Devise omniauth-github oauth2 error “bad_verification_code”

Question

I have a Rails 3.1 app with devise 1.5.3 , omniauth 1.0.1 , and omniauth-github 1.0.1 as well.

config/initializers/devise.rb

config.omniauth :github, ENV['GITHUB_KEY'], ENV['GITHUB_SECRET']

config/routes.rb

devise_for :users, :controllers => { :omniauth_callbacks => "users/omniauth_callbacks" } do
  get '/users/auth/:provider' => 'users/omniauth_callbacks#passthru'
end

The key and secret are set up as Heroku variables and the application is registered on Github. Clicking the link you are sent to Github, authenticated and then sent back to the Github callback route with the code and all the info that the auth succeeded.

The problem is that it is getting picked up by the failure method of the users/omniiauth_callbacks controller. I added some put statements to see what the env['omniauth'] was getting sent back with.

env['omniauth.auth'] has all of the info from Github that it is supposed to.

env['omniauth.error'].response however is a an OAuth2::Response with a lot of info, the important parts being:

@parsed={"error"=>"bad_verification_code"}, @error=#<OAuth2::Error: OAuth2::Error>

I am wondering if this post is still valid since Github now has their new v3 API .

It would be possible to just put the code I need in the failure method of the callback controller but that feels kind of dirty and hackish.

Any suggestions would be much appreciated.

Answer 1

I am not really sure if this is going to help, but only yesterday when i was trying to authenticate with github using omniauth gem, i kinda was getting the same errors.

In the end, i ended up doing it the github way of sending the client_id,client_secret and redirect_uri to /github.com/oauth/authorize and got the callback on the redirect_uri.

Heres the link