I'm trying to implement oAuth with Reddit using Devise & the omniauth-reddit gem.
It seems to be passing the local url & api key fine.
https://ssl.reddit.com/api/v1/authorize?response_type=account&client_id=API_KEY&redirect_uri=http%3A%2F%2F127.0.0.1%3A3000%2Fusers%2Fauth%2Freddit%2Fcallback&scope=identity
However the response I get is:
forbidden (reddit.com)
you are not allowed to do that
— invalid redirect_uri parameter.
I've tried setting the redirect_uri to 127.0.0.1:3000 as well as hosted url(heroku), but to no avail.
So now I don't understand if I'm still just giving them the wrong URL or passing a parameter that shouldn't be there.
Thanks for any help!
Ok. So I just figured out a irritating fun little quirk with the Reddit API:
Turns out, it also returns the — invalid redirect_uri parameter
error if there's an invalid client ID
! Clearly, I thought the client_id
was the same thing as the secret
NOPE
Instead, it's the easy-to-miss ID that's right below your application name. Once you use the proper ID, everything works . . .
OAuth servers (almost always) require that you register the callback address with them. Have you done that? They check that what you send in the redirect_uri
matches what you entered. In Reddit:
Just tested it. You have to enter the exact callback URL:
http://127.0.0.1:3000/users/auth/reddit/callback
If you miss one segment, it will report that error.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.