422 Unprocessable Entity error retrieving token with `can't verify CSRF authenticity`

[malacalypse]

During the callback phase, when the strategy is attempting to retrieve the token from the OpenID connect endpoint, I get a big chunk of HTML back and the error code is 422 Unprocessable Entity.

It appears that the POST to /token results in a CSRF token validation failure on the endpoint. This has not happened with other clients.

What could be causing this? Running the latest released version (0.2.3) on a Rails 3 app.