Rails: Twitter Omniauth gem 401 Unauthorized Error

Question

I am using twitter omniauth gem in my web application. I stored my key and secret in my DB.

This is my middleware code

 Rails.application.config.middleware.use OmniAuth::Builder do

 provider :twitter, lambda { Site.config[:twitter][:key] },lambda{ Site.config[:twitter][:secret] }

 end

This returns unauthorized error.

But when i specify my key and secret directly in the middleware it works.

(ie)

 Rails.application.config.middleware.use OmniAuth::Builder do

 provider :twitter, "consumer_key" , "consumer_secret"

 end

What is wrong with my first approach ?

Answer 1

You need to use Setup Phase

provider :twitter, :setup => true

And then in controller:

def setup
  request.env['omniauth.strategy'].options[:consumer_key] = Site.config[:twitter][:key]
  request.env['omniauth.strategy'].options[:consumer_secret] = Site.config[:twitter][:secret]
  render :text => "Setup complete.", :status => 404
end

Routes:

match '/auth/:provider/setup' => 'sessions#setup' # for example

Answer 2

You can add your consumer_key and consumer secret in the development.rb and production.rb

# twitter api credential
  config.twitt_consumer_key = 'xxxxxxxxxxxxxxxxx'
  config.twitt_consumer_secret = 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'

And then you can use it

provider :twitter, Rails.application.config.twitt_consumer_key, Rails.application.config.twitt_consumer_secret