Rails omniauth разрабатывает mongodb в докере
Любой ответ будет очень признателен, так как мы боролись с этим вопросом в течение последних 1 - 1,5 месяцев.
Ошибка, которую мы получаем, заключается в следующем:
Ошибка: выполнено 302 Обнаружен на oauth-клиенте oauth-провайдера, он заходит в OmniauthCallbacksController, но не входит в действие смотритель
На этот раз мы используем:
Docker version 1.9.1
two microservices:
mainview_m (oauth_client)
mongo (2.2.2)
mongoid (5.0.2)
devise (3.5.6)
omniauth (1.3.1)
omniauth-oauth2 (1.3.1)
authentication_m (oauth_provider)
pg (0.18.4)
devise (3.5.6)
doorkeeper (3.1.0)
Различные классы внутри oauth_client:
class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController
raise "here after trying to authenticate, the app goes and has the following
_________________________________________________________
rack session:
#<ActionDispatch::Request::Session:0x007fe885b48b68 @by=#<ActionDispatch::Session::CookieStore:0x007fe8abb56d78 @app=#<ActionDispatch::Flash:0x007fe8abb56da0 @app=#<ActionDispatch::ParamsParser:0x007fe8abb56e68 @app=#<Rack::Head:0x007fe8abb56e90 @app=#<Rack::ConditionalGet:0x007fe8abb56eb8 @app=#<Rack::ETag:0x007fe8abb56ee0 @app=#<Warden::Manager:0x007fe8abb56fd0 @config={:default_scope=>:user, :scope_defaults=>{}, :default_strategies=>{:user=>[:rememberable, :database_authenticatable]}, :intercept_401=>false, :failure_app=>#<Devise::Delegator:0x007fe8ad0bac50>}, @app=#<OmniAuth::Strategies::Doorkeeper>>, @cache_control="max-age=0, private, must-revalidate", @no_cache_control="no-cache">>>, @parsers={#<Mime::Type:0x007fe8ab600090 @synonyms=["text/x-json", "application/jsonrequest"], @symbol=:json, @string="application/json", @hash=1122954549396747880>=>:json}>>, @default_options={:path=>"/", :domain=>nil, :expire_after=>nil, :secure=>false, :httponly=>true, :defer=>false, :renew=>false}, @key="_mainview_m_session", @cookie_only=true>, @env={"GATEWAY_INTERFACE"=>"CGI/1.1", "PATH_INFO"=>"/users/auth/doorkeeper/callback", "QUERY_STRING"=>"", "REMOTE_ADDR"=>"172.16.90.1", "REMOTE_HOST"=>"172.16.90.1", "REQUEST_METHOD"=>"GET", "REQUEST_URI"=>"http:/users/auth/doorkeeper/callback", "SCRIPT_NAME"=>"", "SERVER_PORT"=>"80", "SERVER_PROTOCOL"=>"HTTP/1.1", "SERVER_SOFTWARE"=>"WEBrick/1.3.1 (Ruby/2.3.0/2015-12-25)", "HTTP_HOST"=>"mainview_m.awe.docker:3030", "HTTP_CONNECTION"=>"keep-alive", "HTTP_ACCEPT"=>"text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8", "HTTP_UPGRADE_INSECURE_REQUESTS"=>"1", "HTTP_USER_AGENT"=>"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2564.109 