OAuth::Unauthorized (400 Bad Request) in rails 3.2

[rahilsondhi]

I generated a consumer key and consumer secret @ https://accounts.google.com/ManageDomains.

But when I go to /users/auth/youtube, I get this error: OAuth::Unauthorized (400 Bad Request): oauth (0.4.5) lib/oauth/consumer.rb:219:intoken_request' oauth (0.4.5) lib/oauth/consumer.rb:139:in get_request_token' omniauth-oauth (1.0.0) lib/omniauth/strategies/oauth.rb:28:inrequest_phase' omniauth (1.0.2) lib/omniauth/strategy.rb:194:in request_call'

Any ideas?

[Rio517]

Were you able to sort this out?

[christopherhein]

Any solution to this?

[dtsadok]

I have the exact same issue.

[dtsadok]

There's a second place to register an application: https://code.google.com/apis/console

That results in a separate key that doesn't seem to work either...

[Rio517]

I guess the orignal dev abandoned this project. You can use the google-oauth-2 and ask for youtube permissions. If you're working on a youtube channel, they asked me to use AuthSub initially, but were then fine with oauth2.

[jamiew]

Sorry, I just noticed these issues. I have not run into these issues myself, what version of rails are you using?

[Rio517]

I'm using rails 3.2.1, omniauth 1.0.1. Thanks for responding!

[jamiew]

Thanks. I know rails 3.2 introduced issues with other omniauth strategies too. I'll take a look at it this evening

[dtsadok]

I am using Sinatra and have the same problem. I think it has to do with confusion as to which YouTube/Google API key we're supposed to use. I tried it with the link in your Readme, as well as Google's "API Console", which gives you a different set of keys. Neither set worked with this library.

The google_oauth2 gem doesn't work with YouTube. I opened an issue there as well.

[christopherhein]

The solution we've come up with is to use the omniauth-google gem not google_oauth2, and with that your can use the keys that you generate from the console section of google, it would still be nice to see this gem work, I'm just not sure where to start based on the that it seems say it requires:

# For the time being this option requires a fork of omniauth-oauth:
# http://github.com/jamiew/omniauth-oauth

in https://github.com/jamiew/omniauth-youtube/blob/master/lib/omniauth/strategies/youtube.rb

Yet that does not seem to exist anymore...

[Rio517]

Oauth2 worked well for me. Used it with the youtube_it gem and it worked really well. Our biggest problem is that with youtube permissions the tokens expire after a few hours if you don't ping any youtube services. We had to add a layer of error catching to manage those expired tokens as well as users who don't have associated youtube accounts.

-M On Feb 21, 2012 8:00 PM, "Christopher Hein" < reply@reply.github.com> wrote:

The solution we've come up with is to use the omniauth-google gem not google_oauth2, and with that your can use the keys that you generate from the console section of google, i would still be nice to see this gem work, I'm just not sure where to start based on the that it seems say it requires:

# For the time being this option requires a fork of omniauth-oauth:
# http://github.com/jamiew/omniauth-oauth

in https://github.com/jamiew/omniauth-youtube/blob/master/lib/omniauth/strategies/youtube.rb

Yet that does not seem to exist anymore...

---

Reply to this email directly or view it on GitHub: https://github.com/jamiew/omniauth-youtube/issues/1#issuecomment-4093338

[christopherhein]

Interesting did you use a scope to give it access to youtube?

[ghost]

The problem seems to be that the scope is not part of the request. Overwriting request_phase in youtube.rb fixes the problem.

 #Overwritten because the scope is required in the request phase
 def request_phase
   request_token = consumer.get_request_token({:oauth_callback => callback_url},:scope=>'http://gdata.youtube.com')
   session['oauth'] ||= {}
   session['oauth'][name.to_s] = {'callback_confirmed' => request_token.callback_confirmed?, 'request_token' => request_token.token, 'request_secret' => request_token.secret}

   if request_token.callback_confirmed?
     redirect request_token.authorize_url(options[:authorize_params])
   else
     redirect request_token.authorize_url(options[:authorize_params].merge(:oauth_callback => callback_url))
   end
   rescue ::Timeout::Error => e
     fail!(:timeout, e)
   rescue ::Net::HTTPFatalError, ::OpenSSL::SSL::SSLError => e
     fail!(:service_unavailable, e)
end

[masterkain]

Any news?

[jamiew]

Could you try out the latest version from git (not the gem)? My request_phase patch was supposed to be inside omniauth core now, but per @bruThaler's comment it might not be

[jamiew]

Fixed by c151619