我有一个站点,该站点配置为使用带有 Omniauth 的 Devise 与多个 Oauth2 API 一起工作,并且直到上周一直正常运行。目前使用 Twitter 和 Github 登录仍然正常;但是,Facebook、LinkedIn 和 Google 给我一个错误,指出重定向 URI 不匹配。错误消息如下:
Facebook:
错误——omniauth:(facebook)身份验证失败!invalid_credentials: >OAuth2::Error, : {"error":{"message":"验证验证码时出错。请确保您的 >redirect_uri 与您在 OAuth 对话请求中使用的相同","type":" OAuthException","code":100,"fbtrace_id":"XXXXXXXXXX"}}
领英:
错误——omniauth: (linkedin) 身份验证失败!invalid_credentials:>OAuth2::Error,invalid_request:缺少必需的参数,包含无效的参数值,参数不止一次。:无法检索访问令牌:appId 或重定向 uri 与授权码不匹配或授权码已过期 {"error_description":"缺少必需的参数,包含无效的参数值,参数不止一次。:无法检索访问令牌:appId 或重定向 uri 与授权码不匹配或授权码已过期","error":"invalid_request"}
谷歌
错误——omniauth: (google_oauth2) 身份验证失败!invalid_credentials: >OAuth2::Error, redirect_uri_mismatch: { "error" : "redirect_uri_mismatch" }
我在 Chrome 开发者控制台中查看了为所有这三个发送的请求,并且回调的重定向 uri 与每个 API 注册的 uri 匹配(自从它工作以来没有改变)。
回溯此错误的挑战在于,我不能 100% 确定当我直接登录或在最近的集成测试中安装新功能时使用 Github 登录时这些停止工作。(重要的教训!)可能会影响这一点的重大变化之一是我为 Devise 集成了 Traceable 扩展,这让我需要 Warden Gem。但是,我删除了 Traceable 和 Warden 配置,并将用户模型和配置文件恢复到以前的状态,我遇到了同样的问题。
我通常更愿意提供更多代码示例,但老实说,我不确定从什么代码开始。我希望有人遇到过类似的问题,并且可以指出正确的开始方向。
首先,下面是我的设计初始化程序,其中删除了注释以缩短
Devise.setup do |config|
config.mailer_sender = 'no-reply@' + ENV['DOMAIN_NAME']
config.mailer = 'Devise::Mailer'
require 'devise/orm/active_record'
config.case_insensitive_keys = [:email]
config.strip_whitespace_keys = [:email]
config.skip_session_storage = [:http_auth]
config.stretches = Rails.env.test? ? 1 : 10
config.allow_unconfirmed_access_for = 10.days
config.reconfirmable = true
config.confirmation_keys = [:email]
config.remember_for = 2.weeks
config.expire_all_remember_me_on_sign_out = true
config.password_length = 8..72
config.email_regexp = /\A[^@]+@[^@]+\z/
config.reset_password_keys = [:email]
config.reset_password_within = 6.hours
config.sign_in_after_reset_password = true
config.sign_out_via = :get
# ==> OmniAuth
# Add a new OmniAuth provider. Check the wiki for more information on setting
# up on your models and hooks.
# config.omniauth :github, 'APP_ID', 'APP_SECRET', scope: 'user,public_repo'
require "omniauth-google-oauth2" # Added Based on Response to Another Stackoverflow Issues - Did Not Help.
OMNIAUTH = YAML.load(File.read(File.expand_path('../../omniauth.yml', __FILE__))).deep_symbolize_keys
OMNIAUTH.each_value do |provider|
config.omniauth provider[:reference].to_sym, ENV[provider[:key_ref]], ENV[provider[:secret_ref]], { :scope => provider[:scope] }
end
end
加载的omniauth.yml 文件如下所示:
facebook: { reference: "facebook",
name: "Facebook",
scope: "email, public_profile, user_birthday",
key_ref: "FACEBOOK_KEY",
secret_ref: "FACEBOOK_SECRET" }
twitter: { reference: "twitter",
name: "Twitter",
scope: "r_fullprofile, r_emailaddress",
key_ref: "TWITTER_KEY",
secret_ref: "TWITTER_SECRET" }
linkedin: { reference: "linkedin",
name: "LinkedIn",
scope: "r_basicprofile r_emailaddress",
key_ref: "LINKEDIN_KEY",
secret_ref: "LINKEDIN_SECRET" }
github: { reference: "github",
name: "GitHub",
scope: "user, public_repo",
key_ref: "GITHUB_KEY",
secret_ref: "GITHUB_SECRET" }
google: { reference: "google_oauth2",
name: "Google",
scope: "email, profile",
key_ref: "GOOGLE_KEY",
secret_ref: "GOOGLE_SECRET" }