I have a custom OAuth2 provider (is a Rails app) built with Doorkeeper
and have a custom client strategy built with OmniAuth
The problem is when I set this in config/initializers/devise.rb
config.omniauth :mystrategy, "apikey", "secret"
Then i will got this error:
(mystrategy) Callback phase initiated.
(mystrategy) Authentication failure! invalid_credentials:
OmniAuth::Strategies::OAuth2::CallbackError, OmniAuth::Strategies::OAuth2::CallbackError
And if i change the config in devise.rb
to be
config.omniauth :mystrategy, "apikey", "secret", {:provider_ignores_state => true}
Then everything is all right ...
I can't figure out what cause this problem. it seems the problem is the Rails' CSRF protection?
尝试将omniauth-oauth2更改为版本
gem "omniauth-oauth2", "~> 1.0.2"
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.