OAuth2 :: doorkeeper錯誤

Question

每當我嘗試向門衛提供商進行身份驗證時，總是會遇到以下錯誤

invalid_grant: The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client. {"error":"invalid_grant","error_description":"The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client."}

我嘗試了與其他門衛客戶端，但仍然有相同的錯誤

門衛客戶：

1. https://github.com/doorkeeper-gem/doorkeeper-devise-client.git
2. http://dev.mikamai.com/post/112508735689/oauth2-on-rails-the-client-application

門衛提供者：

https://github.com/doorkeeper-gem/doorkeeper-provider-app.git

Answer 1

我通過將omniauth-oauth2 gem版本降級到此處提到的1.3.1來解決-https: //github.com/intridea/omniauth-oauth2/issues/81

Answer 2

盡管降級為gem 'omniauth-oauth2', '~> 1.3.1'可以確認gem 'omniauth-oauth2', '~> 1.3.1'是一個解決方案，但在Doorkeeper的Create-a-OmniAuth-strategy-for-your-provider Wiki頁面中 ，提到在實現中門衛的OmniAuth策略應顯示以下方法：

  # https://github.com/intridea/omniauth-oauth2/issues/81
  def callback_url
    full_host + script_name + callback_path
  end

在提到的omn​​iauth-oauth2問題＃81中進行了長時間的討論

當我嘗試通過使用基於Rails 5 Devise的客戶端應用程序來測試基於Rails 5 Devise的Doorkeeper Provider時，我個人遇到了所報告的錯誤，以允許提供商的用戶在我的客戶端應用程序上連接其帳戶。

在前端設備OmniAuth：OmniauthCallbacksController上的我的OmniAuth::Strategies::Doorkeeper缺少上述方法時，正在閃爍消息“ 無效憑據”，並且在客戶端應用服務器日志中看到以下錯誤：

  Started GET "/users/auth/doorkeeper" for 127.0.0.1 at 2017-08-22 17:45:02 +0530
  I, [2017-08-22T17:45:02.386866 #14535]  INFO -- omniauth: (doorkeeper) Request phase initiated.
  Started GET "/users/auth/doorkeeper/callback?code=1b833bcc09651f98b0424a7afb1e60bd50fdcc765daf7d499bcefb5554457187&state=c215fd707ecd71c6ad0f6b5e58fa0d2da7210d86946d41e3" for 127.0.0.1 at 2017-08-22 17:45:03 +0530
  I, [2017-08-22T17:45:03.506424 #14535]  INFO -- omniauth: (doorkeeper) Callback phase initiated.
  E, [2017-08-22T17:45:03.523737 #14535] ERROR -- omniauth: (doorkeeper) Authentication failure! invalid_credentials: OAuth2::Error, invalid_grant: The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client.
  {"error":"invalid_grant","error_description":"The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client."}
  Processing by Users::OmniauthCallbacksController#failure as HTML
    Parameters: {"code"=>"1b833bcc09651f98b0424a7afb1e60bd50fdcc765daf7d499bcefb5554457187", "state"=>"c215fd707ecd71c6ad0f6b5e58fa0d2da7210d86946d41e3"}
  Redirected to http://localhost:5000/
  Completed 302 Found in 0ms (ActiveRecord: 0.0ms)

因此，將該策略添加到策略中可以視為替代解決方案。

謝謝。