Safari/537.36", "HTTP_REFERER"=>"http://mainview_m.awe.docker:3030/", "HTTP_ACCEPT_ENCODING"=>"gzip, deflate, sdch", "HTTP_ACCEPT_LANGUAGE"=>"de-DE,de;q=0.8,en-US;q=0.6,en;q=0.4", "HTTP_COOKIE"=>"_mainview_m_session=amlJYWZXQy9oOWdVTkRYK1FBcUkwZzNsMTFqQXlnSE12WStBbEZlQ0QzOFdyeENmc2FtdjY3NDNmV3dldHhEcG9TQ09JZDJiZWlKdGVyWmlqUm9RTWFNdEFucHUvNjAyM2RzNlJUaHNIQUUrZ0dUQkNPa0l0QWIvQk9iZ1N1eW9tcWR0NktteCtlZ1VXS3pVTjI3R3pYdWh5ZFhUVFN2SU5xbk9IZDQ2aXZrNk9QMUtwSjlIWlpyNmk1dW5VcjZZcHNiVEpHRGdrbElxQWlVRk5RUC9IVmkrekZ2SEwzdGVhcWJSeFM4Qkw4bFVnRm1Yd0pyOUNRekZFWUNZTG95M240TjUrUEN3V3p0WUF4WlBaVTZjejlYcEJnVW9aZ09DMHdxZzY3QUtWVVNnZzN0Q3p2amdMVWdqNEE3S0JHSHd6TEJ4VkJkZkF3MkJLbTQvZk1HYjVUSXRHYlZHdlIwbksvRk1vQjJwVmNvYkp3SFVVVGtUZXE0NVdpR0t6RTJZYXdZYktYdmlvV3BaUTgxSzRvSmk3UlJOVHNDSThYMnppa0FNakZ1YkRneFNuaW9qVENNajN4SzRnV1cyeGZCMDRaNzV5L2pLNkUrQTFoQUorNVRmNnJlbUpESDcvWUZweUttUVZKUUlHYzFaZ2tXUytCMk1HWUdOaXUxc2JSUHUtLVpnK3p6aGZJSmk0bzBKYlJMTVRneXc9PQ%3D%3D--ebafe0fc589fd91cf221390a44fd33a568c512d3", "rack.version"=>[1, 3], "rack.input"=>#<StringIO:0x007fe885aed9c0>, "rack.errors"=>#<IO:<STDERR>>, "rack.multithread"=>true, "rack.multiprocess"=>false, "rack.run_once"=>false, "rack.url_scheme"=>"http", "rack.hijack?"=>true, "rack.hijack"=>#<Proc:0x007fe885aed6c8@/usr/local/bundle/gems/rack-1.6.4/lib/rack/handler/webrick.rb:76 (lambda)>, "rack.hijack_io"=>nil, "HTTP_VERSION"=>"HTTP/1.1", "REQUEST_PATH"=>"/users/auth/doorkeeper/callback", "ORIGINAL_FULLPATH"=>"/users/auth/doorkeeper/callback", "ORIGINAL_SCRIPT_NAME"=>"", "action_dispatch.routes"=>#<ActionDispatch::Routing::RouteSet:0x007fe8ab03c3c0>, "action_dispatch.parameter_filter"=>[:password], "action_dispatch.redirect_filter"=>[], "action_dispatch.secret_token"=>nil, "action_dispatch.secret_key_base"=>"7b424e3f13cf9f72df32681aa77fac6cfbc534bda80362220e5d63e0b8ca21394ad64e47ec7eacc4a7e7bbefc74bfa707627275ec68560de0f89c7e09ef31dfb", "action_dispatch.show_exceptions"=>true, "action_dispatch.show_detailed_exceptions"=>true, "action_dispatch.logger"=>#<ActiveSupport::Logger:0x007fe8ab01f590 @progname=nil, @level=0, @default_formatter=#<Logger::Formatter:0x007fe8ab01f518 @datetime_format=nil>, @formatter=#<ActiveSupport::Logger::SimpleFormatter:0x007fe8ab54ccc0 @datetime_format=nil>, @logdev=#<Logger::LogDevice:0x007fe8ab01f4c8 @shift_size=nil, @shift_age=nil, @filename=nil, @dev=#<File:/app/log/development.log>, @mon_owner=nil, @mon_count=0, @mon_mutex=#<Thread::Mutex:0x007fe8ab01f4a0>>>, "action_dispatch.backtrace_cleaner"=>#<Rails::BacktraceCleaner:0x007fe8840287e8 @filters=[#<Proc:0x007fe8840286d0@/usr/local/bundle/gems/railties-4.2.5.1/lib/rails/backtrace_cleaner.rb:14>, #<Proc:0x007fe8840286a8@/usr/local/bundle/gems/railties-4.2.5.1/lib/rails/backtrace_cleaner.rb:15>, #<Proc:0x007fe884028680@/usr/local/bundle/gems/railties-4.2.5.1/lib/rails/backtrace_cleaner.rb:16>, #<Proc:0x007fe884028310@/usr/local/bundle/gems/railties-4.2.5.1/lib/rails/backtrace_cleaner.rb:29>], @silencers=[#<Proc:0x007fe8840282e8@/usr/local/bundle/gems/railties-4.2.5.1/lib/rails/backtrace_cleaner.rb:19>], @root="/app/">, "action_dispatch.key_generator"=>#<ActiveSupport::CachingKeyGenerator:0x007fe8acdd2b00 @key_generator=#<ActiveSupport::KeyGenerator:0x007fe8acdd2b28 @secret="7b424e3f13cf9f72df32681aa77fac6cfbc534bda80362220e5d63e0b8ca21394ad64e47ec7eacc4a7e7bbefc74bfa707627275ec68560de0f89c7e09ef31dfb", @iterations=1000>, @cache_keys=#<ThreadSafe::Cache:0x007fe8acdd2ad8 @backend={"signed_global_ids64"=>"\xCBF\x8A\xB8@S\xEA\xC6\xB6Y\xE4p\x87\x8BQ\x98\xA5F\xD3\x83\x83\x95[\x06Y\xA0\xF8\xAE\xA5\x99\x883\xE9\xA0\xFFH,\x91\xEC\x91)t\xCB!\x81\\\x06\xB8\xFB\x19\xD0\x92\xC5\x8D|\xF5\xB8 $\xB9\xC4->J", "encrypted cookie64"=>"OUg\xD7=\xBCI5\eY4\x17'h\x94\x81\xCE\x80\xD0\x1A\x97P\xB2\xBB%\xA8\xB6bml6\x99\xFD\x19^vU\xC9i\x9D\xBE\x9E\x95:@\xA3M\x8F\xF0\x1D\x91_\x9EV8\xB3\x85\xE8m\x1E \xBB\xE3*", "signed encrypted cookie64"=>"\x94=\xCE\xB6p\xD6\xE5eh\xF468\x19\x87\xB3\xD1\v\x91[\x1D\xC4\xB9\xAA\xC9\x81\xEE\xDAoRv\x89yB\x9F\xAA\xB2\xFD\xA4=;5\r\xC0X\xFE-`\x88G\xD9u\xFES\x8F\xDB\x9C\xEE\xE2\xBCv|\xDD\n\x0F", "signed cookie64"=>"\x9D\xE3\xFA\x0E\xB0\xE0\xF6j\xE85Z\x8C\xB8Qa\n\xB7\xA0\xF2\xC3\xC6MN\xAF\xC0\x01p\xE0\xEE~\xBA\v'\xB4qO\\4\x8A\x00\x03\x8B\xEA\xAE\x91\xC2\xAD\xE3\xEE~f\x15t\x80\x84q\xE5>;Sx\x89\xE7\xEE"}, @default_proc=nil>>, "action_dispatch.http_auth_salt"=>"http authentication", "action_dispatch.signed_cookie_salt"=>"signed cookie", "action_dispatch.encrypted_cookie_salt"=>"encrypted cookie", "action_dispatch.encrypted_signed_cookie_salt"=>"signed encrypted cookie", "action_dispatch.cookies_serializer"=>:json, "action_dispatch.cookies_digest"=>nil, "ROUTES_70318639145440_SCRIPT_NAME"=>"", "action_dispatch.request_id"=>"62058d9c-ff36-45d9-8621-96a36d4a3d84", "action_dispatch.remote_ip"=>#<ActionDispatch::RemoteIp::GetIp:0x007fe885b4ad50 @env={...}, @check_ip=true, @proxies=[#<IPAddr: IPv4:127.0.0.1/255.255.255.255>, #<IPAddr: IPv6:0000:0000:0000:0000:0000:0000:0000:0001/ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff>, #<IPAddr: IPv6:fc00:0000:0000:0000:0000:0000:0000:0000/fe00:0000:0000:0000:0000:0000:0000:0000>, #<IPAddr: IPv4:10.0.0.0/255.0.0.0>, #<IPAddr: IPv4:172.16.0.0/255.240.0.0>, #<IPAddr: IPv4:192.168.0.0/255.255.0.0>]>, "rack.session"=>#<ActionDispatch::Request::Session:0x007fe885b48b68 ...>, "rack.session.options"=>#<ActionDispatch::Request::Session::Options:0x007fe885b48af0 @by=#<ActionDispatch::Session::CookieStore:0x007fe8abb56d78 @app=#<ActionDispatch::Flash:0x007fe8abb56da0 @app=#<ActionDispatch::ParamsParser:0x007fe8abb56e68 @app=#<Rack::Head:0x007fe8abb56e90 @app=#<Rack::ConditionalGet:0x007fe8abb56eb8 @app=#<Rack::ETag:0x007fe8abb56ee0 @app=#<Warden::Manager:0x007fe8abb56fd0 @config={:default_scope=>:user, :scope_defaults=>{}, :default_strategies=>{:user=>[:rememberable, :database_authenticatable]}, :intercept_401=>false, :failure_app=>#<Devise::Delegator:0x007fe8ad0bac50>}, @app=#<OmniAuth::Strategies::Doorkeeper>>, @cache_control="max-age=0, private, must-revalidate", @no_cache_control="no-cache">>>, @parsers={#<Mime::Type:0x007fe8ab600090 @synonyms=["text/x-json", "application/jsonrequest"], @symbol=:json, @string="application/json", @hash=1122954549396747880>=>:json}>>, @default_options={:path=>"/", :domain=>nil, :expire_after=>nil, :secure=>false, :httponly=>true, :defer=>false, :renew=>false}, @key="_mainview_m_session", @cookie_only=true>, @env={...