search

openid / ruby-openid

OpenID library for Ruby
Other
315 stars 159 forks source link

undefined method for_url? for OpenID::Consumer::DiscoveredServices on Rails 4.1 RC1 #75

Closed davetron5000 closed 1 year ago

davetron5000 commented 10 years ago

Works fine in Rails 4.0.x, on Ruby 2.1.0. This is with a pretty vanilla rails app, configured to use OmniAuth and Google Apps for login. We've been using this stack and exact gem versions fine for 3.2.x and 4.0.x on Ruby 1.9.x, 2.0.x and 2.1.x.

This is for version 2.5 of this gem (gem list included below).

Looking at the code, I have no idea why it's complaining. Stack trace below. Any ideas?

12:57:35 web.1  | I, [2014-02-19T12:57:35.105838 #97709]  INFO -- omniauth: (google_apps) Request phase initiated.
12:57:35 web.1  | F, [2014-02-19T12:57:35.160764 #97709] FATAL -- : 
12:57:35 web.1  | NoMethodError (undefined method `for_url?' for "#<OpenID::Consumer::DiscoveredServices:0x007f857ec91908>":String):
12:57:35 web.1  |   ruby-openid (2.5.0) lib/openid/consumer/discovery_manager.rb:80:in `get_manager'
12:57:35 web.1  |   ruby-openid (2.5.0) lib/openid/consumer/discovery_manager.rb:44:in `get_next_service'
12:57:35 web.1  |   ruby-openid (2.5.0) lib/openid/consumer.rb:222:in `begin'
12:57:35 web.1  |   rack-openid (1.3.1) lib/rack/openid.rb:123:in `begin_authentication'
12:57:35 web.1  |   rack-openid (1.3.1) lib/rack/openid.rb:102:in `call'
12:57:35 web.1  |   omniauth-openid (1.0.1) lib/omniauth/strategies/open_id.rb:53:in `start'
12:57:35 web.1  |   omniauth-openid (1.0.1) lib/omniauth/strategies/open_id.rb:48:in `request_phase'
12:57:35 web.1  |   omniauth (1.2.1) lib/omniauth/strategy.rb:215:in `request_call'
12:57:35 web.1  |   omniauth (1.2.1) lib/omniauth/strategy.rb:183:in `call!'
12:57:35 web.1  |   omniauth (1.2.1) lib/omniauth/strategy.rb:164:in `call'
12:57:35 web.1  |   omniauth (1.2.1) lib/omniauth/builder.rb:59:in `call'
12:57:35 web.1  |   newrelic_rpm (3.7.2.195) lib/new_relic/rack/error_collector.rb:55:in `call'
12:57:35 web.1  |   newrelic_rpm (3.7.2.195) lib/new_relic/rack/agent_hooks.rb:32:in `call'
12:57:35 web.1  |   newrelic_rpm (3.7.2.195) lib/new_relic/rack/browser_monitoring.rb:27:in `call'
12:57:35 web.1  |   rack (1.5.2) lib/rack/etag.rb:23:in `call'
12:57:35 web.1  |   rack (1.5.2) lib/rack/conditionalget.rb:25:in `call'
12:57:35 web.1  |   rack (1.5.2) lib/rack/head.rb:11:in `call'
12:57:35 web.1  |   actionpack (4.1.0.rc1) lib/action_dispatch/middleware/params_parser.rb:27:in `call'
12:57:35 web.1  |   actionpack (4.1.0.rc1) lib/action_dispatch/middleware/flash.rb:254:in `call'
12:57:35 web.1  |   rack (1.5.2) lib/rack/session/abstract/id.rb:225:in `context'
12:57:35 web.1  |   rack (1.5.2) lib/rack/session/abstract/id.rb:220:in `call'
12:57:35 web.1  |   actionpack (4.1.0.rc1) lib/action_dispatch/middleware/cookies.rb:551:in `call'
12:57:35 web.1  |   activerecord (4.1.0.rc1) lib/active_record/query_cache.rb:36:in `call'
12:57:35 web.1  |   activerecord (4.1.0.rc1) lib/active_record/connection_adapters/abstract/connection_pool.rb:621:in `call'
12:57:35 web.1  |   activerecord (4.1.0.rc1) lib/active_record/migration.rb:380:in `call'
12:57:35 web.1  |   actionpack (4.1.0.rc1) lib/action_dispatch/middleware/callbacks.rb:29:in `block in call'
12:57:35 web.1  |   activesupport (4.1.0.rc1) lib/active_support/callbacks.rb:82:in `run_callbacks'
12:57:35 web.1  |   actionpack (4.1.0.rc1) lib/action_dispatch/middleware/callbacks.rb:27:in `call'
12:57:35 web.1  |   actionpack (4.1.0.rc1) lib/action_dispatch/middleware/reloader.rb:73:in `call'
12:57:35 web.1  |   actionpack (4.1.0.rc1) lib/action_dispatch/middleware/remote_ip.rb:76:in `call'
12:57:36 web.1  |   airbrake (3.1.15) lib/airbrake/rails/middleware.rb:13:in `call'
12:57:36 web.1  |   actionpack (4.1.0.rc1) lib/action_dispatch/middleware/debug_exceptions.rb:17:in `call'
12:57:36 web.1  |   actionpack (4.1.0.rc1) lib/action_dispatch/middleware/show_exceptions.rb:30:in `call'
12:57:36 web.1  |   stitchfix-logger (2.1.0) lib/rails_ext/rails/rack/logger.rb:29:in `call_app'
12:57:36 web.1  |   stitchfix-logger (2.1.0) lib/rails_ext/rails/rack/logger.rb:23:in `call'
12:57:36 web.1  |   actionpack (4.1.0.rc1) lib/action_dispatch/middleware/request_id.rb:21:in `call'
12:57:36 web.1  |   rack (1.5.2) lib/rack/methodoverride.rb:21:in `call'
12:57:36 web.1  |   rack (1.5.2) lib/rack/runtime.rb:17:in `call'
12:57:36 web.1  |   activesupport (4.1.0.rc1) lib/active_support/cache/strategy/local_cache.rb:87:in `call'
12:57:36 web.1  |   rack (1.5.2) lib/rack/lock.rb:17:in `call'
12:57:36 web.1  |   actionpack (4.1.0.rc1) lib/action_dispatch/middleware/static.rb:64:in `call'
12:57:36 web.1  |   rack (1.5.2) lib/rack/sendfile.rb:112:in `call'
12:57:36 web.1  |   airbrake (3.1.15) lib/airbrake/user_informer.rb:16:in `_call'
12:57:36 web.1  |   airbrake (3.1.15) lib/airbrake/user_informer.rb:12:in `call'
12:57:36 web.1  |   railties (4.1.0.rc1) lib/rails/engine.rb:515:in `call'
12:57:36 web.1  |   railties (4.1.0.rc1) lib/rails/application.rb:142:in `call'
12:57:36 web.1  |   rack (1.5.2) lib/rack/lint.rb:49:in `_call'
12:57:36 web.1  |   rack (1.5.2) lib/rack/lint.rb:37:in `call'
12:57:36 web.1  |   rack (1.5.2) lib/rack/showexceptions.rb:24:in `call'
12:57:36 web.1  |   rack (1.5.2) lib/rack/commonlogger.rb:33:in `call'
12:57:36 web.1  |   rack (1.5.2) lib/rack/chunked.rb:43:in `call'
12:57:36 web.1  |   rack (1.5.2) lib/rack/content_length.rb:14:in `call'
12:57:36 web.1  |   unicorn (4.8.2) lib/unicorn/http_server.rb:572:in `process_client'
12:57:36 web.1  |   unicorn (4.8.2) lib/unicorn/http_server.rb:666:in `worker_loop'
12:57:36 web.1  |   newrelic_rpm (3.7.2.195) lib/new_relic/agent/instrumentation/unicorn_instrumentation.rb:22:in `call'
12:57:36 web.1  |   newrelic_rpm (3.7.2.195) lib/new_relic/agent/instrumentation/unicorn_instrumentation.rb:22:in `block (4 levels) in <top (required)>'
12:57:36 web.1  |   unicorn (4.8.2) lib/unicorn/http_server.rb:521:in `spawn_missing_workers'
12:57:36 web.1  |   unicorn (4.8.2) lib/unicorn/http_server.rb:140:in `start'
12:57:36 web.1  |   unicorn (4.8.2) bin/unicorn:126:in `<top (required)>'
