Omniauth2设计Coinbase策略

Question

我正在用Google和CoinBase oauth2策略构建一个应用程序。我基本上遵循了Devise指令到一个T，但是我仍然很难用CoinBase进行身份验证。我登录时遇到的错误是Authentication failure! invalid_credentials: OAuth2::Error, invalid_client: Client authentication failed due to unknown client, no client authentication included, or unsupported authentication method.。通过Google的认证在开发模式和生产模式中都是完美的。以下是每个适用的文件：

config/initializers/devise.rb

config.omniauth :google_oauth2, ENV['google_id'], ENV['google_secret']
config.omniauth :coinbase, ENV['coinbase_id'], ENV['coinbase-secret']

OmniAuth.config.logger = Rails.logger if Rails.env.development?

controllers/users/omniauth_callbacks_controller.rb

class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController

  def coinbase
    @user = User.from_omniauth(request.env["omniauth.auth"])

    if @user.persisted?
      sign_in_and_redirect @user
      set_flash_message(:notice, :success, :kind => "Coinbase") if is_navigational_format?
    else
      session["devise.coinbase_data"] = request.env["omniauth.auth"]
      redirect_to new_user_registration_url
    end
  end

  def google_oauth2
    @user = User.from_omniauth(request.env["omniauth.auth"])

    if @user.persisted?
      sign_in_and_redirect @user
      set_flash_message(:notice, :success, :kind => "Google") if is_navigational_format?
    else
      session["devise.google_data"] = request.env["omniauth.auth"]
      redirect_to new_user_registration_url
    end
  end

  def failure
    redirect_to root_path
  end
end

型号/user.rb

class User < ApplicationRecord
  # Include default devise modules. Others available are:
  # :confirmable, :lockable, :timeoutable and :omniauthable
  devise :database_authenticatable, :registerable, :async,
     :recoverable, :rememberable, :trackable, :validatable, 
     :omniauthable, omniauth_providers: [:google_oauth2, :coinbase]

  def self.from_omniauth(auth)
    where(provider: auth.provider, uid: auth.uid).first_or_create do |user|
      user.email = auth.info.email
      user.password = Devise.friendly_token[0,20]
    end
  end

  def self.new_with_session(params, session)
    super.tap do |user|
      if (data = session["devise.google_data"] && session["devise.google_data"]["extra"]["raw_info"]) || (data = session["devise.coinbase_data"] && session["devise.coinbase_data"]["extra"]["raw_info"])
        user.email = data["email"] if user.email.blank?
      end
    end
  end

我一直在试图找出是什么触发了失败，而我想出的就是，无所不在的硬币基宝石可能不再被支持了。是否还有其他人在使用oauth2与CoinBase时遇到了困难？

编辑: oauth请求的日志

Started GET "/users/auth/coinbase" for 127.0.0.1 at 2017-11-06 19:29:57 -0600 (coinbase) Request phase initiated. Started GET "/users/auth/coinbase" for 127.0.0.1 at 2017-11-06 19:29:57 -0600 (coinbase) Request phase initiated. Started GET "/users/auth/coinbase/callback?code=#{redacted_coinbase_client_id}&state={redacted_coinbase_secret}" for 127.0.0.1 at 2017-11-06 19:30:06 -0600 (coinbase) Callback phase initiated. (coinbase) Authentication failure! invalid_credentials: OAuth2::Error, invalid_client: Client authentication failed due to unknown client, no client authentication included, or unsupported authentication method. {"error":"invalid_client","error_description":"Client authentication failed due to unknown client, no client authentication included, or unsupported authentication method."} Processing by Users::OmniauthCallbacksController#failure as HTML Parameters: {"code"=>redacted_coinbase_client_id, "state"=>redacted_coinbase_secret} Redirected to http://portalbase.dev/ Completed 302 Found in 1ms (ActiveRecord: 0.0ms)

Answer 1

我在这个项目中遇到了一个死胡同，但我确实找到了问题的根源。Coinbase只允许您重定向到https域，如果使用localhost，这是一个问题。

解决方案是为本地域设置SSL证书(我没有专门知识)，或者使用像ngrok这样的服务。