Omniauth2 Devise Coinbase策略

Question

我正在使用Devise使用Google和CoinBase oauth2策略構建應用程序。 我在T上幾乎遵循了Devise oauth指令，但是在使用CoinBase進行身份驗證時仍然遇到困難。 我登錄時遇到的錯誤是Authentication failure! invalid_credentials: OAuth2::Error, invalid_client: Client authentication failed due to unknown client, no client authentication included, or unsupported authentication method. Authentication failure! invalid_credentials: OAuth2::Error, invalid_client: Client authentication failed due to unknown client, no client authentication included, or unsupported authentication method. 。 通過Google進行的身份驗證在開發和生產模式下均能完美運行。 以下是每個適用的文件：

config / initializers / devise.rb

config.omniauth :google_oauth2, ENV['google_id'], ENV['google_secret']
config.omniauth :coinbase, ENV['coinbase_id'], ENV['coinbase-secret']

OmniAuth.config.logger = Rails.logger if Rails.env.development?

控制器/用戶/omniauth_callbacks_controller.rb

class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController

  def coinbase
    @user = User.from_omniauth(request.env["omniauth.auth"])

    if @user.persisted?
      sign_in_and_redirect @user
      set_flash_message(:notice, :success, :kind => "Coinbase") if is_navigational_format?
    else
      session["devise.coinbase_data"] = request.env["omniauth.auth"]
      redirect_to new_user_registration_url
    end
  end

  def google_oauth2
    @user = User.from_omniauth(request.env["omniauth.auth"])

    if @user.persisted?
      sign_in_and_redirect @user
      set_flash_message(:notice, :success, :kind => "Google") if is_navigational_format?
    else
      session["devise.google_data"] = request.env["omniauth.auth"]
      redirect_to new_user_registration_url
    end
  end

  def failure
    redirect_to root_path
  end
end

型號/user.rb

class User < ApplicationRecord
  # Include default devise modules. Others available are:
  # :confirmable, :lockable, :timeoutable and :omniauthable
  devise :database_authenticatable, :registerable, :async,
     :recoverable, :rememberable, :trackable, :validatable, 
     :omniauthable, omniauth_providers: [:google_oauth2, :coinbase]

  def self.from_omniauth(auth)
    where(provider: auth.provider, uid: auth.uid).first_or_create do |user|
      user.email = auth.info.email
      user.password = Devise.friendly_token[0,20]
    end
  end

  def self.new_with_session(params, session)
    super.tap do |user|
      if (data = session["devise.google_data"] && session["devise.google_data"]["extra"]["raw_info"]) || (data = session["devise.coinbase_data"] && session["devise.coinbase_data"]["extra"]["raw_info"])
        user.email = data["email"] if user.email.blank?
      end
    end
  end

我一直在試圖找出引發故障的原因，而我想出的就是可能不再支持omniauth-coinbase gem。 還有其他人在將oauth2與CoinBase一起使用時遇到困難嗎？

編輯：oauth請求的日志

Started GET "/users/auth/coinbase" for 127.0.0.1 at 2017-11-06 19:29:57 -0600 (coinbase) Request phase initiated. Started GET "/users/auth/coinbase" for 127.0.0.1 at 2017-11-06 19:29:57 -0600 (coinbase) Request phase initiated. Started GET "/users/auth/coinbase/callback?code=#{redacted_coinbase_client_id}&state={redacted_coinbase_secret}" for 127.0.0.1 at 2017-11-06 19:30:06 -0600 (coinbase) Callback phase initiated. (coinbase) Authentication failure! invalid_credentials: OAuth2::Error, invalid_client: Client authentication failed due to unknown client, no client authentication included, or unsupported authentication method. {"error":"invalid_client","error_description":"Client authentication failed due to unknown client, no client authentication included, or unsupported authentication method."} Processing by Users::OmniauthCallbacksController#failure as HTML Parameters: {"code"=>redacted_coinbase_client_id, "state"=>redacted_coinbase_secret} Redirected to http://portalbase.dev/ Completed 302 Found in 1ms (ActiveRecord: 0.0ms)

Answer 1

我在這個項目上陷入僵局，但確實找到了問題的根源。 Coinbase僅允許您重定向到https域，如果您使用的是localhost，那么這是一個問題。

解決方案是為本地域設置SSL證書（我沒有專長）或使用ngrok之類的服務。