Reddit API的redirect_uri参数无效

Question

I'm trying to implement oAuth with Reddit using Devise & the omniauth-reddit gem.

It seems to be passing the local url & api key fine.

https://ssl.reddit.com/api/v1/authorize?response_type=account&client_id=API_KEY&redirect_uri=http%3A%2F%2F127.0.0.1%3A3000%2Fusers%2Fauth%2Freddit%2Fcallback&scope=identity

However the response I get is:

forbidden (reddit.com)

you are not allowed to do that
— invalid redirect_uri parameter.

I've tried setting the redirect_uri to 127.0.0.1:3000 as well as hosted url(heroku), but to no avail.

So now I don't understand if I'm still just giving them the wrong URL or passing a parameter that shouldn't be there.

Thanks for any help!

Answer 1

Ok. So I just figured out a irritating fun little quirk with the Reddit API:

Turns out, it also returns the — invalid redirect_uri parameter error if there's an invalid client ID ! Clearly, I thought the client_id was the same thing as the secret

NOPE

Instead, it's the easy-to-miss ID that's right below your application name. Once you use the proper ID, everything works . . .

Answer 2

OAuth servers (almost always) require that you register the callback address with them. Have you done that? They check that what you send in the redirect_uri matches what you entered. In Reddit:

Just tested it. You have to enter the exact callback URL:

http://127.0.0.1:3000/users/auth/reddit/callback

If you miss one segment, it will report that error.