search

ueberauth / ueberauth_google

Google OAuth2 Strategy for Überauth.
MIT License
166 stars 85 forks source link

Request token call failing #18

Closed robbiehudson closed 8 years ago

robbiehudson commented 8 years ago

I'm getting the following exception / issue when the call to get an access token is made (id and secret removed by me):

Request: GET /auth/google/callback?code=4/Ra_GS_u-NB3DstQ8QjK5a7Ne9OXfsrPSY54VM0ciUSQ
** (exit) an exception was raised:
    ** (KeyError) key :access_token not found in: %OAuth2.Client{authorize_url: "/o/oauth2/v2/auth", client_id: "MY_ID", client_secret: "MY_SECRET", headers: [], params: %{}, redirect_uri: "http://2t77wg.xip.io:4000/auth/google/callback", site: "https://accounts.google.com", str
ategy: Ueberauth.Strategy.Google.OAuth, token: %OAuth2.AccessToken{access_token: nil, expires_at: nil, other_params: %{"error" => "invalid_request", "error_description" => "client_secret is missing."}, refresh_token: nil, token_type: "Bearer"}, token_method: :post, token_url: "https://www.googleapis.com/oauth2/v4/token"}
        (ueberauth_google) lib/ueberauth/strategy/google.ex:31: Ueberauth.Strategy.Google.handle_callback!/1
        (ueberauth) lib/ueberauth/strategy.ex:299: Ueberauth.Strategy.run_callback/2
        (no_maw_meetings) web/controllers/auth_controller.ex:1: NoMawMeetings.AuthController.phoenix_controller_pipeline/2
        (no_maw_meetings) lib/no_maw_meetings/endpoint.ex:1: NoMawMeetings.Endpoint.instrument/4
        (no_maw_meetings) lib/phoenix/router.ex:261: NoMawMeetings.Router.dispatch/2
        (no_maw_meetings) web/router.ex:1: NoMawMeetings.Router.do_call/2
        (no_maw_meetings) lib/no_maw_meetings/endpoint.ex:1: NoMawMeetings.Endpoint.phoenix_pipeline/1
        (no_maw_meetings) lib/plug/debugger.ex:122: NoMawMeetings.Endpoint."call (overridable 3)"/2
        (no_maw_meetings) lib/no_maw_meetings/endpoint.ex:1: NoMawMeetings.Endpoint.call/2
        (plug) lib/plug/adapters/cowboy/handler.ex:15: Plug.Adapters.Cowboy.Handler.upgrade/4
        (cowboy) src/cowboy_protocol.erl:442: :cowboy_protocol.execute/4

Not sure what's going on. I've looked around in the source code and it looks like the client_secret is being sent. I am new to Elixir!

doomspork commented 8 years ago

@robbiehudson could you show your configuration?

robbiehudson commented 8 years ago

@doomspork sure, here you go:

config :ueberauth, Ueberauth,
  providers: [
    google: {Ueberauth.Strategy.Google, []}
  ]

config :ueberauth, Ueberauth.Strategy.Google.OAuth,
  client_id: System.get_env("GOOGLE_CLIENT_ID"),
  client_secret: System.get_env("GOOGLE_CLIENT_SECRET")

I think that's all you need?

chenghanlee commented 8 years ago

@robbiehudson: What version of OAuth2 are you running?

I had the same issue as you did when I upgraded OAuth2 version 0.7 (which is the latest version of OAuth2 on hex). This issue seems to be caused by some breaking changes in OAuth 0.7 (as seen in the changelog)

However, the issue went away once I downgraded back to OAuth 0.5.

Hopefully that helps.

robbiehudson commented 8 years ago

Thanks!

That fixed it and I can now get an access token fine. Perhaps updating the docs / installation instructions would be a good idea?

On Fri, Aug 19, 2016 at 8:23 AM, Cheng-Han Lee notifications@github.com wrote:

@robbiehudson https://github.com/robbiehudson: What version of OAuth2 are you running? I had the same issue as you did when I was running OAuth2 version 0.7 (which is the latest version of OAuth2 on hex).

However, the issue went away once I downgraded back to OAuth 0.5.

Hopefully that helps.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/ueberauth/ueberauth_google/issues/18#issuecomment-240947135, or mute the thread https://github.com/notifications/unsubscribe-auth/AAISp3WBigIZR9g9Tpi1ahFGAZd8utf2ks5qhVnngaJpZM4Jmkpl .

Rob Hudson +44 7834 405 449 Linkedin: http://www.linkedin.com/in/rjchudson Twitter: https://twitter.com/robbiehudson Skype: rjchudson

kevin-DL commented 8 years ago

@chenghanlee 👍 Thanks a lot for that i spent hours on that. You saved me.

doomspork commented 8 years ago

Sorry about this! It appears a non-backwards compatible version of OAuth2 was released that broke Ueberauth but has since been resolved.

EHadoux commented 8 years ago

Not sure locking to OAuth 0.6.0 is an issue resolved though. For some reason I end up with OAuth 0.7.0, even though Ueberauth locks to 0.6.0. It's all broken now :( Handling the new version wouldn't be better?

Mazyod commented 8 years ago

@EHadoux I was having the same issue, and realized that the ueberauth current release is 0.3.0, which doesn't include the oauth lock fix mentioned here.. This is how I fixed it:

Check what version of ueberauth_google and oauth you are using:

$ mix deps

Unlock and clean if you have v0.3.0 or earlier:

$ mix deps.unlock ueberauth_google
$ mix deps.clean ueberauth_google

Go to your project's mix.exs, and set the dependency to github directly:

{:ueberauth_google, github: "ueberauth/ueberauth_google"}

Finally, get the deps:

$ mix deps.get

Check to make sure:

$ mix deps # shows that oauth is locked at 0.6.0
EHadoux commented 8 years ago

Okay, thanks. Another solution is to just lock oauth at 0.6.0 and it works. But hopefully it's just temporary. I mean, the fix it's just locking oauth version therefore I'd rather lock it on my own side and keep the hex version of ueberauth-google.