omniauth-wordpress-oauth2-plugin icon indicating copy to clipboard operation
omniauth-wordpress-oauth2-plugin copied to clipboard

Published 20 hours ago verified publisher icon jwickard

Not found. Authentication passthru.

Open hallmatt opened this issue 9 years ago • 9 comments

I'm attempting to use the omniauth-wordpress_hosted gem to sign into a WordPress site, but I keep getting an error:

"Not found. Authentication passthru."

Here's my gemfile:

gem 'devise' gem 'omniauth' gem 'omniauth-wordpress_hosted', github: 'jwickard/omniauth-wordpress-oauth2-plugin'

Here's my Omniauth Callbacks Controller:

class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController def wordpress_oauth2 #You need to implement the method below in your model (e.g. app/models/user.rb) @user = User.find_for_wordpress_oauth2(request.env["omniauth.auth"], current_user)

if @user.persisted?
  flash[:notice] = I18n.t "devise.omniauth_callbacks.success", :kind => "Wordpress Oauth2"
  sign_in_and_redirect @user, :event => :authentication #this will throw if @user is not activated
else
  session["devise.wordpress_oauth2_data"] = request.env["omniauth.auth"]
  redirect_to new_user_registration_url
end

end end

Here's my devise.rb:

config.omniauth :wordpress_oauth2, "63A25y8nPbM113iAfyoZQBnH2bR2Ve", "x2h74mGdJwowyqzR0OpoOfZbW1mN4i", strategy_class: OmniAuth::Strategies::WordpressHosted, client_options: { site: 'http://example.exampleurl.com' }

And lastly, my routes:

devise_for :users, controllers: { omniauth_callbacks: 'users/omniauth_callbacks' }

Am I missing anything? I've followed the Facebook tutorial for Omniauth and haven't seen anything glaring that I'm missing.

I'm on the latest versions of Rails and Devise, along with Ruby 2.2.2

hallmatt avatar Oct 05 '15 19:10 hallmatt

I'm guessing there might need to be some updates to reflect the latest version of Devise.

hallmatt avatar Oct 13 '15 17:10 hallmatt

I just had same error. Did you have a solution? @hallmatt

duchaiweb avatar Oct 25 '15 12:10 duchaiweb

I wasn't able to find a solution. So I used the Wordpress JSON plugin instead to provide a single sign on solution. I'm relying on the Wordpress sign on instead of devise.

hallmatt avatar Oct 25 '15 14:10 hallmatt

+1

ianseyer avatar Nov 04 '15 18:11 ianseyer

Did you list the provider in your model for the devise :omniauthable options? https://github.com/plataformatec/devise/wiki/OmniAuth:-Overview

tgeisler avatar Nov 27 '15 16:11 tgeisler

I'm having the same trouble. I have ":omniauthable, omniauth_providers: ['wordpress_oauth2']" in my user.rb, because this is almost universal in the various tutorials, but that's NOT actually in the instructions, or the example.

davidkrider avatar Mar 09 '19 22:03 davidkrider

I get this in the application log:

Started GET "/users/auth/wordpress_oauth2" for 127.0.0.1 at 2019-03-09 17:45:50 -0500
Processing by OmniauthCallbacksController#passthru as HTML
  Rendering text template
  Rendered text template (0.0ms)
Completed 404 Not Found in 1ms (Views: 0.4ms | ActiveRecord: 0.0ms)

Seem like client_options: { site: 'http://<my.awesome.wordpress.site.com>' } in config/initializers/devise.rb ought to be redirecting me to my Wordpress site for authentication, but I fiddled around with settings for a couple of hours, and nothing I do can make it actually go to my WP site TO GET TO THE callback function.

davidkrider avatar Mar 09 '19 22:03 davidkrider

The gem literally does not initiate the request phase of Omniauth. There's never a chance to direct to Wordpress to do the authentication. How did I figure this out? The Facebook Oauth2 gem works, and gives me a debug line like so:

[1] pry(#<OmniAuth::Strategies::Facebook>)>
I, [2019-03-21T07:47:26.320879 #21213]  INFO -- omniauth: (facebook) Request phase initiated.

I never get to this point with this gem.

davidkrider avatar Mar 21 '19 12:03 davidkrider

In the process of stepping through the code in the various gems, I noticed that Devise/Omniauth is rendering the request path as "wordpress_hosted", despite the fact that "wordpress_oauth2" is referenced everywhere in this example. I guess it's taking that cue from the name of the gem itself? Wherever that's coming from, I renamed the Devise config to config.omniauth :wordpress_hosted and then used omniauth_providers: [:wordpress_hosted] in my User model, and it finally started directing me to my Wordpress site for authentication.

Also, I can even leave out the "omniauth_providers" entirely, but then the Facebook Oauth gem doesn't magically display the Facebook link on my login page. I'm guessing that Omniauth gems that configure in the omniauth.rb initializer config need to be listed as an omniauth provider? I'm still not clear on this part.

I still haven't actually gotten logged in yet, but at least this is a step in the right direction. I have finally noticed that there are a dozen and a half forks of this gem, and at least a couple have made the change I have, plus some others. I'm getting close now.

davidkrider avatar Mar 24 '19 11:03 davidkrider