2

尝试从我的 Rails OAuth API 获取 request_token 时得到这个:

Started POST "/oauth/request_token" for 127.0.0.1 at 2012-04-18 13:09:18 +0300
Processing by OauthController#request_token as */*
  Rendered text template (0.0ms)
Filter chain halted as #<OAuth::Controllers::ApplicationControllerMethods::Filter:0x00000001c82d68 @options={:interactive=>false, :strategies=>:two_legged}, @strategies=[:two_legged]> rendered or redirected
Completed 401 Unauthorized in 26ms (Views: 25.1ms | ActiveRecord: 0.0ms)

使用以下宝石:

  • oauth 0.4.5
  • oauth2 0.5.2
  • oauth 插件 0.4.0

此 API 在 Rails 3.0 中运行良好,但在迁移到 Rails 3.2 并更新所有 gem 后停止工作。我想知道会出什么问题。

这是我获取 request_token 的方式:

consumer2 = OAuth::Consumer.new("kwqAtXlMn5hhpmL1AnaDb2L9qXwI6qK4dgiWcKAh", "H51lKIleX4IymCdbdkWLO5ooPM3SWVTjtnhiqhGz", :site => "http://localhost:3000")

url = "http://localhost:3000/callback"

request_token = consumer2.get_request_token(:oauth_callback => url)

密钥已检查并正确。

这是 oauth_controller.rb (我想它负责授予 request_token ?)

require 'oauth/controllers/provider_controller'
class OauthController < ApplicationController
  include OAuth::Controllers::ProviderController

  def login_required
    authenticate_user!
  end

  protected
  # Override this to match your authorization page form
  # It currently expects a checkbox called authorize
  # def user_authorizes_token?
  #   params[:authorize] == '1'
  # end

  # should authenticate and return a user if valid password.
  # This example should work with most Authlogic or Devise. Uncomment it
  def authenticate_user(username,password)
     user = User.find_by_email params[:username]
     if user && user.valid_password?(params[:password])
       user
     else
       nil
     end
   end

end

更新:我已经深入研究了 Oauth-plugin gem,我认为问题出在此处:

provider_controller.rb:

module ProviderController
      def self.included(controller)
        controller.class_eval do
          before_filter :login_required, :only => [:authorize,:revoke]
          oauthenticate :only => [:test_request]
          oauthenticate :strategies => :token, :interactive => false, :only => [:invalidate,:capabilities]
          oauthenticate :strategies => :two_legged, :interactive => false, :only => [:request_token]
          oauthenticate :strategies => :oauth10_request_token, :interactive => false, :only => [:access_token]
          skip_before_filter :verify_authenticity_token, :only=>[:request_token, :access_token, :invalidate, :test_request, :token]
        end
      end

请求 request_token 时,由于某种原因,身份验证出错。我想知道解决这个问题的聪明方法是什么。

4

0 回答 0