search

tallgreentree / omniauth-37signals

37signals OAuth2 Strategy for Omniauth 1.0
16 stars 17 forks source link

OmniAuth::Strategies::OAuth2::CallbackError #7

Open spolepal opened 12 years ago

spolepal commented 12 years ago

I registered an application in 37signals at https://integrate.37signals.com/ for a highrise app I am building. I initiate the oauth flow by redirecting the user to '/auth/37signals' in my sinatra app. I am taken to an authorization dialog on 37signals site. When I authorize the app by clicking 'Yes, I allow access', I get this error

omniauth.error

omniauth.error.strategy

OmniAuth::Strategies::ThirtySevenSignals

omniauth.error.type :invalid_credentials

The exact line where the exception occurs in oauth2.rb,

    if request.params['state'].to_s.empty? || request.params['state'] != session.delete('omniauth.state')
      raise CallbackError.new(nil, :csrf_detected) // the error occurs here. 
    end

What am I doing wrong here?

jeffols commented 12 years ago

I am able to authenticate against my sample highrise app. Example code can be found at: https://github.com/jeffols/omniauth-37signals-example