18

I have implemented several different strategies found in StackOverFlow, but so far, none seem to affect the error being thrown:

OAuth::Unauthorized 401 Authorization Required

I am following Ryan Bates' RC #241 and get to the point where I click "Sign-in with Twitter" and I get the error. I went ahead and added the response route to the routes.rb file as listed here:

routes.rb:

match 'auth/twitter/callback', to: 'user#update'

thinking that the error might be caused from the callback function. Same error. A look at my dev.log shows this:

Started GET "/auth/twitter" for 127.0.0.1 at 2014-09-16 18:52:08 -0600
(twitter) Request phase initiated.

OAuth::Unauthorized (401 Authorization Required):
oauth (0.4.7) lib/oauth/consumer.rb:216:in `token_request'
oauth (0.4.7) lib/oauth/consumer.rb:136:in `get_request_token'
omniauth-oauth (1.0.1) lib/omniauth/strategies/oauth.rb:29:in `request_phase'
omniauth-twitter (1.0.1) lib/omniauth/strategies/twitter.rb:60:in `request_phase'
omniauth (1.2.2) lib/omniauth/strategy.rb:215:in `request_call'
omniauth (1.2.2) lib/omniauth/strategy.rb:183:in `call!'
omniauth (1.2.2) lib/omniauth/strategy.rb:164:in `call'
omniauth (1.2.2) lib/omniauth/builder.rb:59:in `call'
...
script/rails:6:in `require'
script/rails:6:in `<top (required)>'
-e:1:in `load'
-e:1:in `<main>'

So I know the issue is with the authentication with Twitter going out. Must be the KEY and SECRET, right?

Now, I have put the KEY and SECRET in as ENV[] variables, as direct strings to the environment/development.rb file, taken out the "ENV[]" variables, etc., as per suggestions found all over Stack.

My KEY and SECRET now reside in a custom configuration as discussed here...

config/initializers/social_media.rb:

TWITTER_CONFIG = YAML.load_file("#{::Rails.root}/config/twitter.yml")[::Rails.env]

The config/initializers/omniauth.rb file:

OmniAuth.config.logger = Rails.logger

Rails.application.config.middleware.use OmniAuth::Builder do
  provider :twitter, TWITTER_CONFIG['app_id'], TWITTER_CONFIG['secret']
end

Any ideas on the ActionController: Exception caught OAuth::Unauthorized - 401 Authorization Required? This is probably a Noob error, but my Google-Fu is just Google-F'ed right now...

Promise Preston
  • 24,334
  • 12
  • 145
  • 143
Matteo
  • 1,136
  • 1
  • 16
  • 36

2 Answers2

57

After a night of tearing my hair out, I took at look at the callback URL on Twitter developer console.

Save yourselves some trouble and don't forget to set this. It's not mentioned directly in the RailsCast, although Ryan does briefly pass over it.

When you set the callback URL, don't just put //localhost:3000 it won't work. Instead use:

http://127.0.0.1:3000/
Glenn
  • 8,932
  • 2
  • 41
  • 54
Matteo
  • 1,136
  • 1
  • 16
  • 36
  • Or you can use `lvh.me:3000` which resolves to 127.0.0.1 – aridlehoover Nov 06 '14 at 22:05
  • If you are using the 'sorcery' gem instead, there is a bug - see this solution: https://github.com/NoamB/sorcery/issues/540#issuecomment-65752910 – Nigel Sheridan-Smith Dec 05 '14 at 06:38
  • this was a lifesaver. I am using the RailsApp tutorials, and it was not very clear on this part. – Bob Aleena Jun 02 '15 at 08:07
  • It worked. But do I have to change it back to my domain later? – DenicioCode Oct 22 '15 at 12:46
  • 3
    In my case callback URL was specified but my source web-app was using [oauth dynamic setup](https://github.com/intridea/omniauth/wiki/Setup-Phase) and required a custom callback url to be passed. But in my twitter settings I checked the option `Enable Callback Locking` (as it is mentioned as recommended by Twitter) and I started receiving this 401 error. I unchecked the option `Enable Callback Locking` and the auth started working. – Jignesh Gohel Aug 01 '16 at 06:56
  • I figured out the cause by printing the oauth response body in method `OAuth::Consumer#token_request(http_method, path, token = nil, request_options = {}, *arguments) – Jignesh Gohel Aug 01 '16 at 07:17
0

I had this same issue when working on a Rails 6 application with omniauth-twitter and devise gems

I had added the API Key and the API Secret Key to my Rails 6 application, but when I try to test the Twitter Authentication, I run into the error below:

OAuth::Unauthorized 401 Authorization Required

Here's how I solved it:

I added the following Callback URLs to my Twitter developer account:

http://localhost:3000/auth/twitter
http://localhost:3000/auth/twitter/callback
http://localhost:3000/users/auth/twitter
http://localhost:3000/users/auth/twitter/callback

Note: Replace localhost:3000 with your actual host. Also, the routes used for the callback URLs should match the ones that were set up in your application.

Resources: How to Sign in with Twitter using Devise, Omniauth, and Ruby on Rails

That's all.

I hope this helps

Promise Preston
  • 24,334
  • 12
  • 145
  • 143