返回用户身份的Rails3 omniauth google身份验证 [英] Rails3 omniauth google authentication on Returns User Identity

问题描述

我的Omniauth集成可用于本地开发，但无法在Google上进行分期.

My Omniauth integration works on local development but fails for google on staging.

require 'omniauth/openid'
require 'openid/store/memcache'

Rails.application.config.middleware.use OmniAuth::Builder do
  OmniAuth.config.full_host = "http://xx.xx.xxx/"

  # dedicated openid
   provider :open_id, OpenID::Store::Memcache.new(Dalli::Client.new), :name => 'google', :identifier => 'https://www.google.com/accounts/o8/id'

end

我收到此错误消息:

在2011-12-01 02:22:20 +0000开始为58.71.19.178获取GET"/auth/failure?message = invalid_credentials" 由ErrorsController#routing处理为HTML 参数:{"message" =>"invalid_credentials"，"a" =>"auth/failure"} 渲染的public/404.html(0.1ms) 在1毫秒内完成404找不到(观看次数:0.6毫秒| ActiveRecord:0.0毫秒)

Started GET "/auth/failure?message=invalid_credentials" for 58.71.19.178 at 2011-12-01 02:22:20 +0000 Processing by ErrorsController#routing as HTML Parameters: {"message"=>"invalid_credentials", "a"=>"auth/failure"} Rendered public/404.html (0.1ms) Completed 404 Not Found in 1ms (Views: 0.6ms | ActiveRecord: 0.0ms)

另外，我的OmniAuth.config.full_host中的for IP也可能不相同?

Also the ip in for is not the same in my OmniAuth.config.full_host maybe that could be causing the issue?

推荐答案

罪魁祸首是apache在不同的ip上发送和返回

The culprit was that apache sending and returning on different ips

此猴子补丁修复了该问题.

This monkey patch fixed the issue.

module OmniAuth
  module Strategies
    # OmniAuth strategy for connecting via OpenID. This allows for connection
    # to a wide variety of sites, some of which are listed [on the OpenID website](http://openid.net/get-an-openid/).
    class OpenID
      protected
      def callback_url
        uri = URI.parse(request.url)
        uri.path += '/callback'

        # by KirylP: to overcome hosting subdomain forwarding to rails port        
        uri.port = '' if request.env.has_key? 'HTTP_X_FORWARDED_SERVER'

        uri.to_s
      end
    end
  end
end

module Rack
  class OpenID
    SERVER_PORT_TO_AVOID = 12002

    private
    def realm_url(req)
      url = req.scheme + "://"
      url << req.host

      scheme, port = req.scheme, req.port
      if scheme == "https" && port != 443 ||
          scheme == "http" && port != 80
        url << ":#{port}" if port != SERVER_PORT_TO_AVOID # KirylP
      end

      url
    end
  end
end

module OpenID
  class Consumer
    def complete(query, current_url)
      message = Message.from_post_args(query)

      current_url.sub!(":#{Rack::OpenID::SERVER_PORT_TO_AVOID}", '') # KirylP

      mode = message.get_arg(OPENID_NS, 'mode', 'invalid')
      begin
        meth = method('complete_' + mode)
      rescue NameError
        meth = method(:complete_invalid)
      end
      response = meth.call(message, current_url)
      cleanup_last_requested_endpoint
      if [SUCCESS, CANCEL].member?(response.status)
        cleanup_session
      end
      return response
    end    
  end
end

这篇关于返回用户身份的Rails3 omniauth google身份验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！