Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

I get redirect_uri_mismatch but it's not the problem #204

Closed
jchatel opened this issue Oct 24, 2015 · 9 comments
Closed

I get redirect_uri_mismatch but it's not the problem #204

jchatel opened this issue Oct 24, 2015 · 9 comments

Comments

@jchatel
Copy link

jchatel commented Oct 24, 2015

Yesterday, I did a release in production (Heroku) of a small change (nothing to do with gem file, routes or authentification in general).

Then I started getting complains than people could not log in anymore

Turned out the error in the log is the following:

(google_oauth2) Authentication failure! invalid_credentials: OAuth2::Error, redirect_uri_mismatch:
{
"error" : "redirect_uri_mismatch"
}

It obviously has nothing to do with redirect URL since the no routes have changed and my google console API webclient didn't change in 6 month either.

I do a lot of releases and I know that on the 20th October (4 days ago), it worked fine.

I reverted to previous release, which worked fine. Now I just can't deploy new version because of this problem that I can reproduce on my Staging environment by just making a new release.

I saw that this gem dependencies are

RUNTIME DEPENDENCIES:
addressable ~> 2.3
jwt ~> 1.0
multi_json ~> 1.3
omniauth >= 1.1.1
omniauth-oauth2 >= 1.1.1

omniauth-oauth2 did a release on the 21st October, so I would think this is the problem but did not investigate further yet.

Any idea how to solve or investigate further?
@hmnhf
Copy link

hmnhf commented Oct 24, 2015

Take a look at omniauth/omniauth-oauth2#81.

@jchatel
Copy link
Author

jchatel commented Oct 24, 2015

Thanks, sounds like it. Another +1 for explicitly stating version used instead of >=

@hunterfortuin
Copy link

+1 for explicitely stating gem version. Fixed this for me!

gem 'omniauth-oauth2', '~> 1.3.1'

@jchatel
Copy link
Author

jchatel commented Oct 26, 2015

Yeah that's what I did in the end and it works fine.
Those >= although great in concept (you get latest security fix) in reality turns more like "Fuck it doesn't work anymore, what changed" on deploying in production... a nightmare.

@ajsharp
Copy link
Contributor

ajsharp commented Oct 28, 2015

Thanks for posting this. This gem should set it's version dependency to '~>1.3.1' to avoid this issue for people. The issue has been open on omniauth-oauth2 for 7 days now and still isn't fixed. Fixing the dependency issue in this gem will save future people hours if not days of wasted time. Happy to handle the PR @zquestz

@ajsharp
Copy link
Contributor

ajsharp commented Oct 28, 2015

Also, that is what the owner of the omniauth-oauth2 repo is recommending.

@zquestz
Copy link
Owner

zquestz commented Oct 29, 2015

New gem is now released that locks the dependency to ~> 1.3.1.

@zquestz zquestz closed this as completed Oct 29, 2015
@ajsharp
Copy link
Contributor

ajsharp commented Oct 29, 2015

@zquestz thanks!

@zquestz
Copy link
Owner

zquestz commented Oct 29, 2015

No problem. Thanks for the debugging and getting to the heart of the issue. =)

@colinmcglynn colinmcglynn mentioned this issue Nov 17, 2017
Closed
@duleorlovic duleorlovic mentioned this issue Dec 8, 2017
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@ajsharp @zquestz @hunterfortuin @jchatel @hmnhf