#235 OmniAuth Part 1

Thanks Ryan, very interesting

Thanks Ryan, I love your shows. I was just about to start working on the same (integrating OmniAuth with Devise) but you(ll help me a lot forward with these screencasts!

This is the real definitive guide to auth systems!

Thank you, really.

Hi Ryan, thanks for this video! OmniAuth is a great system. We've just put it unto use for Twitter and Facebook logins on our Rails Rumble app from last year, Decaf Sucks (http://decafsucks.com).

I've extracted this code to make a gem called "OmniSocial" that provides a simple and completely functional out of the box setup for logins using Twitter or Facebook. It might also come in handy for the Rails Rumblers this weekend.

You can check it out on GitHub at http://github.com/icelab/omnisocial, and also read some installation instructions on our release announcement: http://icelab.com.au/s/238

Cheers!

@Tim

This sounds like exactly what I need. Have FB or Twitter *be* the login, not link an existing account. Any plans to add Google support?

Is this also possible in OmniAuth?

@Ryan

Yes, this is how OmniSocial works, and it's definitely possibly in OmniAuth: I couldn't have built this little engine without it. With OmniAuth, you have the flexibility to make it work however you like. With OmniSocial, I've shared the way that works for us.

I could definitely add Google Auth support. I'll see if I can add it in the next couple of days.

@Ryan

Although I think you'll see Mr Bates demonstrating how to create a new account based on an external login in the next episode, or something similar. That should satisfy your needs too. Ryan's approach will probably have a little more flexibity than mine insofar as it looks like he'll allow multiple external logins to connect to a single account.

Great episode, interesting stuff! A question, when would you need a user to login several times with different providers?

Wouldn't it be enough if the user logged in once with one provider?

@ippa, I think it's more so that the user doesn't have to know, care or remember which provider they signed in with, like so that they can login with Facebook when they first come to your site, but when they come back three weeks later, they may not remember that they used Facebook and so they attempt to sign in with Twitter.

Thanks Ryan for nice work

I get "OAuth::Unauthorized" when I go to http://localhost:3000/auth/twitter

When you setup the twitter application, what do you put in the fields?

@Joseph: Right, of course a choice of providers should be presented.

In your example, a user login with facebook and come back 3 weeks later:

1) User is still logged in with facebook (not sure how these things expire, if at all?), all is good and the user can go on with their business.

2) The old authentication has expired/been removed, the user is presented with auth-choices, facebook, twitter, openid etc and use one to login.

In either case I fail to see the need for the user to has_many :authentications (one would be enough?)

auth = request.env["omniauth.auth"]
works for me. Why should we use ["rack.auth"] ?

Thanks Ryan for the post. As always I love your screencasts, easy to follow.

Ryan, your screencast are very well done and so very helpful. Thanks.

I did run into a small issue when setting up my twitter app as I did not set the "Application Type" to "browser" with the appropriate callback. It appears to default to "client", which will cause a OAuth::Unauthorized error.

I thought I would add this to your comments in case someone else made the same mistake I did.

Thanks again for your generous contribution to the rails community!

I get "OAuth::Unauthorized" when I go to http://localhost:3000/auth/twitter

One thing I don't get about this is how this is actually "authentication". I can trivially create a fake post and send it to `/auth/twitter/callback`, without ever having even visited Twitter, and the app will consider me to be "authenticated".

What am I missing here? What does "authentication" actually mean in this context?

As always - fantastic screencast!

Unfortunately, I am also getting "OAuth::Unauthorized" when I go to http://localhost:3000/auth/twitter

There are two others that have this same question on the comments.

Could someone please help give some insight into this problem?

Thanks

Oops. I read through the comments too quickly. My question was already answered.

Brad, thanks for the hint!

How can i configure a facebook authentication in development, because i test in localhost and in the facebook´s configuration i configured this with localsite and it always return:

" "error": {
      "type": "OAuthException",
      "message": "Invalid redirect_uri "

Could someone give some insight into this problem??

I am also getting the Unauthorized exception when trying to login via twitter. I have registered an application with twitter and am using omniauth 1.1.6.

Any idea?

Okay guys found the answer. When you register your ap with twitter you need to specify 'browser' client and add a callback such as this such as 'http:localhost.com/callback/login.php'

So the problem is to do with your registration

xdrtfcygvuhbijno

Getting

OAuth::Unauthorized

401 Unauthorized

and Twitter doesn't allow you to set http://localhost:3000/auth/twitter/callback as the callback URL for development?

