[英]Can't retrieve access_token, refresh_token from Omniauth authentication strategy with Devise, Rails 4
I am using such gems: 我正在使用这样的宝石:
gem "omniauth-yandex"
gem 'devise'
My setup. 我的设置。
Routes : 路线 :
devise_for :users, :controllers => { :omniauth_callbacks => "callbacks" }
Devise initializer : 设计初始化器 :
config.omniauth :yandex, Rails.application.secrets.client_id , Rails.application.secrets.password, callback_url: "http://cb2bcdc4.ngrok.io/users/auth/yandex/callback"
User model : 用户模型 :
devise :database_authenticatable, :registerable,
:recoverable, :rememberable, :trackable, :validatable, :omniauthable, :omniauth_providers => [:yandex]
def self.from_omniauth(auth)
where(provider: auth.provider, uid: auth.uid).first_or_create do |user|
user.provider = auth.provider
user.uid = auth.uid
user.email = auth.info.email
user.password = Devise.friendly_token[0,20]
end
end
CallbackController : CallbackController :
class CallbacksController < Devise::OmniauthCallbacksController
def yandex
#empty
end
end
View: 视图:
<%= link_to "Sign in with Yandex", user_yandex_omniauth_authorize_path, id: "sign_in" %>
When I click "Sign in with Yandex" my application prompts for user permission and then redirects back to my application. 当我单击“使用Yandex登录”时,我的应用程序提示用户许可,然后重定向回我的应用程序。 User is created in my database with such fields-- e-mail,provider, uid.
在我的数据库中使用以下字段创建用户-电子邮件,提供商,uid。 But I would like to have also access_token, refresh_token and expires_at because I am using few Yandex API's.
但是我也希望同时具有access_token,refresh_token和expires_at,因为我使用的是少数Yandex API。
When I httlog'ed above action (From clicking "Sign in .." to the redirect back to my application) I received these results: 当我完成上述操作(从单击“登录..”到重定向回我的应用程序)时,我收到以下结果:
D, [2017-04-26T19:17:42.091838 #24865] DEBUG -- : [0;30;101m[httplog] Connecting: oauth.yandex.ru:443[0m
D, [2017-04-26T19:17:42.266645 #24865] DEBUG -- : [0;30;101m[httplog] Sending: POST http://oauth.yandex.ru:443/token[0m
D, [2017-04-26T19:17:42.267040 #24865] DEBUG -- : [0;30;101m[httplog] Data: client_id=097253682f9f41289ec5exxxxxxx&client_secret=xxxxxxdb4fxx0eadcbb8a4143&code=xxxxx327&grant_type=authorization_code&redirect_uri=http%3A%2F%2Fcb2bcdc4.ngrok.io%2Fusers%2Fauth%2Fyandex%2Fcallback%3Fstate%xxxxxxxxxxx%26code%xxxx[0m
D, [2017-04-26T19:17:42.410712 #24865] DEBUG -- : [0;30;101m[httplog] Status: 200[0m
D, [2017-04-26T19:17:42.410945 #24865] DEBUG -- : [0;30;101m[httplog] Benchmark: 0.143445 seconds[0m
D, [2017-04-26T19:17:42.411168 #24865] DEBUG -- : [0;30;101m[httplog] Response:
{"token_type": "bearer", "access_token": "xxxxxxxxuyBwtcyAFjkBZo3F3MCiIaTI", "expires_in": 31528753, "refresh_token": "xxxxxxxxxxxClSH:Pts0u-Mfls-vdEc7-zTOod9ZWzegNFRxxxxxxxxxxxxxKHpwsqBFUHHKtg"}[0m
D, [2017-04-26T19:17:42.414748 #24865] DEBUG -- : [0;30;101m[httplog] Connecting: login.yandex.ru:443[0m
D, [2017-04-26T19:17:42.609376 #24865] DEBUG -- : [0;30;101m[httplog] Sending: GET http://login.yandex.ru:443/info?format=json[0m
D, [2017-04-26T19:17:42.609720 #24865] DEBUG -- : [0;30;101m[httplog] Data: [0m
D, [2017-04-26T19:17:42.675702 #24865] DEBUG -- : [0;30;101m[httplog] Status: 200[0m
D, [2017-04-26T19:17:42.675972 #24865] DEBUG -- : [0;30;101m[httplog] Benchmark: 0.065791 seconds[0m
D, [2017-04-26T19:17:42.676211 #24865] DEBUG -- : [0;30;101m[httplog] Response:
{"first_name": "xxxxxxxxxxx9", "last_name": "xxxxxxxxxxxxxxx", "display_name": "xxxxx", "emails": ["xxxxxx@yandex.ru"], "default_email": "xxxxx@yandex.ru", "real_name": "xxxxxx2", "login": "xxxxxxx", "sex": "male", "id": "xxxx123"}[0m
Question : How can I save access_token, refresh token from Omniauth authentication process to user as it is clearly visible (7th line ) that it does retrieve it using my client_id and secret without any of my code. 问题 :如何将access_token,Omniauth身份验证过程中的刷新令牌保存到用户,因为它清晰可见(第7行),它确实使用我的client_id和secret来检索它,而没有任何我的代码。
Thanks. 谢谢。
What I have tried: 我试过的
Added user.access_token = auth.credentials.token
to self.from_omniauth(auth)
method in user model. 在用户模型中的
self.from_omniauth(auth)
方法中添加了user.access_token = auth.credentials.token
。 But there wasn't any positive change. 但是没有任何积极的变化。
UPDATE : 更新 :
The same problem exists on different platforms. 在不同的平台上存在相同的问题。 For example, on shared hosting and in Linux Ubuntu (completely fresh project from scratch).
例如,在共享主机上和Linux Ubuntu中(从头开始的全新项目)。
The access token is provided by the yandex gem, or to be more specific, the omniauth-oauth2
gem. 访问令牌由yandex gem提供,或更具体地说,由
omniauth-oauth2
gem提供。
Just get inside your controller by doing: request.env["omniauth.auth"].credentials.token
只需通过执行以下操作进入您的控制器:
request.env["omniauth.auth"].credentials.token
Boom. 繁荣。 That's your access token.
这就是您的访问令牌。 (refresh token and expiry data is also in the
credentials
hash, just print it out) (刷新令牌和到期数据也在
credentials
哈希中,只需将其打印出来即可)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.