2010-09-16 67 views
4

我開始使用intridea的oauth2 gem(http://github.com/intridea/oauth2),不知道如何解決這個問題。我開發了客戶端和服務器,並根據請求access_token我看到沒有grant_type參數。從客戶端回調控制器我的代碼ruby​​的oauth2 grant_type

class CallbackController < Devise::OauthCallbacksController 
    def accounts 
    access_token = accounts_config.access_token_by_code(params[:code]) 
    @user = User.find_for_accounts_oauth(access_token, 
signed_in_resource) 

    if @user.persisted? && @user.errors.empty? 
     sign_in @user 
     set_oauth_flash_message :notice, :success 
     redirect_to after_oauth_success_path_for(@user) #=> redirects to 
user_root_path or root_path 
    else 
     session[:user_accounts_oauth_token] = access_token.token 
     render_for_auth #=> renders sign up view by default 
    end 

    end 
end 

,並從用戶模式

class User < ActiveRecord::Base 
    devise :database_authenticatable, :oauthable 

    def self.find_for_accounts_oauth(access_token, 
signed_in_resource=nil) 

    data = 
ActiveSupport::JSON.decode(access_token.get(Settings.oauth.site + 
Settings.oauth.access_token_path)) 

    if user = User.find_by_username(data["username"]) 
     user 
    else 
     # Create an user with a stub password. 
     User.create!(:username => data["username"], :password => 
Devise.friendly_token) 
    end 

    end 
end 

從供應商

Started POST "/oauth/token" for 127.0.0.1 at 2010-09-17 00:17:44 +0400 
    Processing by Oauth::TokenController#get_token as */* 
    Parameters: 
{"client_id"=>"9ddf5f526127a8858485f2c9401c7152cfaf870da62267e6f54643de53eb6a76", 
"client_secret"=>"84388e2ca839c2834177024a6f358b1415bcd3ea936be1148443d9df2f7cf363", 
"redirect_uri"=>"http://test.local.lo/users/oauth/accounts/callback", 
"type"=>"web_server", 
"code"=>"d264c2496d0dc5c494b7269f2f9e4c30cd55a571b6944d3231f63577acd12b1b"} 
    SQL (0.8ms) SELECT a.attname, format_type(a.atttypid, 
a.atttypmod), d.adsrc, a.attnotnull 
FROM pg_attribute a LEFT JOIN pg_attrdef d 
ON a.attrelid = d.adrelid AND a.attnum = d.adnum 
WHERE a.attrelid = '"oauth_clients"'::regclass 
AND a.attnum > 0 AND NOT a.attisdropped 
ORDER BY a.attnum 
Oauth error: invalid grant_type 
Rendered text template (0.0ms) 
Completed 400 Bad Request in 112ms (Views: 37.9ms | ActiveRecord: 
178.2ms) 

,並從客戶端

Started GET "https://stackoverflow.com/users/oauth/accounts/callback? 
code=d264c2496d0dc5c494b7269f2f9e4c30cd55a571b6944d3231f63577acd12b1b&&expires_in=3599" 
for 127.0.0.1 at 2010-09-17 00:17:44 +0400 
    Processing by Devise::OauthCallbacksController#accounts as HTML 
    Parameters: 
{"code"=>"d264c2496d0dc5c494b7269f2f9e4c30cd55a571b6944d3231f63577acd12b1b", 
"expires_in"=>"3599"} 
Completed in 343ms 

OAuth2::HTTPError (Received HTTP 400 during request.): 

Rendered /opt/local/lib/ruby1.9/gems/1.9.1/gems/actionpack-3.0.0/lib/ 
action_dispatch/middleware/templates/rescues/_trace.erb (1.4ms) 
Rendered /opt/local/lib/ruby1.9/gems/1.9.1/gems/actionpack-3.0.0/lib/ 
action_dispatch/middleware/templates/rescues/_request_and_response.erb 
(30.0ms) 
Rendered /opt/local/lib/ruby1.9/gems/1.9.1/gems/actionpack-3.0.0/lib/ 
action_dispatch/middleware/templates/rescues/diagnostics.erb within 
rescues/layout (36.7ms) 

不知道如何解決它的日誌?

回答

2

自oauth2 gem上次更新以來,OAuth 2.0規範已經推進。

草案10,甚至更早,使用grant_type參數,而不是type和價值觀也發生了變化:authorization_code取代web_server

的的OAuth 2.0規範詳細解釋:

http://tools.ietf.org/html/draft-ietf-oauth-v2-10

要解決此問題,創業板需要更新,以符合該規範的更高版本兼容。

相關問題