What are the params? about doorkeeper-grants_assertion HOT 21 CLOSED

@biske I've found the problem. I was using http://rubygems.org as source and there are some needed changes not updated in the gem.

from doorkeeper-grants_assertion.

+1

from doorkeeper-grants_assertion.

@ebosantos @biske Please remember you also do have to provide client_id and client_secret, so the complete set of params would be:

$.post 'https://domain.com/oauth2/token',
  client_id: d017e2ecd288d3141478af6667d9b7e1401e40b9c8e6290c52ad345bd7b99fe8
  client_secret: 67ac711924cc8c46cd4395c13cfe4af91eda7408dc27afbf0303492445b02ffc
  grant_type: assertion
  assertion: <access_token>

from doorkeeper-grants_assertion.

@matfiz, is it ok to expose client_secret on mobile devices?

from doorkeeper-grants_assertion.

@biske I agree it is not safe- then they are not confidential any more and such OAuth2 consumer is called public client. Ref. http://stackoverflow.com/a/36304034/1851563

from doorkeeper-grants_assertion.

This should probably not require client_secret — this only makes sense on server-side clients, and the "assertion" grant makes minimal sense in the context of a server-side client.

iirc (it's been a while since I read RFC 6749) public clients should not have a secret

from doorkeeper-grants_assertion.

+1

from doorkeeper-grants_assertion.

I'm getting also the same error with cliend_id, client_secret, grant_type and assertion. Could you provide a valid example?

from doorkeeper-grants_assertion.

@dsantosmerino, after adding client_id it works for me. Can you provide example app to reproduce issue?

from doorkeeper-grants_assertion.

@biske I'm trying to get the token from Postman, and this is my body request:
{ "client_id": "clientid", "client_secret": "secretid", "assertion": "32423444", "grant_type": "assertion" }

I've tried also providing de client info as get parameter, but I always get the same error than @ebosantos

ArgumentError (wrong number of arguments (given 1, expected 3)):
doorkeeper-grants_assertion (0.0.1) lib/doorkeeper/request/assertion.rb:10:in `initialize'

I have a password strategy with doorkeeper working properly but I need 3rd parties, like Fb.

from doorkeeper-grants_assertion.

I'm getting also the same error with cliend_id, client_secret, grant_type and assertion. How to resolve it?

from doorkeeper-grants_assertion.

@adityamajeti I solved it just requiring the gem from this repo instead of rubygems.
gem 'doorkeeper-grants_assertion', git: 'https://github.com/Badiapp/doorkeeper-grants_assertion'

from doorkeeper-grants_assertion.

Thanks, dsantosmerino

After adding that gem file my resource_owner_from_assertion is executed but after identifying user also i'm not getting access_token getting 404 error somthing like

message:
Document not found for class Doorkeeper::AccessToken with attributes {:application_id=>BSON::ObjectId('57c7131c2550c626d6eab983'), :resource_owner_id=>BSON::ObjectId('57c941fc2550c622e4d1f947'), :revoked_at=>nil}.
summary:
When calling Doorkeeper::AccessToken.find_by with a hash of attributes, all attributes provided must match a document in the database or this error will be raised.
resolution:
Search for attributes that are in the database or set the Mongoid.raise_not_found_error configuration option to false, which will cause a nil to be returned instead of raising this error.):

application id is taking internal db's app id but not taking fb app id

from doorkeeper-grants_assertion.

@adityamajeti Can you show us your resource_owner_from_assertion?

from doorkeeper-grants_assertion.

resource_owner_from_assertion do
facebook = URI.parse('https://graph.facebook.com/me?access_token=' + params[:assertion])
response = Net::HTTP.get_response(facebook)
user_data = JSON.parse(response.body)
# User.find_by_facebook_id(user_data['id'])
User.find_by uid:user_data['id']
end

one more thing in my application I want fb and eamil intregartion

from doorkeeper-grants_assertion.

@dsantosmerino, I'm using doorkeeper 4.0.0.rc1 gem to generate access_token. but this gem 'doorkeeper-grants_assertion', git: 'https://github.com/Badiapp/doorkeeper-grants_assertion' requires gem doorkeeper 4.0.0. while changing 4.0.0. my doorkeeper logic is not working could you pl help me

from doorkeeper-grants_assertion.

hey @adityamajeti, I didn't try it, but you can fork this repo and modify your required doorkeeper version. Anyway, I've realized that I copy-pasted our fork (from Badiapp), I wanted to say the original one, something like
gem 'doorkeeper-grants_assertion', git: 'https://github.com/doorkeeper-gem/doorkeeper-grants_assertion'

from doorkeeper-grants_assertion.

BTW, I would like to know how many people are actively using this gem. We need to take care about it and maintain the integration with doorkeeper main project. @tute do you have any suggestion or idea to improve this repo? We could start fixing the RubyGems version.

from doorkeeper-grants_assertion.

Thanks for the text, @dsantosmerino. If you send over PRs improving the gem I will merge them, and then grant you access as maintainer if it's your will.

from doorkeeper-grants_assertion.

@ebosantos @tute I think this is fixed on master. Maybe all we need is a 0.0.2 release.

from doorkeeper-grants_assertion.

This is fixed in the latest release, closing

from doorkeeper-grants_assertion.