Instead of localhost use 127.0.0.1

I've also got the OAuth::Unauthorized problem when trying to add Twitter at /auth/twitter.

My Twitter app is set up as a Browser app and my callback url is: 127.0.0.1/auth/twitter/callback

Does anybody have any idea how to fix this?

During my research I also found that Device is doing some kind of Omniauth integration in 1.2 with device :omniauthable. What approach is the prefered do you think?

Thanks in advance!

While I've seen all of your episodes Ryan (and I must say that the time you put into this is great for all lazy bums that don't have that much time to experiment with all the new stuff in the Rails world), I am a bit surprised to find more and more spam in your comments.

If you don't want to moderate them, why not at least let people who want to comment login using something like OmniAuth?!

The omniauth part 1 video appears to be broken. I can't get past about the 6:10 mark, with either version of the video (.mov or .m4v).

when you got an error 'OAuth::Unauthorized', just restart your server.

How do you install the AuthButtons?

VRS

Ryan, thanks for the Railscast. As always, very helpful. Two quick questions:

#1) Will uid:string provide enough space for Facebook user ids?

#2) Would it be correct to say that string was chosen in order support a wide range of different id specifications, against a more efficient (but provider-limited) int or bigint?

For those getting a 401 error - OAuth::Unauthorized I found the following two things could generate this:
1. When setting up the twitter account you must specify the return url (use 127.0.0.1 instead of localhost as localhost won't validate as a proper url). If you don't, twitter will set your account as a client call type, not a browser call, and somehow this ends in a 401 error.
2. A mistake in pasting in the two provider keys that twitter provided.

When point my browser to http://localhost:3000/auth/facebook it indeed
redirects me to facebook to login. But on callback, instead of being
redirected to my url, I receive this error http://pastie.org/1588879

Please help :(

If you're getting error 401 - OAuth::Unauthorized, make sure you edit the settings of your Twitter application as follows:

- Application Type: Browser
- Callback URL: http://127.0.0.1:3000/auth/twitter/callback

authentication information have changed to the omniauth.auth parameter of the Rack environment. simple change:

auth = request.env["rack.auth"]

to

auth = request.env["omniauth.auth"]

Thanks for the fantastic railscast! I've found a minor bug that I was wondering if anyone could explain to me - I'm a rails newb so I have a lot of gaps in my knowledge. When the authentications_controller hits the line:

> render :text => request.env['omniauth.auth'].inspect

The error is:

> NameError in AuthenticationsController#create -
uninitialized constant MultiJson

But, I can print the env information to the logger if I don't try to render the text. Here's a gist of the complete code snippet with the logger lines, which pass, and the render line, which fails:

git://gist.github.com/896700.git

Any idea on what's going on here?

Thanks!

I figured out what the issue was with the "uninitialized constant MultiJson". I just had to add:

> gem "multi_json"

to my Gemfile, bundle install, restart the server and now I'm all good :)

Thank you so much Ryan for the wonderful work on Railscasts.

I'm trying to work my way through this video - after I add the omniauth.rb with

Rails.application.config.middleware.use OmniAuth::Builder do
  provider :twitter, '-----', '-----'
end

I'm unable to start my app - it throws an error saying

/Users/---/---/config/initializers/omniauth.rb:1: undefined method `application' for Rails:Module (NoMethodError)
from /usr/local/lib/ruby/gems/1.8/gems/activesupport-2.3.11/lib/active_support/dependencies.rb:171:in `load_without_new_constant_marking'

Any ideas what might be causing this? I feel like I'm making a fundamental mistake. I'm using devise 1.0.10, ruby 1.8.7 and rail 2.3.11.

Tim

Thanks for another great screencast Ryan!

I am running into a routing error that I am not sure how to solve - feels like I am missing something obvious as I don't see anyone else reporting this.

When I go to 127.0.0.1:3000/auth/twitter I get a
routing error

No route matches "/auth/twitter"

I have the "gem omniauth" in my gemfile (and installed through bundler) and I have omniauth.rb where I have setup twitter connection as suggested.

The server starts up fine - the home page loads. I am on Ruby
1.9.2p180 and Rails 3.0.5 on a Win box.

