search

lunohodov / eventical

Instant iCal feeds for your EVE Online calendar(s).
MIT License
7 stars 6 forks source link

New omniauth-eve_online-sso #562

Closed biow0lf closed 2 years ago

biow0lf commented 3 years ago

Describe the bug

Don’t update omniauth-eve_online-sso gem to new 0.3.0.

I see weird issue with new v2 tokens. I will update this issue after debugging.

biow0lf commented 3 years ago

Ok. I found what is not OK.

Let me show (in evemonk rails console):

oauth_client_options = OmniAuth::Strategies::EveOnlineSso.default_options["client_options"]
# => {"authorize_url"=>"/v2/oauth/authorize", "token_url"=>"/v2/oauth/token", "site"=>"https://login.eveonline.com/"}
oauth_client = OAuth2::Client.new(Setting.eve_online_sso_client_id, Setting.eve_online_sso_secret_key, oauth_client_options)
# => #<OAuth2::Client:0x00007fbb5c03d468
# @id="d4d3bc8b6f3043918ee5e3f3a0961f7f",
# @options=
#  {:authorize_url=>"/oauth/authorize",
#   :token_url=>"/oauth/token",
#   :token_method=>:post,
#   :auth_scheme=>:request_body,
#   :connection_opts=>{},
#   :connection_build=>nil,
#   :max_redirects=>5,
#   :raise_errors=>true,
#   :extract_access_token=>#<Proc:0x00007fbb515c7718 #/Users/biow0lf/.rbenv/versions/3.0.2/lib/ruby/gems/3.0.0/gems/oauth2-1.4.7/lib/oauth2/client.rb:235>,
#   "authorize_url"=>"/v2/oauth/authorize",
#   "token_url"=>"/v2/oauth/token"},
# @secret="REMOVED",
# @site="https://login.eveonline.com/">

Fixed version:

oauth_client_options = OmniAuth::Strategies::EveOnlineSso.default_options["client_options"].deep_symbolize_keys
# => {:authorize_url=>"/v2/oauth/authorize", :token_url=>"/v2/oauth/token", :site=>"https://login.eveonline.com/"}
oauth_client = OAuth2::Client.new(Setting.eve_online_sso_client_id, Setting.eve_online_sso_secret_key, oauth_client_options)                   
#=> #<OAuth2::Client:0x00007fbb5c096f40
# @id="d4d3bc8b6f3043918ee5e3f3a0961f7f",
# @options=
#  {:authorize_url=>"/v2/oauth/authorize",
#   :token_url=>"/v2/oauth/token",
#   :token_method=>:post,
#   :auth_scheme=>:request_body,
#   :connection_opts=>{},
#   :connection_build=>nil,
#   :max_redirects=>5,
#   :raise_errors=>true,
#   :extract_access_token=>#<Proc:0x00007fbb515c7718 #/Users/biow0lf/.rbenv/versions/3.0.2/lib/ruby/gems/3.0.0/gems/oauth2-1.4.7/lib/oauth2/client.rb:235>},
# @secret="REMOVED",
# @site="https://login.eveonline.com/">

So, just call .deep_symbolize_keys on client_options hash. And authorize_url and token_url will override default...

Fix here add .deep_symbolize_keys.

But, this is not all. Something weird with migration current v1 tokens to v2.

{"error":"invalid_grant","error_description":"Invalid refresh token. Unable to migrate grant."}

For now, I will rollback omniauth-eve_online-sso to 0.2.0 and make new build.

gem "omniauth-eve_online-sso", "0.2.0"

P.S.: I will post more here when I start understand what is wrong with v2 tokens.

lunohodov commented 3 years ago

Interesting. Curious how this will develop. Thanks for the heads-up!

lunohodov commented 3 years ago

P.S.: I will post more here when I start understand what is wrong with v2 tokens.

@biow0lf Any updates on this? Can we upgrade to v0.3 of omniauth-eve_online-sso?

biow0lf commented 3 years ago

@biow0lf Any updates on this? Can we upgrade to v0.3 of omniauth-eve_online-sso?

@lunohodov No. I am working on v0.4.0. v0.3.0 is mix of v2 SSO of /v2/oauth/authorize and /v2/oauth/token with /oauth/verify from v1. This is not right and (anyway) will breaks in future.

lunohodov commented 3 years ago

This is great. Thank you!

biow0lf commented 3 years ago

Ok. I release v0.4.0. I will deploy evemonk with this change and see. Wait day or two.

lunohodov commented 2 years ago

Resolved in #618