showing /private/var/www/concerto-signage/vendor/bundle/ruby/2.1.0/gems/devise-3.2.4/app/views/devise/sessions/new.html.erb where line #3 raised:

undefined method `session_path' for #<#<Class:0x007fa2e4ae54f0>:0x007fa2e4aefea0>
Extracted source (around line #3):
1
2
3
4
5
6

  <h2>Sign in</h2>

  <%= form_for(resource, as: resource_name, url: session_path(resource_name)) do |f| %>
    <div><%= f.label :email %><br />
    <%= f.email_field :email, autofocus: true %></div>

What I don't get is, why is devise trying to go to that view? I just want it to create current_user and take it from there?

Also note, I didn't even include the omniauth_callbacks controller, because it doesn't even fire at this point (based on some debug statements i've made)

I was checking logs and I noticed this bit:

Started GET "/users/auth/google_oauth2/callback?state=029f48fd5d35243b095c6d6933c7699d6501f104a47b23a0&code=4/6SKMFVh
dZLHRRD-2GiIsyNXLNh-t.AhDB-ii59RcVsjMf6whcw_4NFnKMjwI" for 127.0.0.1 at 2014-08-11 13:56:52 -0400
Processing by OmniauthCallbacksController#failure as HTML
tyrantkhan
  • 155
  • 9
  • Note: http://stackoverflow.com/questions/24420942/undefined-method-session-path , but it didn't help – tyrantkhan Aug 11 '14 at 17:27
  • Downgrading 'omniauth-oauth2' back to "1.1.2" (and as a result oauth2 to 0.9.4") fixes this.. must be an issue with them. – tyrantkhan Aug 11 '14 at 18:05

1 Answers1

3

After a bunch of troubleshooting , I finally figured it out.

in config/initializers/devise.rb, I had to alter my config.omniauth call to include strategy class.

  config.omniauth :google_oauth2,
                  'APP_ID',
                  'APP_SECRET',
                  :strategy_class => OmniAuth::Strategies::GoogleOauth2
tyrantkhan
  • 155
  • 9
  • How can I get the strategy class dynamically? I have several providers, but using a case statement is a bit ugly :/ – HenriC Feb 01 '19 at 09:17