How does this /auth/twitter route get interpreted? Does Omniauth do it behind the scenes somehow by extending the routes.rb?

Thanks for any thoughts or pointers.

Great screencast Ryan.

I managed to get logins using Twitter, Facebook, Github, and LinkedIn working on a toy app (Ruby 1.9.2/Rails3/Heroku). Any idea how to do it with Google, Yahoo, or MS-Live?

Great Screencast

However I run into problems. I get "Routing Error" "No route matches "/auth/failure"" when doing the twitter login. I have registered my app url as http://127.0.0.1 and the callback as http://127.0.0.1:3000/auth/twitter/callback.

Application keys are correct(and I do get to click the twitter authorize button so that should be fine)

Anybody knows why???

I'm getting /auth/failure?message=invalid_response although, when I inspect request.env['omniauth.auth'] I can see that it has received the auth info correctly?

It seems this very issue was discussed on Github - I've even upgraded to ruby-1.9.2 and am running Rails 3.0.9.

Sadly, no luck!

Awesome !

I can't get the authorization delete working to save my life. In clicking the 'X' for delete, I get a 'GET' directive to authentications/ for that authentication. No confirmation popup, no delete directive.How I know where it's going: it hits the 'show' method of the controller.

The link_to documentation indicates that this will happen if javascript is not enabled, but javascript IS enabled, as are popups. Am I the only person with this problem?

@Steve - I just had the same problem and was searching for the fix. Thankfully your note re: enabling javascript seemed to work for me. Just added this to the head of application.html.erb

<%= javascript_include_tag :defaults %>

Once that was in, things worked fine. Unfortunately I'm a relative noob to this, so don't have any other suggestions here.

Good luck

hi,
I was having some issues thought i might share it here.
I am working on a rails3.1.0.rc6 app using the latest Omniauth gem to authentication user by tiwtter and facebook

But like the demo here on

def create 
  render :text=>request.env['omniauth.auth'].to_yaml
end

is giving null response

but changing it to

def create(auth=request.env['omniauth.auth'])
  render :text=>auth.to_yaml
end

seems to work fine.
I am not sure why this is happening

Twitter callback URL needs to be set (or else OAuth throws 401 exception): http://goo.gl/EHCqE.

I created a Rails 3.1 gem called authbuttons-rails that adds authbuttons to the asset pipeline.

what is the point of this example if it doesn't save the user's oauth token? You can't do anything besides use the information from the initial response. For example: I can't tweet on behalf of this person. If this was a facebook auth - would be able to post messages or do anything. Am I missing something?

Hi all, i have a problem i followed the tutorial and when I try to sign up through Facebook i get this error:
{
"error": {
"message": "Invalid redirect_uri: Given URL is not allowed by the Application configuration.",
"type": "OAuthException"
}
}

This doesnt work anymore at least on twitter.

http://localhost:3000/auth/failure?message=invalid_response

and no solutions...

Take a look at the beginning of episode #304, Ryan explains which things have changed in Omniauth. Maybe it will help.

Just wanted to share with you some problems I had and how solved them when setting Twitter, Facebook and Google.

• Twitter:

  • https://dev.twitter.com, click on "Create an app".
  • When creating an app, "Website" is not important (if you're in development). And don't forget to set the callback URL.

• Facebook

  • https://developers.facebook.com/, click on "Apps" in the navigation bar.
  • Thanks to Andrew Dixon, we know that in development Website > Site URL must be http://127.0.0.1:3000 instead of http://localhost:3000. Unfortunately, Facebook seems to ignore this information, so it will still send the callback using the domain from which you activated the '/auth/facebook' route. This will produce an error if your URL is http://localhost:3000, so just use the http://127.0.0.1:3000 instead when developing.

• Google

  • https://code.google.com/apis/console/, go to "Services" on the left, choose "Google+ API", and then go to "API Access".
  • You don't need the API key, just click the "Create client ID", and use the first 2 in the omniauth.rb
  • Change the "redirect URIs" to http://localhost:3000/auth/google_oauth2/callback (assuming you're in development). When you're changing it, be careful not to leave "https" on that URI :P, because it won't work (try going to https://localhost:3000)

Thanks for this.

small update, i dont think one needs to store the OpenID information anymore.

provider :google_apps, :domain_name => 'your_domain_name', :name=>'admin'

Mine just worked fine this way.

