omniauth-linkedin-oauth2 icon indicating copy to clipboard operation
omniauth-linkedin-oauth2 copied to clipboard

Published 20 hours ago verified publisher icon decioferreira

Unable to retrieve access token : appId or redirect uri does not match authorization code or authorization code expired

Open ArielAleksandrus opened this issue 8 years ago • 8 comments

I'm getting this error in Development. Is there a problem with setting localhost:3000 as the domain of the callback? Because it works with facebook and google. I'm having trouble with linkedin and twitter.

This is what I'm getting

{"error_description":"missing required parameters, includes an invalid parameter value, parameter more than once. : Unable to retrieve access token : appId or redirect uri does not match authorization code or authorization code expired","error":"invalid_request"}

My devise.rb has this line:

config.omniauth :linkedin, setup: true

And in the setup method, in a controller, I have these lines

env['omniauth.strategy'].options[:client_id] = id
env['omniauth.strategy'].options[:client_secret] = token

The variables "id" and "token" correctly matches my Linkedin application's credentials.

I'm not setting, though, a "redirect_uri" param. I have only one callback defined in my Linkedin App's dashboard.

I tried setting, though, but got the same error. This was the line I used:

env['omniauth.strategy'].options[:redirect_uri] = "http://localhost:3000/api/v1/users/auth/linkedin/callback

ArielAleksandrus avatar May 30 '16 18:05 ArielAleksandrus

I'm having the same issue. Any news here?

tonatiuh avatar Jun 09 '16 01:06 tonatiuh

No... perhaps this project is abandoned?

I do, however, have news on a similar issue that happened to twitter omniauth gem. You see, for facebook's and google's gems, the credentials attribute names are "client_id" and "client_secret". For twitter, however, the attribute names are "consumer_key" and "consumer secret"

I believe, then, that it might have something to do with the attributes's names in this case. Perhaps you can help me investigate it further, @tonatiuh ?

ArielAleksandrus avatar Jun 09 '16 17:06 ArielAleksandrus

Hey @ArielAleksandrus, I already found a temporal solution for this issue. I forgot to share here, sorry.

The fix that worked for me was to add

gem 'omniauth-oauth2', '~> 1.3.1'

In my gemfile and then run $ bundle update omniauth-oauth2.

Basically, that downgraded my version of omniauth-oauth2 to a version where the issue is not present.

This has been already discussed in https://github.com/decioferreira/omniauth-linkedin-oauth2/issues/28 and in http://stackoverflow.com/questions/33975525/rails-omniauth-for-linkedin-not-working.

I think that should work for you too.

tonatiuh avatar Jun 09 '16 17:06 tonatiuh

There is a PR for fixing that https://github.com/decioferreira/omniauth-linkedin-oauth2/pull/29

Unfortunately this project seems to be abandoned, so the PR might never get merged.

lfv89 avatar Jul 28 '16 04:07 lfv89

I had this issue. Update gem from master branch was fixed it.

PlugIN73 avatar Apr 26 '17 13:04 PlugIN73

Anyone still dealing with this issue? I have devise 4.3.0 (which now doesn't need a separate omniauth-oauth2). I'm getting this same error.

pkpp1233 avatar Jul 24 '17 23:07 pkpp1233

@pkpp1233 do as @tonatiuh said, it worked for me

ShepelievD avatar Aug 02 '17 08:08 ShepelievD

I had the same problem, in my case I was using different redirect_uri for authorization and for access token. I had "proxy": "localhost:3001" in my package.json, and it overriden my request_uri.

So my suggestion: make sure the hosts and redirect_uri are all the same for two requests (both backend and server side).

danon avatar Jul 23 '20 14:07 danon