search

deanpcmad / omniauth-discord

Discord OAuth2 Strategy for OmniAuth
MIT License
42 stars 28 forks source link

Autorized only with the app owner account #17

Closed r4mbo7 closed 5 years ago

r4mbo7 commented 6 years ago

Hi !

Thanks for this gem :+1:

I have troubles in production, as I was notified my users have "Invalid Credentials" error while trying to sign-in with discord...

What is strange, Is that It's working fine with my discord account (i'm the app owner)

Here is log of one my user failure ({"code": 0, "message": "401: Unauthorized"})

[router] method=GET path="/users/auth/discord?locale=fr" host=staging-io.scalingo.io request_id=3fede2cb-ab5d-4a3a-a7c2-c2481bdfa7b8 from="185.140.70.240" protocol=https status=302 duration=0.010s bytes=1183 referer="https://staging-io.scalingo.io/fr/users/sign_up" user_agent="Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/66.0.3359.181 Chrome/66.0.3359.181 Safari/537.36"
[web-1] INFO -- : [3fede2cb-ab5d-4a3a-a7c2-c2481bdfa7b8] Started GET "/users/auth/discord?locale=fr" for 185.140.70.240 at 2018-08-08 08:33:16 +0000
[web-1] INFO -- omniauth: (discord) Request phase initiated.
[web-1] INFO -- : [ea017942-5cfb-4646-bdd7-8102f95a7635] Started GET "/users/auth/discord/callback?state=bd3696ed5b205b715b08914772b4b9bc3723b0040fa2e8b3&code=06paxiCj3RGBBjfMMYe638F6R60RJV" for 185.140.70.240 at 2018-08-08 08:33:19 +0000
[web-1] INFO -- omniauth: (discord) Callback phase initiated.
[router] method=GET path="/users/auth/discord/callback?state=bd3696ed5b205b715b08914772b4b9bc3723b0040fa2e8b3&code=06paxiCj3RGBBjfMMYe638F6R60RJV" host=staging-io.scalingo.io request_id=ea017942-5cfb-4646-bdd7-8102f95a7635 from="185.140.70.240" protocol=https status=302 duration=0.330s bytes=895 referer="https://discordapp.com/oauth2/authorize?client_id=476479159380475916&redirect_uri=https%3A%2F%2Fstaging-io.scalingo.io%2Fusers%2Fauth%2Fdiscord%2Fcallback&response_type=code&scope=email&state=bd3696ed5b205b715b08914772b4b9bc3723b0040fa2e8b3" user_agent="Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/66.0.3359.181 Chrome/66.0.3359.181 Safari/537.36"
[web-1] RROR -- omniauth: (discord) Authentication failure! invalid_credentials: OAuth2::Error, :
[web-1] {"code": 0, "message": "401: Unauthorized"}

I'm using Devise, here is the scope

config.omniauth :discord, ENV['DISCORD_CLIENT_ID'], ENV['DISCORD_CLIENT_SECRET'], scope: 'email'

Maybe my discord app require special rights to allow other users to use discord. Is it the case ?

Thanks!

r4mbo7 commented 6 years ago

From the discord OAuth2 URL Generator section, url should be

https://discordapp.com/api/oauth2/authorize?client_id=476479159380475916&redirect_uri=https%3A%2F%2Fstaging-io.scalingo.io%2Fusers%2Fauth%2Fdiscord%2Fcallback&response_type=code&scope=email

But from logs above, request if performed to

https://discordapp.com/oauth2/authorize?client_id=476479159380475916&redirect_uri=https%3A%2F%2Fstaging-io.scalingo.io%2Fusers%2Fauth%2Fdiscord%2Fcallback&response_type=code&scope=email&state=bd3696ed5b205b715b08914772b4b9bc3723b0040fa2e8b3

/api is missing I guess

r4mbo7 commented 6 years ago

I solve my problem by adding identity to the scope. It appear that email isn't enough (but it should be)...

I let you close the issue as it may reveal an unexpected behavior.

Any way, thnaks again for this gem :+1: