Sign In With Slack | nil request.env['omniauth.auth']

omniauth / omniauth_openid_connect

MIT License

170 stars 187 forks source link

Sign In With Slack | nil request.env['omniauth.auth'] #96

Open kwent opened 3 years ago

kwent commented 3 years ago

Hi thank you for this library super helpful!

So i'm trying to setup sign in with slack per their doc: https://api.slack.com/authentication/sign-in-with-slack

  Rails.application.config.middleware.use OmniAuth::Strategies::OpenIDConnect, {
    name: :sign_in_slack,
    issuer: 'https://slack.com',
    discovery: true,
    scope: [:openid, :email, :profile],
    response_type: :code,
    client_options: {
      port: 443,
      scheme: "https",
      host: "slack.com",
      identifier: "redacted",
      secret: "redacted",
      redirect_uri: "#{ENV['BASE_URL']}/auth/slack/callback/sign_in",
    },
  }

But my callback controller is seeing request.env['omniauth.auth'] nil.

The callback_phase method is never called.

What am i doing wrong ?

Regards

stale[bot] commented 3 years ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

kwent commented 3 years ago

Not stale. Still waiting for an answer :)

formigarafa commented 3 years ago

I am not sure but, try removing the redirect_uri param and let the gem generate one automatically . maybe the endpoint that should trigger the callback_phase is not being called because of that.

formigarafa commented 2 years ago

@kwent did this resolve your problem?

kwent commented 2 years ago

Don't have capacity to try this again right now but i'll let you know when i do

danjay commented 2 years ago

Your redirect uri needs to be /auth/_name_ofprovider/callback

So #{ENV['BASE_URL']}/auth/sign_in_slack/callback

kwent commented 1 year ago

Is this a requirement ? We have this in our routes.rb so shouldn't matter

get "/auth/slack/callback/sign_in" => "omniauth_callbacks#sign_in_slack"

dgmstuart commented 1 year ago

I had the same issue and apparently it is a requirement:

When I had my redirect URL set to just /auth/slack/callback, I also got request.env['omniauth.auth'] nil. But changing it to /auth/slack/callback (where name: :slack in the OmniAuth::Builder config) I get a CSRF error from the callback phase (which is at least progress).

dgmstuart commented 1 year ago

(Ok for reference, my CSRF issue was dumb: I have ngrok pointing at localhost:3000, but I was starting the authorization from localhost:3000, so the "omniauth.state" cookie (which is used for CSRF protection) was set on localhost and so wasn't available in the callback phase, since that used the ngrok url)

dgmstuart commented 1 year ago

I am not sure but, try removing the redirect_uri param and let the gem generate one automatically

This didn't work for me: this gem doesn't seem to try to construct a redirect_uri? I had a look at the dependent gems as well and they don't seem to either.

Here's the result from Slack of passing it as nil:

indirect commented 8 months ago

I eventually got this working by overwriting the redirect_url method to match what Slack wanted: https://github.com/sunchaserio/omniauth-sign-in-with-slack/blob/main/lib/omniauth/strategies/slack.rb