如何从Ruby on Rails应用程序中的OAuth:::未授权异常中拯救?

时间:2021-07-11 00:18:23

How can I rescue from an OAuth::Unauthorized exception as raised from OmniAuth in a Ruby on Rails application?

如何从一个Ruby on Rails应用程序中从OmniAuth::未授权异常中拯救?

Obviously this:

显然这个:

  rescue_from OAuth::Unauthorized, :with => :unauthorized

won't work as that only catches exception thrown inside Rails and this exception is thrown somewhere else in the rack chain.

不会起作用,因为这只捕获在Rails中抛出的异常,而这个异常被抛出到机架链的其他地方。

In this application the administrators (and not us, the developers) configure the credentials for twitter and facebook, so having the wrong ones is something that can happen and indeed does happen. I'd like to show a better message that "Something went wrong" when that happens.

在这个应用程序中,管理员(而不是我们开发人员)配置twitter和facebook的凭据,因此出现错误的凭证是可能的,而且确实会发生。我想展示一个更好的信息,当事情发生时,“出了问题”。

Update: I also asked on the omniauth google group, so far there are no answers, but if you are reading this question you might want to check it out.

更新:我还询问了omniauth谷歌组,到目前为止还没有答案,但是如果您正在阅读这个问题,您可能想要查看一下。

1 个解决方案

#1


2  

OmniAuth operates from Rack Middleware, so a rescue_from will not affect it because that is a level of abstraction above OmniAuth via ActionController.

OmniAuth从Rack中间件运行,因此,从不会影响到它,因为它是通过ActionController在OmniAuth之上的一个抽象级别。

This error is usually due to a misconfiguration of your OAuth settings. Basically it is saying that your application is not authorized to authenticate, not that the user's authentication failed.

这个错误通常是由于OAuth设置的错误配置造成的。基本上,它是说您的应用程序没有授权进行身份验证,而不是用户的身份验证失败。

A configuration error is something you as a developer would want to mitigate, so I'm not sure why you would want to rescue an exception like this.

配置错误是开发人员希望缓解的问题,因此我不确定为什么要挽救这样的异常。

If you absolutely must rescue this exception, you can override and use middleware that inherits from OmniAuth

如果您一定要挽救这个异常,您可以重写并使用继承自OmniAuth的中间件

module OmniAuth
  module Strategies
    class FacebookWithExceptionHandling < OmniAuth::Strategies::Facebook
      def call
        begin
          super
        raise OmniAuth::Unauthorized => e
          #handle appropriately in rack context here
        end
      end
    end
  end
end

Rails.application.config.middleware.use OmniAuth::Builder do
  provider OmniAuth::Strategies::FacebookWithExceptionHandling, 
    api_key, #your api key 
    secret_key, #your secret key
end

#1


2  

OmniAuth operates from Rack Middleware, so a rescue_from will not affect it because that is a level of abstraction above OmniAuth via ActionController.

OmniAuth从Rack中间件运行,因此,从不会影响到它,因为它是通过ActionController在OmniAuth之上的一个抽象级别。

This error is usually due to a misconfiguration of your OAuth settings. Basically it is saying that your application is not authorized to authenticate, not that the user's authentication failed.

这个错误通常是由于OAuth设置的错误配置造成的。基本上,它是说您的应用程序没有授权进行身份验证,而不是用户的身份验证失败。

A configuration error is something you as a developer would want to mitigate, so I'm not sure why you would want to rescue an exception like this.

配置错误是开发人员希望缓解的问题,因此我不确定为什么要挽救这样的异常。

If you absolutely must rescue this exception, you can override and use middleware that inherits from OmniAuth

如果您一定要挽救这个异常,您可以重写并使用继承自OmniAuth的中间件

module OmniAuth
  module Strategies
    class FacebookWithExceptionHandling < OmniAuth::Strategies::Facebook
      def call
        begin
          super
        raise OmniAuth::Unauthorized => e
          #handle appropriately in rack context here
        end
      end
    end
  end
end

Rails.application.config.middleware.use OmniAuth::Builder do
  provider OmniAuth::Strategies::FacebookWithExceptionHandling, 
    api_key, #your api key 
    secret_key, #your secret key
end