Rails app using googleAPI as login error

0
votes

I am following this paper step by step :https://richonrails.com/articles/google-authentication-in-ruby-on-rails/ And I created a completely new rails app in order to test. But I keep getting the same error: Error: invalid_request

Invalid parameter value for redirect_uri: Raw IP addresses not allowed: http://0.0.0.0:3000/auth/google_oauth2/callback OmniAuth.config.logger = Rails.logger

omniauth.rb

Rails.application.config.middleware.use OmniAuth::Builder do
    provider :google_oauth2, 'CLIENT-ID', 'SECRET', {client_options: {ssl:
    {ca_file: Rails.root.join("cacert.pem").to_s}}}
end

routes.rb

Rails.application.routes.draw do
   get 'auth/:provider/callback', to: 'sessions#create'
   get 'auth/failure', to: redirect('/')
   get 'signout', to: 'sessions#destroy', as: 'signout'
   resources :sessions, only: [:create, :destroy]
   resource :home, only: [:show]
   root to: "home#show"
end

user.rb

class User < ApplicationRecord
  def self.from_omniauth(auth)
  where(provider: auth.provider, uid: auth.uid).first_or_initialize.tap do 
|user|
  user.provider = auth.provider
  user.uid = auth.uid
  user.name = auth.info.name
  user.oauth_token = auth.credentials.token
  user.oauth_expires_at = Time.at(auth.credentials.expires_at)
  user.save!
  end
end

end

ApplicationController.rb

class ApplicationController < ActionController::Base
    protect_from_forgery with: :exception
    helper_method :current_user

    def current_user
        @current_user ||= User.find(session[:user_id]) if session[:user_id]
    end
end

SessionController.rb class SessionsController < ApplicationController def create user = User.from_omniauth(env["omniauth.auth"]) session[:user_id] = user.id redirect_to root_path end

  def destroy
     session[:user_id] = nil
     redirect_to root_path
   end
end

Please help me! Thanks a lot!

2
ruby-on-railsgoogle-api
Have you tried http://localhost:3000/auth/google_oauth2/callback?NM Pennypacker

2 Answers

1
votes

Andy's answer will only work if you also edit your system's /etc/hosts file to redirect 0.0.0.0 to a url ending with a non-raw address such as .com or .net, which is specifically what the error "message Raw IP addresses not allowed" is referring to. If you do both of these things, your app should work in your development environment.

To do this, open /etc/hosts using your preferred text editor. Since this is a protected system file, you will need to be in admin mode. For example: $ sudo vi /etc/hosts.

Add the line to the bottom of the file:

0.0.0.0  my-custom-domain.com

Restart your shell session and your development server for the changes to take effect.

The custom redirect url ("my-custom-domain.com") will need to be authorized. Go back to the Google Dev API Dashboard and add http://my-custom-domain.com:3000/auth/google_oauth2/callback to your authorized redirect URIs.

1
votes

Inside of your google dev API Dashboard you have to change the callback url to something other than http://0.0.0.0...

A workaround in a dev environment would be to change the callback url to http://localhost:3000/auth/google_oauth2/callback

Google API Callback URL