[英]Omniauth custom provider and strategy w/ doorkeeper
I have a custom OAuth2 provider (is a Rails app) built with Doorkeeper 我有一个使用Doorkeeper构建的自定义OAuth2提供程序(是Rails应用)
and have a custom client strategy built with OmniAuth 并具有使用OmniAuth构建的自定义客户端策略
The problem is when I set this in config/initializers/devise.rb
问题是当我在config/initializers/devise.rb
设置它时
config.omniauth :mystrategy, "apikey", "secret"
Then i will got this error: 然后我会得到这个错误:
(mystrategy) Callback phase initiated.
(mystrategy) Authentication failure! invalid_credentials:
OmniAuth::Strategies::OAuth2::CallbackError, OmniAuth::Strategies::OAuth2::CallbackError
And if i change the config in devise.rb
to be 如果我将devise.rb
的配置更改为
config.omniauth :mystrategy, "apikey", "secret", {:provider_ignores_state => true}
Then everything is all right ... 然后一切都很好...
I can't figure out what cause this problem. 我不知道是什么原因导致了这个问题。 it seems the problem is the Rails' CSRF protection? 看来问题出在Rails的CSRF保护?
尝试将omniauth-oauth2更改为版本
gem "omniauth-oauth2", "~> 1.0.2"
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.