Hi friends,

I am stuck with "undefined method `serialize_into_session'" caused by a call to sign_in_and_redirect. Any ideas?

Cheers.

Thanks Ryan !!

There is an option within the facebook app admin screen, called authenticated referrals. So when a friend clicks a link posted on facebook by your app, they will be asked to allow access to the app before proceeding.

I am curious what the best way would be to basically do all the steps in this episode, authenticate, register, login, etc..but during this action:

The url that is passed into the app from authenticated users looks something like this:

www.app.com/?code=##

which returns the code upon authentication.

How can I take that code, and basically do everything needed to get the omniauth hash...this doesn't seem to work:

request.env["omniauth.auth"]

Is there something special that oauth is doing in the callback URL that can't be done in other controller/actions?

Thanks.

include in your gemfile
gem 'omniauth-twitter'

In my controller i am using following code to authenticate and to create current_session.

person = authenticate_person!(:recall => "sessions#new")
@current_user = person

but

person = Authentication.find_or_create
& @current_user = person

not working for me, did i miss something?
http://stackoverflow.com/questions/15159926/how-to-authenticate-ready-application-with-omniauth

I'ved added raise omni = request.env["omniauth.auth"].to_yaml to the Authentication#create controller but when I authenticate with Twitter and it redirects back, I get:

TypeError: can't convert nil into String

and in the stack trace the first one of many is:
omniauth-twitter (0.0.14) lib/omniauth/strategies/twitter.rb:23:in `+'

In the url it displays the correct users/auth/twitter url with the oauth_token as parameters. I'm not sure what I'm doing wrong, does anyone know what to try to fix this?

Does someone has an example with localized facebook login page?
The following doesn't work with omniauth-facebook gem

Rails.application.config.middleware.use OmniAuth::Builder do
   provider :facebook,
      'FB_TOKEN',
      'FB_SECRET',
      :authorize_params => {
         :locale => 'tr_TR',
      }
end

it should produce this link

https://www.facebook.com/login.php?{...}&display=page&locale=tr_TR

but produces instead

https://www.facebook.com/login.php?{...}&display=page

Because of that the facebook login page isn't localized

I am using rails 3.2.1 omniauth-twitter (0.0.9)

But in twitter callback phase I receive this error

TypeError "can't convert nil into String"

omniauth-twitter (0.0.9) lib/omniauth/strategies/twitter.rb:22:in +'
omniauth-twitter (0.0.9) lib/omniauth/strategies/twitter.rb:22:inblock in class:Twitter'
omniauth (1.1.4) lib/omniauth/strategy.rb:106:in instance_eval'
omniauth (1.1.4) lib/omniauth/strategy.rb:106:inblock in compile_stack'
omniauth (1.1.4) lib/omniauth/strategy.rb:105:in each'
omniauth (1.1.4) lib/omniauth/strategy.rb:105:ininject'
omniauth (1.1.4) lib/omniauth/strategy.rb:105:in compile_stack'
(eval):7:ininfo_stack'
omniauth (1.1.4) lib/omniauth/strategy.rb:322:in info'
omniauth (1.1.4) lib/omniauth/strategy.rb:335:inauth_hash'
omniauth (1.1.4) lib/omniauth/strategy.rb:362:in callback_phase'
omniauth-oauth (1.0.1) lib/omniauth/strategies/oauth.rb:58:incallback_phase'
omniauth (1.1.4) lib/omniauth/strategy.rb:226:in callback_call'
omniauth (1.1.4) lib/omniauth/strategy.rb:182:incall!'
omniauth (1.1.4) lib/omniauth/strategy.rb:164:in call'
omniauth (1.1.4) lib/omniauth/strategy.rb:184:incall!'
omniauth (1.1.4) lib/omniauth/strategy.rb:164:in call'
omniauth (1.1.4) lib/omniauth/builder.rb:49:incall'

I have already updated omniauth-twitter gem and it remains at the same version mentioned above.

What could be the possible reason?

Same problem with TypeError "can't convert nil into String" any solutions?

Just in case anyone is getting a undefined method error for find_or_create_by_provider_and_uid in Rails 4, this code works:

current_user.authentications.find_or_create_by(:provider => auth['provider'],
:uid => auth['uid'])

The RailsApps project has a Rails 4.1 rails-omniauth example application with an in-depth OmniAuth Tutorial.