I recently upgraded a Rails 3 app which used cookies for authentication to Rails 4 and found that the Dropbox API is now giving the following error:
DropboxOAuth2Flow::BadStateError (Missing CSRF token in session.)
... :in `finish_connect'
As I understand it, the CSRF token has been moved to a secure cookie in Rails 4, but I'm unsure of how to tell Dropbox how to deal with it.
How would I change the following code to work with Rails 4?
access_token, user_id, url_state = DropboxOAuth2Flow.new(@APP_KEY, @APP_SECRET, redirectURI, cookies, :dropbox_auth_csrf_token).finish(params)
Aucun commentaire:
Enregistrer un commentaire