kazasiki / omniauth-line Goto Github PK
View Code? Open in Web Editor NEWomniauth Line strategy
omniauth Line strategy
Do you have example for how to use on localhost?
i just use ngrok (https
) but still have same problem AUTH_INVALID_REDIRECT_URL
I had perfectly working omniauth authorization, but recently I have found, that now it is invalid. When I click on "Line" login button, it redirects me to Line side authorization page, and there I click on "Enter" button, and it redirects me back to my site, but instead of authorization, I see this message Could not authenticate you from Line because "Invalid credentials".
I had same error with facebook, but I have added token_params: { parse: :json } and problem is gone. After all I finished without this parameter at all, but anyway - for :line provider it doesn't work. I've tried to add it in initializers/omniauth.rb
:
# frozen_string_literal: true
Rails.application.config.middleware.use OmniAuth::Builder do
provider :line,
Application.credentials[:omniauth][:line_channel_id],
Application.credentials[:omniauth][:line_secret_id],
token_params: { parse: :json }
end
And I have tried to add it to devise.rb
(same way as :faceboook provider):
config.omniauth :line, Application.credentials[:omniauth][:line_channel_id],
Application.credentials[:omniauth][:line_secret_id],
token_params: { parse: :json }
I have tried to change gem omniauth-line version from '0.0.5' to '0.0.3'
, but it doesn't make sense. The worst of all, I don't know when it has been broken. I suppose after I've added gem 'omniauth-rails_csrf_protection', '~> 0.1'
to my Gemfile. But I've already tried to remove it, and nothing changed. Of course I've checked twice the credentials, and it is absolutely correct. But it doesn't work nor in production nor in development mode.
Thank you so much for any help, guys!
I always get this message when I'm trying to login. I'm using omniauth-oauth2. This is the full URL :
https://access.line.me/dialog/oauth/weblogin?client_id=1234567890&redirect_uri=http%3A%2F%2Fwww.purirangki.com%2Fusers%2Fauth%2Fline%2Fcallback&response_type=code&state=9366558eb2320554b15adc613ca0e8f867ec7560482b1665
This is the message when I try to login: Sorry. There were problems logging you in. Please wait a while before trying again.
The url returned: errorCode=400&errorMessage=AUTH_INVALID_REDIRECT_URL
I did change the authentication domain in the LINE Developers page but the redirect_uri is always goes into /users/auth/line/callback
. And you can see at the end of the url is AUTH_INVALID_REDIRECT_URL
.
Environment
rails 4.2
omniauth-1.2.2
omniauth-oauth2-1.3.1
devise-4.3.0
I use a line login with devise for the first time then access to 'https://access.line.me'.
But when I login again, access url is "https://api.line.me" and return 404 error...
I think that Omniauth Client is keeping a options attribute.
def callback_phase
options[:client_options][:site] = 'https://access.line.me'
end
Follow LINE document: https://developers.line.biz/en/docs/line-login/link-a-bot/#redirect-users
We can use bot_prompt
query parameter to Add a LINE Official Account as a friend when logged in. But seem gem not support this option. Can you guys give me some tips how to solve it ?
OmniAuth 2.0 was released includes to resolved a CSRF vulnerability and some behaviors changed.
See below the release note for details.
https://github.com/omniauth/omniauth/releases/tag/v2.0.0
If an OmniAuth Strategy has overridden callback_url
, it is needed to follow changes because of the callback_path changes.
I think this library is also the target.
https://github.com/kazasiki/omniauth-line/blob/master/lib/omniauth/strategies/line.rb#L24
In case of using OmniAuth 2.0 and script_name
, the redirect url now includes the script_name
twice so it might occur redirect url mismatch error.
I suggest this library should release 2 versions for correspond to OmniAuth 1.x and 2.0 series.
Iโm going to make pull requests.
it would be useful if the doc included an example, or the gem had an helper to create a sign-in button.
this is what I am doing thus far
<div style="text-align: center;">
<%= button_to 'Sign in via Line', "https://access.line.me/oauth2/v2.1/authorize",
id: 'button_line', params: {
response_type: 'code',
client_id: ENV['LINE_CHANNEL_ID'],
redirect_uri: ENV['LINE_CALLBACK_URL'],
state: SecureRandom.hex(16),
nonce: SecureRandom.hex(16),
scope: "profile openid"
} %>
</div>
but I am getting a 405 Method Not allowed from Line, I don't know why yet...
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.