Rails for Beginners Part 24: OmniAuth 2.0 URLs Discussion
I get an error
No route matches [GET] "/auth/twitter" -- feels like some rails magic I missed :/
Those having this issue should skip to Part 40 of this tutorial where Chris fixes this.
It's not mentioned here because when this was recorded, the OmniAuth gem allowed GET requests. The gem has since been updated to v2 where only POST requests are allowed by default. This is fixed with the OmniAuth CSRF Protection gem, which is explained in Part 40.
Chris, if you see this, it might be good to add a note or annotation to this video explaining that the latest version of OmniAuth now prevents GET requests by default, so an error will occur without adding OmniAuth CSRF Protection or enabling GET requests in the OmniAuth initializer.
As Dana said, this is fixed in part 40.
What I did after watching part 40 (if you want to save time):
- run "bundle add omniauth-rails_csrf_protection" in your terminal
- temporarily add "<%= button_to 'twitter', '/auth/twitter' %>" in your application.html.erb (or where you find it convenient)
- click the button, which will lead you to the desired authorization page
I keep getting the
OAuth::Unauthorized error, not sure what is going on here but it's keeping me from progressing sadly.
self.token_request(http_method, uri.path, token, request_options, arguments) when (400..499) raise OAuth::Unauthorized, response else response.error! end
There's a question from someone who I believe following this course getting the same error:
Once again great tutorial - keep up the good work. I have a question, how do we or how can we handle this call back URL if we have a multi-tenant app? will the wild card in the callback in twitter work? https://*.example.com/auth/twitter
Thanks for this tutorial! when pushing the connect to Twitter button, I receive this error
400 Bad Request
Extracted source (around line #254):
self.token_request(http_method, uri.path, token, request_options, arguments)
raise OAuth::Unauthorized, response
I adjusted to using a post method in the views/main/index file
to match the new requirements for omniauth.
'<%=button_to "Connect Twitter", "/auth/twitter", method: :post, class: "btn btn-primary" %>
An error occurs when I run Rails C and then run Rails.application.credentials.twitter I receive nil as my response, but when run 'EDITOR="atom --wait" rails credentials: edit I can see the saved Twitter api_key
Try generating a standalone twitter app with v1.1 access (note from Twitter: Standalone Apps live outside of Projects. This means that they can’t use the the most current v2 Twitter API endpoints.). Generate the new api key and secret for the v1.1 app and use those in your credentials:edit step. See cristiano's answer.
It might make sense to remove the old version([OLD] Rails for Beginners Part 24: OmniAuth URLs) from the playlist on YouTube, I got bogged down thinking I had a problem with my setup, stopping at this video and trying a number of things to debug before finding this thread. Playing in full screen mode, I don't notice the titles, but they are there. Next time I'll read the title and try the forums :)
To make this work I had to also create a standalone app, that only has v1.1 access, as described in cristiano's post above. To verify that things work outside of twitter you can use the "developer" strategy: provider :developer unless Rails.env.production? (see omniauth docs) then perform a post request to /auth/developer