Comments (21)
@biske I've found the problem. I was using http://rubygems.org as source and there are some needed changes not updated in the gem.
from doorkeeper-grants_assertion.
+1
from doorkeeper-grants_assertion.
@ebosantos @biske Please remember you also do have to provide client_id
and client_secret
, so the complete set of params would be:
$.post 'https://domain.com/oauth2/token',
client_id: d017e2ecd288d3141478af6667d9b7e1401e40b9c8e6290c52ad345bd7b99fe8
client_secret: 67ac711924cc8c46cd4395c13cfe4af91eda7408dc27afbf0303492445b02ffc
grant_type: assertion
assertion: <access_token>
from doorkeeper-grants_assertion.
@matfiz, is it ok to expose client_secret on mobile devices?
from doorkeeper-grants_assertion.
@biske I agree it is not safe- then they are not confidential any more and such OAuth2 consumer is called public client. Ref. http://stackoverflow.com/a/36304034/1851563
from doorkeeper-grants_assertion.
This should probably not require client_secret — this only makes sense on server-side clients, and the "assertion" grant makes minimal sense in the context of a server-side client.
iirc (it's been a while since I read RFC 6749) public clients should not have a secret
from doorkeeper-grants_assertion.
+1
from doorkeeper-grants_assertion.
I'm getting also the same error with cliend_id, client_secret, grant_type and assertion
. Could you provide a valid example?
from doorkeeper-grants_assertion.
@dsantosmerino, after adding client_id it works for me. Can you provide example app to reproduce issue?
from doorkeeper-grants_assertion.
@biske I'm trying to get the token from Postman, and this is my body request:
{ "client_id": "clientid", "client_secret": "secretid", "assertion": "32423444", "grant_type": "assertion" }
I've tried also providing de client info as get parameter, but I always get the same error than @ebosantos
ArgumentError (wrong number of arguments (given 1, expected 3)):
doorkeeper-grants_assertion (0.0.1) lib/doorkeeper/request/assertion.rb:10:in `initialize'
I have a password strategy with doorkeeper working properly but I need 3rd parties, like Fb.
from doorkeeper-grants_assertion.
I'm getting also the same error with cliend_id, client_secret, grant_type and assertion. How to resolve it?
from doorkeeper-grants_assertion.
@adityamajeti I solved it just requiring the gem from this repo instead of rubygems.
gem 'doorkeeper-grants_assertion', git: 'https://github.com/Badiapp/doorkeeper-grants_assertion'
from doorkeeper-grants_assertion.
Thanks, dsantosmerino
After adding that gem file my resource_owner_from_assertion is executed but after identifying user also i'm not getting access_token getting 404 error somthing like
message:
Document not found for class Doorkeeper::AccessToken with attributes {:application_id=>BSON::ObjectId('57c7131c2550c626d6eab983'), :resource_owner_id=>BSON::ObjectId('57c941fc2550c622e4d1f947'), :revoked_at=>nil}.
summary:
When calling Doorkeeper::AccessToken.find_by with a hash of attributes, all attributes provided must match a document in the database or this error will be raised.
resolution:
Search for attributes that are in the database or set the Mongoid.raise_not_found_error configuration option to false, which will cause a nil to be returned instead of raising this error.):
application id is taking internal db's app id but not taking fb app id
from doorkeeper-grants_assertion.
@adityamajeti Can you show us your resource_owner_from_assertion
?
from doorkeeper-grants_assertion.
resource_owner_from_assertion do
facebook = URI.parse('https://graph.facebook.com/me?access_token=' + params[:assertion])
response = Net::HTTP.get_response(facebook)
user_data = JSON.parse(response.body)
# User.find_by_facebook_id(user_data['id'])
User.find_by uid:user_data['id']
end
one more thing in my application I want fb and eamil intregartion
from doorkeeper-grants_assertion.
@dsantosmerino, I'm using doorkeeper 4.0.0.rc1 gem to generate access_token. but this gem 'doorkeeper-grants_assertion', git: 'https://github.com/Badiapp/doorkeeper-grants_assertion' requires gem doorkeeper 4.0.0. while changing 4.0.0. my doorkeeper logic is not working could you pl help me
from doorkeeper-grants_assertion.
hey @adityamajeti, I didn't try it, but you can fork this repo and modify your required doorkeeper version. Anyway, I've realized that I copy-pasted our fork (from Badiapp), I wanted to say the original one, something like
gem 'doorkeeper-grants_assertion', git: 'https://github.com/doorkeeper-gem/doorkeeper-grants_assertion'
from doorkeeper-grants_assertion.
BTW, I would like to know how many people are actively using this gem. We need to take care about it and maintain the integration with doorkeeper main project. @tute do you have any suggestion or idea to improve this repo? We could start fixing the RubyGems version.
from doorkeeper-grants_assertion.
Thanks for the text, @dsantosmerino. If you send over PRs improving the gem I will merge them, and then grant you access as maintainer if it's your will.
from doorkeeper-grants_assertion.
@ebosantos @tute I think this is fixed on master. Maybe all we need is a 0.0.2 release.
from doorkeeper-grants_assertion.
This is fixed in the latest release, closing
from doorkeeper-grants_assertion.
Related Issues (14)
- Invalid Request when submitting HOT 2
- How to issue token for a particular app in assertion flow? And refresh this token. HOT 9
- Roadmap for 1.0 HOT 16
- Colliding with other flows? HOT 4
- How do you return validation errors ? HOT 3
- Rails 5 support HOT 1
- Scrub assertion parameter in the request HOT 3
- Can Doorkeeper 5.5 support be released? HOT 1
- Google Oauth assertion failing? HOT 1
- invalid_grant - The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client
- Including doorkeeper-grants_assertion gem causes NoMethodError undefined method `authenticate_admin!' HOT 10
- Maintainer HOT 23
- Is there anyway to set the grant_type for the assertion? HOT 13
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from doorkeeper-grants_assertion.