12:57:36 web.1  |   /Users/davec/.rvm/gems/ruby-2.1.0@astro_city/bin/unicorn:23:in `load'
12:57:36 web.1  |   /Users/davec/.rvm/gems/ruby-2.1.0@astro_city/bin/unicorn:23:in `<main>'
12:57:36 web.1  |   /Users/davec/.rvm/gems/ruby-2.1.0@astro_city/bin/ruby_executable_hooks:15:in `eval'
12:57:36 web.1  |   /Users/davec/.rvm/gems/ruby-2.1.0@astro_city/bin/ruby_executable_hooks:15:in `<main>'
> gem list
actionmailer (4.1.0.rc1)
actionpack (4.1.0.rc1)
actionview (4.1.0.rc1)
activemodel (4.1.0.rc1)
activerecord (4.1.0.rc1)
activesupport (4.1.0.rc1)
airbrake (3.1.15)
arel (5.0.0)
atomic (1.1.14)
bigdecimal (1.2.3)
bootstrap-sass (3.1.1.0)
bower-rails (0.7.1)
braintree (2.19.0)
brakeman (2.4.1)
builder (3.2.2)
bundler (1.3.5)
bundler-unload (1.0.2)
cancan (1.6.10)
capybara (2.2.1)
childprocess (0.5.1)
coffee-rails (4.0.1)
coffee-script (2.2.0)
coffee-script-source (1.7.0)
daemons (1.1.9)
dalli (2.7.0)
database_cleaner (1.2.0)
diff-lcs (1.2.5)
dotenv (0.9.0)
erubis (2.7.0)
eventmachine (1.0.3)
execjs (2.0.2)
executable-hooks (1.2.6)
factory_girl (4.4.0)
factory_girl_rails (4.4.0)
fastercsv (1.5.5)
ffi (1.9.3)
foreman (0.63.0)
gem-man (0.3.0)
gem-wrappers (1.2.1)
gli (2.8.1)
haml (4.0.5)
hashie (2.0.5)
highline (1.6.20)
hike (1.2.3)
hk (0.0.1)
hl (1.1.0)
i18n (0.6.9)
io-console (0.4.2)
jbuilder (2.0.3)
jquery-rails (3.1.0)
jquery-ui-rails (4.2.0)
json (1.8.1)
kgio (2.9.2)
mail (2.5.4)
mail_view (2.0.4)
mailcatcher (0.2.4)
mc-settings (0.1.6)
methadone (1.0.0)
mime-types (1.25.1)
mini_portile (0.5.2)
minitest (5.2.3, 4.7.5)
mono_logger (1.1.0)
multi_json (1.8.4)
newrelic_rpm (3.7.2.195)
nokogiri (1.6.1)
omniauth (1.2.1)
omniauth-google-apps (0.1.0, 0.0.2)
omniauth-openid (1.0.1)
paper_trail (3.0.0)
pg (0.17.1)
phantomjs (1.9.2.1)
polyglot (0.3.4)
psych (2.0.2)
rack (1.5.2)
rack-openid (1.3.1)
rack-protection (1.5.2)
rack-test (0.6.2)
rails (4.1.0.rc1)
rails_12factor (0.0.2)
rails_serve_static_assets (0.0.2)
rails_stdout_logging (0.0.3)
railties (4.1.0.rc1)
rainbow (2.0.0, 1.99.1)
raindrops (0.13.0)
rake (10.1.1, 10.1.0)
rdoc (4.1.1, 4.1.0)
redis (3.0.7)
redis-namespace (1.4.1)
resque (1.25.1)
resque-retry (1.0.0)
resque-scheduler (2.5.4)
resque_mailer (2.2.6)
rspec (2.14.1)
rspec-core (2.14.7)
rspec-expectations (2.14.5)
rspec-mocks (2.14.5)
rspec-rails (2.14.1)
ruby-openid (2.5.0, 2.3.0)
ruby-openid-apps-discovery (1.2.0)
ruby2ruby (2.0.7)
ruby_css_lint (0.1.0)
ruby_parser (3.4.1)
rubygems-bundler (1.4.2)
rubyzip (1.1.0)
rufus-scheduler (2.0.24)
rvm (1.11.3.8)
sass (3.2.14, 3.2.13)
sass-rails (4.0.1)
sdoc (0.4.0)
selenium-webdriver (2.39.0)
sexp_processor (4.4.1)
sinatra (1.4.4)
skinny (0.2.3)
slim (2.0.2)
spring (1.1.1)
sprockets (2.10.1)
sprockets-rails (2.0.1)
sqlite3 (1.3.8)
sqlite3-ruby (1.3.3)
teaspoon (0.7.9)
temple (0.6.7)
terminal-table (1.4.5)
test-unit (2.1.0.0)
thin (1.5.1)
thor (0.18.1)
thread_safe (0.1.3)
tilt (1.4.1)
treetop (1.4.15)
trickster (1.3.1)
tzinfo (1.1.0)
uglifier (2.4.0)
unicorn (4.8.2)
vegas (0.1.11)
websocket (1.0.7)
xpath (2.0.0)
azisaka commented 10 years ago

