I've been stuck on this issue for a couple of days, and i am a loss here. I have implemented the google login via OAuth 2 for our website, it's working perfectly on my computer (local environment) on any browser, but when i deploy to our staging environment, it works only with google chrome. We use the devise 2.2.8 gem to handle authentification coupled with google-oauth2 0.2.6 to handle interaction with google login. One of the thing that concerns me is that our authentification process happen on 2 different subdomain such as:
- Landing on webpage (en.mywebsite.com)
- Click on Login with Gmail
- Request made to our server
- Redirection on google consent screen
- Callback url for authentification (my.website.com)
Once the user is authentified, he will only browse on my.website.com but originally before being authentified he was on a different subdomain. So i was wondering if there could be some issue on a session level during the authentification ?
Here are the log when i want to authentify myself via Google Login on our staging environment on google chrome:
Jul 16 11:36:44 (google_oauth2) Request phase initiated.
Jul 16 11:36:44 (google_oauth2) Callback phase initiated.
Jul 16 11:36:45 method=GET path=/users/auth/google_oauth2/callback format=html controller=authentification/omniauth action=google_oauth2 status=302 duration=49.96 view=0.00 location=http://my.website.com/ params={"state"=>"e6a565c411170cfcbc62d0209970bd39842aae090671a95a", "code"=>"4/Ib0zrAHgAVNWli9RwJsXf9g7edcVlx96xVLmxCB4Eoc", "controller"=>"authentification/omniauth", "action"=>"google_oauth2"}
Jul 16 11:36:46 method=GET path=/ format=html controller=my/dashboard action=index status=200 duration=839.57 view=160.90 params={"controller"=>"my/dashboard", "action"=>"index"}
Here are the log when i want to authentify myself via Google Login on our staging environment on Safari:
Jul 16 11:24:21 (google_oauth2) Request phase initiated.
Jul 16 11:24:22 (google_oauth2) Callback phase initiated.
Jul 16 11:24:23 method=GET path=/users/auth/google_oauth2/callback format=html controller=authentification/omniauth action=google_oauth2 status=401 duration=0.77 view=0.00 params={"state"=>"05e6567e2443eb5766c77a271d60a767a568b32491ce852c", "code"=>"4/yNlgCDyI71mmYoT48BpWIJNnbaKzUhy7bclIxGHqJdo", "controller"=>"authentification/omniauth", "action"=>"google_oauth2"}
Jul 16 11:24:23 (google_oauth2) Callback phase initiated.
Jul 16 11:24:23 (google_oauth2) Authentication failure! invalid_credentials: OAuth2::Error, invalid_grant: Code was already redeemed.
Jul 16 11:24:23 { Jul 16 11:24:23 "error" : "invalid_grant", Jul 16 11:24:23 "error_description" : "Code was already redeemed." Jul 16 11:24:23 }
Because the callback phase is initiated twice, and the token from google oauth is for a uniq usage, the second callback obviously fails.
I have one file omniauth.rb file under initialiser folders, to place Omniauth in the middleware stack:
Rails.application.config.middleware.use OmniAuth::Builder do
provider :google_oauth2, "google-id", "secret", { scope: "email, profile, gmail.readonly, calendar"}
end
I know some people got the same issue as me when they defined Omniauth twice because they defined it in both omniauth.rb file and devise.rb so i made sure it defined only once.
Aucun commentaire:
Enregistrer un commentaire