I'm working on a rails app that authenticates using Bungie OAuth using this gem. My configurations in initializers/devise.rb are as follows:
我正在开发一个使用这个gem使用Bungie OAuth进行身份验证的rails应用程序。我在initializers / devise.rb中的配置如下:
config.omniauth :bungie, ENV['CLIENT_ID'], ENV['CLIENT_SECRET'], ENV['X_API_KEY'], ENV['REDIRECT_URL']
Bungie's developer portal requires a redirect URL with HTTPS, so I've pushed my application to Heroku and used a redirect to force authentication back to localhost for testing. Using this method, everything works fine. However, when I push the app to production, the response back to my application from Bungie fails with OAuth2::Error, invalid_request: redirect_uri does not match application configuration. The redirect_url is the exact same thing in both my application's env variables and on Bungie's development portal.
Bungie的开发人员门户需要使用HTTPS的重定向URL,因此我将我的应用程序推送到Heroku并使用重定向强制身份验证返回localhost进行测试。使用这种方法,一切正常。但是,当我将应用程序推送到生产环境时,从Bungie返回我的应用程序的响应失败,出现OAuth2 :: Error,invalid_request:redirect_uri与应用程序配置不匹配。 redirect_url在我的应用程序的env变量和Bungie的开发门户中完全相同。
Seeing as it's in production, I'm limited to the logs that I can see. I've tried tracking the requests in the network tab of the dev tools in my browser, but everything looks as it should.
看到它正在生产中,我只能看到我能看到的日志。我已经尝试在浏览器中的开发工具的网络选项卡中跟踪请求,但一切看起来都应该如此。
I've tried working with the developer of the bungie-oauth2 gem, but we have not been able to come to a resolution (and his prod apps work fine with it).
我曾尝试与bungie-oauth2 gem的开发人员合作,但我们未能达成一个解决方案(他的prod应用程序可以正常工作)。
Is there anything that might cause the redirect_url to differ once in Heroku?
在Heroku中是否有任何可能导致redirect_url不同的东西?
As requested, here is my route for omniauth:
根据要求,这是我的omniauth路线:
devise_for :users, :controllers => { :omniauth_callbacks => "users/omniauth_callbacks" }
Output from rake routes:
耙路线的输出:
users_sign_out GET /users/sign_out(.:format) devise/sessions#destroy
new_user_session GET /users/sign_in(.:format) devise/sessions#new
user_session POST /users/sign_in(.:format) devise/sessions#create
destroy_user_session DELETE /users/sign_out(.:format) devise/sessions#destroy
user_bungie_omniauth_authorize GET|POST /users/auth/bungie(.:format) users/omniauth_callbacks#passthru
user_bungie_omniauth_callback GET|POST /users/auth/bungie/callback(.:format) users/omniauth_callbacks#bungie
new_user_password GET /users/password/new(.:format) devise/passwords#new
edit_user_password GET /users/password/edit(.:format) devise/passwords#edit
user_password PATCH /users/password(.:format) devise/passwords#update
PUT /users/password(.:format) devise/passwords#update
POST /users/password(.:format) devise/passwords#create
cancel_user_registration GET /users/cancel(.:format) devise/registrations#cancel
new_user_registration GET /users/sign_up(.:format) devise/registrations#new
edit_user_registration GET /users/edit(.:format) devise/registrations#edit
user_registration PATCH /users(.:format) devise/registrations#update
PUT /users(.:format) devise/registrations#update
DELETE /users(.:format) devise/registrations#destroy
POST /users(.:format) devise/registrations#create
and my controller:
和我的控制器:
def bungie
@user = User.from_omniauth(request.env["omniauth.auth"])
if @user.persisted?
@user.remember_me = true
sign_in_and_redirect @user, :event => :authentication
else
session["devise.bungie_data"] = request.env["omniauth.auth"]
redirect_to root_path
end
end
Full source can be found at https://github.com/destiny-aviato/destinder.
完整的源代码可以在https://github.com/destiny-aviato/destinder找到。
2 个解决方案
#1
4
Encoding of redirect_uri param in your auth request to bungie jumps out:
在您的身份验证请求中将redirect_uri param编码为bungie跳出:
https%25253A%25252F%25252Fdestinder.herokuapp.com%25252Fusers%25252Fauth%25252Fbungie%25252Fcallback
To read it in plain, I had to decode it thrice. Normally params are encoded just once
要简单地阅读它,我必须解码它三次。通常,params只编码一次
URI.decode(URI.decode(URI.decode("https%25253A%25252F%25252Fdestinder.herokuapp.com%25252Fusers%25252Fauth%25252Fbungie%25252Fcallback")))
Not sure if this is what causing the issue. Can you check how many times request_uri gets encoded when you hit it from local. If it's less than 3, then during heroku deployment your request_uri gets encoded one extra time.
不确定这是否是导致问题的原因。你可以检查一下当你从本地点击时,request_uri被编码的次数。如果它小于3,那么在heroku部署期间,您的request_uri会被编码一次额外的时间。
To get request_uri for local, logout from bungie, click on "Sign in with bungie" on your local. The url in browser would have request_uri.
要获取本地的request_uri,请从bungie注销,点击您当地的“使用bungie登录”。浏览器中的url会有request_uri。
#2
-1
replace redirect url of your Heroku application in credential
在凭证中替换Heroku应用程序的重定向URL
#1
4
Encoding of redirect_uri param in your auth request to bungie jumps out:
在您的身份验证请求中将redirect_uri param编码为bungie跳出:
https%25253A%25252F%25252Fdestinder.herokuapp.com%25252Fusers%25252Fauth%25252Fbungie%25252Fcallback
To read it in plain, I had to decode it thrice. Normally params are encoded just once
要简单地阅读它,我必须解码它三次。通常,params只编码一次
URI.decode(URI.decode(URI.decode("https%25253A%25252F%25252Fdestinder.herokuapp.com%25252Fusers%25252Fauth%25252Fbungie%25252Fcallback")))
Not sure if this is what causing the issue. Can you check how many times request_uri gets encoded when you hit it from local. If it's less than 3, then during heroku deployment your request_uri gets encoded one extra time.
不确定这是否是导致问题的原因。你可以检查一下当你从本地点击时,request_uri被编码的次数。如果它小于3,那么在heroku部署期间,您的request_uri会被编码一次额外的时间。
To get request_uri for local, logout from bungie, click on "Sign in with bungie" on your local. The url in browser would have request_uri.
要获取本地的request_uri,请从bungie注销,点击您当地的“使用bungie登录”。浏览器中的url会有request_uri。
#2
-1
replace redirect url of your Heroku application in credential
在凭证中替换Heroku应用程序的重定向URL