+1

azisaka commented 10 years ago

Maybe the problem happens because the OpenID is 2.0 and not 1.0. I think that library only supports 1.0.

thadd commented 10 years ago

I solved this in my app by setting Rails.application.config.action_dispatch.cookies_serializer = :marshal. In new apps (generated in Rails 4.1) this is set by default to :json in config/initializers/cookies_serializer.rb

bbonamin commented 10 years ago

+1, problem can be worked around using @thadd 's suggestion

davetron5000 commented 10 years ago

:+1: this also worked for me. I'm not sure if this is a ruby-openid problem or not, so I'll let the maintainers close if they want

sguha00 commented 10 years ago

I used @thadd's suggestion and restarted my app, but I get the following error

TypeError (incompatible marshal file format (can't be read)
format version 4.8 required; 123.34 given):
activesupport (4.1.1) lib/active_support/core_ext/marshal.rb:6:in `load'
activesupport (4.1.1) lib/active_support/core_ext/marshal.rb:6:in `load_with_autoloading'
actionpack (4.1.1) lib/action_dispatch/middleware/cookies.rb:428:in `deserialize'
thadd commented 10 years ago

@sguha00 This might be caused by an old cookie created with the wrong format. Try clearing existing cookies and see if it persists.

sguha00 commented 10 years ago

@theadd, thanks that did it! Probably the best way to invalidate all cookies in the old format is to change the key in initializers/session_store.rb. That seemed the to do the trick.

chrhansen commented 10 years ago

+1 Also had the issue and had to change cookies_serializer as a quick fix for now, according to @thadd.

weimeng commented 10 years ago

From what I gather, this is happening because the OpenID object cannot be serialized as JSON.

Reference from the Rails 4.1 upgrading guide:

When using the :json or :hybrid serializer, you should beware that not all Ruby objects can be serialized as JSON. For example, Date and Time objects will be serialized as strings, and Hashes will have their keys stringified.

Should this be an issue to be addressed here? @dennisreimann

chrhansen commented 10 years ago

Thanks. I eventually switched to omniauth-google-oauth2 gem instead.

weimeng commented 10 years ago

I assume that the strategy in omniauth-google-oauth2 does not require OpenID?

I just encountered this issue because I'm using the omniauth-steam gem.

chrhansen commented 10 years ago

No it does not require OpenID, but it requires you to register an app with Google and put app key and secret in the app.

Christian

On Mon, Jun 9, 2014 at 12:29 PM, Wei-Meng Lee notifications@github.com wrote:

I assume that the strategy in omniauth-google-oauth2 does not require OpenID?

I just encountered this issue because I'm using the omniauth-steam gem.

— Reply to this email directly or view it on GitHub https://github.com/openid/ruby-openid/issues/75#issuecomment-45533274.

Christian Hansen CTO at CrowdCurity (+1) 415 568 5431 _christian@_crowdcurity.com christian@crowdcurity.com

Crowdsourced Web Security www.crowdcurity.com https://www.crowdcurity.com/

yuna9 commented 10 years ago

I can confirm that this is still an issue in Rails 4.1.5 with ruby-openid 2.5.0.

Any word or update from the maintainers about this issue? Changing Rails' cookies serializer is not a viable permanent solution for me, unfortunately. :smile:

As an aside, is there any reason that OpenID must store a complex object in a cookie? The main reason for the new JSON serializer is to improve the security of cookies, as well as discourage developers from storing complex objects in cookies.

bdarfler commented 9 years ago

Is this fixed with #79 ?

ravicious commented 9 years ago

I still experience the same issue on 2.6.0, so #79 doesn't really fix that.

dpflucas commented 9 years ago

Any update about this issue? I can't also change Rail's cookies serializer.

timcappalli commented 1 year ago

This repo is being archived. Closing issue.