OmniAuth OAuth 1 strategy for upwork API error

Question

I'm using OmniAuth gem along with the specific provider gems for FB, Linkedin and G+, both for login, registration and information retrieval. I want to offer further integration with other API's in this case with Upwork's api, that uses OAuth 1.

I've set the App with Upwork and have working key and secret. I've set the loader to load my custom strategy (since it's not a gem) and it loads. I've set the provider to pass the key and secret which are stored in an env file.

All of that seems to be working now, after many hours into it. I tried reading through the sparse information contained in OmniAuth's strategy guide, along with OAuth wiki, and looked into the gem files of other providers. I ended up copying a bit of the code I thought would be enough to work through this, at least, for login but I'm messing something up.

Whenever I go to the callback path for upwork, set automatically by omniauth I get an error.

    Started GET "/auth/upwork" for ::1 at 2015-07-29 00:08:12 +0800
  ActiveRecord::SchemaMigration Load (0.3ms)  SELECT "schema_migrations".* FROM "schema_migrations"
I, [2015-07-29T00:08:12.169605 #24517]  INFO -- omniauth: (upwork) Request phase initiated.

OAuth::Unauthorized (405 Method Not Allowed):
  lib/omniauth/strategies/upwork.rb:18:in `request_phase'


  Rendered /Users/mnussbaumer/.rbenv/versions/2.2.2/lib/ruby/gems/2.2.0/gems/actionpack-4.2.1/lib/action_dispatch/middleware/templates/rescues/_source.erb (5.1ms)

By the documentation this seems to be when I either try a GET to a POST only, or a POST to a GET only endpoint.

In Upwork's API reference they explicitly say that:

Get request token

Endpoint
POST /api/auth/v1/oauth/token/request

My strategy is currently as this:

require 'json'
require 'omniauth-oauth'

module OmniAuth
    module Strategies
        class Upwork < OmniAuth::Strategies::OAuth

            option :client_options, {
                :site => "https://www.upwork.com/api",
                :request_token_path => "/api/auth/v1/oauth/token/request",
                :authorize_url => "/services/api/auth",
                :access_token_path => "api/auth/v1/oauth/token/access",
            }

            uid { request.params['user_id'] }

            def request_phase
                    request_token = consumer.get_request_token(:oauth_callback => callback_url)
                session['oauth'] ||= {}
                session['oauth'][name.to_s] = {'callback_confirmed' => request_token.callback_confirmed?, 'request_token' => request_token.token, 'request_secret' => request_token.secret}

                    if request_token.callback_confirmed?
                    redirect request_token.authorize_url(options[:authorize_params].merge(:oauth_consumer_key => consumer.key))
                    else
                        redirect request_token.authorize_url(options[:authorize_params].merge(:oauth_callback => callback_url, :oauth_consumer_key => consumer.key))
                end

                    rescue ::Timeout::Error => e
        fail!(:timeout, e)
                rescue ::Net::HTTPFatalError, ::OpenSSL::SSL::SSLError => e
        fail!(:service_unavailable, e)
      end

            def raw_info
                @raw_info ||= JSON.load(access_token.get('/me.json')).body
            end

        end
    end
end

I tried changing "consumer.get_request_token" to "consumer.post_request_token" but I think that has nothing to do with it.

The request_phase was ripped off of a gem I found and the JSON.load from a different one. I thought it would work with only these 2 but it seems not. I'm learning slowly how to use all this and would like to build first a usable strategy and then provide it as a public gem for omniauth.

UpWork has an API documentation, and they even have a gem for ruby, but I would like to use OmniAuth for everything, plus, I'll need to figure out other API's in the future so I would like to know how to do this well.

https://developers.upwork.com/?lang=ruby#authentication_oauth-10

Anybody can help with this? Or with creating an OmniAuth gem for Upwork. Thanks!

(edited to change the error - now it's much thinner output but it's the same error)

Answer 1

The request_phase method is actually a method that belongs to omniauth-oauth which you required on top of the upwork.rb and your class Upwork inherits it ( OmniAuth::Strategies::OAuth ). you don't have to override it.