}, @delegate={:path=>"/", :domain=>nil, :expire_after=>nil, :secure=>false, :httponly=>true, :defer=>false, :renew=>false, :id=>"571a6fd5c4032241a4f5f08638f33d7b"}>, "warden"=>Warden::Proxy:70318326170920 @config={:default_scope=>:user, :scope_defaults=>{}, :default_strategies=>{:user=>[:rememberable, :database_authenticatable]}, :intercept_401=>false, :failure_app=>#<Devise::Delegator:0x007fe8ad0bac50>}, "omniauth.strategy"=>#<OmniAuth::Strategies::Doorkeeper>, "rack.request.cookie_hash"=>{"_mainview_m_session"=>"amlJYWZXQy9oOWdVTkRYK1FBcUkwZzNsMTFqQXlnSE12WStBbEZlQ0QzOFdyeENmc2FtdjY3NDNmV3dldHhEcG9TQ09JZDJiZWlKdGVyWmlqUm9RTWFNdEFucHUvNjAyM2RzNlJUaHNIQUUrZ0dUQkNPa0l0QWIvQk9iZ1N1eW9tcWR0NktteCtlZ1VXS3pVTjI3R3pYdWh5ZFhUVFN2SU5xbk9IZDQ2aXZrNk9QMUtwSjlIWlpyNmk1dW5VcjZZcHNiVEpHRGdrbElxQWlVRk5RUC9IVmkrekZ2SEwzdGVhcWJSeFM4Qkw4bFVnRm1Yd0pyOUNRekZFWUNZTG95M240TjUrUEN3V3p0WUF4WlBaVTZjejlYcEJnVW9aZ09DMHdxZzY3QUtWVVNnZzN0Q3p2amdMVWdqNEE3S0JHSHd6TEJ4VkJkZkF3MkJLbTQvZk1HYjVUSXRHYlZHdlIwbksvRk1vQjJwVmNvYkp3SFVVVGtUZXE0NVdpR0t6RTJZYXdZYktYdmlvV3BaUTgxSzRvSmk3UlJOVHNDSThYMnppa0FNakZ1YkRneFNuaW9qVENNajN4SzRnV1cyeGZCMDRaNzV5L2pLNkUrQTFoQUorNVRmNnJlbUpESDcvWUZweUttUVZKUUlHYzFaZ2tXUytCMk1HWUdOaXUxc2JSUHUtLVpnK3p6aGZJSmk0bzBKYlJMTVRneXc9PQ==--ebafe0fc589fd91cf221390a44fd33a568c512d3"}, "rack.request.cookie_string"=>"_mainview_m_session=amlJYWZXQy9oOWdVTkRYK1FBcUkwZzNsMTFqQXlnSE12WStBbEZlQ0QzOFdyeENmc2FtdjY3NDNmV3dldHhEcG9TQ09JZDJiZWlKdGVyWmlqUm9RTWFNdEFucHUvNjAyM2RzNlJUaHNIQUUrZ0dUQkNPa0l0QWIvQk9iZ1N1eW9tcWR0NktteCtlZ1VXS3pVTjI3R3pYdWh5ZFhUVFN2SU5xbk9IZDQ2aXZrNk9QMUtwSjlIWlpyNmk1dW5VcjZZcHNiVEpHRGdrbElxQWlVRk5RUC9IVmkrekZ2SEwzdGVhcWJSeFM4Qkw4bFVnRm1Yd0pyOUNRekZFWUNZTG95M240TjUrUEN3V3p0WUF4WlBaVTZjejlYcEJnVW9aZ09DMHdxZzY3QUtWVVNnZzN0Q3p2amdMVWdqNEE3S0JHSHd6TEJ4VkJkZkF3MkJLbTQvZk1HYjVUSXRHYlZHdlIwbksvRk1vQjJwVmNvYkp3SFVVVGtUZXE0NVdpR0t6RTJZYXdZYktYdmlvV3BaUTgxSzRvSmk3UlJOVHNDSThYMnppa0FNakZ1YkRneFNuaW9qVENNajN4SzRnV1cyeGZCMDRaNzV5L2pLNkUrQTFoQUorNVRmNnJlbUpESDcvWUZweUttUVZKUUlHYzFaZ2tXUytCMk1HWUdOaXUxc2JSUHUtLVpnK3p6aGZJSmk0bzBKYlJMTVRneXc9PQ%3D%3D--ebafe0fc589fd91cf221390a44fd33a568c512d3", "action_dispatch.cookies"=>#<ActionDispatch::Cookies::CookieJar:0x007fe885b27878 @key_generator=#<ActiveSupport::CachingKeyGenerator:0x007fe8acdd2b00 @key_generator=#<ActiveSupport::KeyGenerator:0x007fe8acdd2b28 @secret="7b424e3f13cf9f72df32681aa77fac6cfbc534bda80362220e5d63e0b8ca21394ad64e47ec7eacc4a7e7bbefc74bfa707627275ec68560de0f89c7e09ef31dfb", @iterations=1000>, @cache_keys=#<ThreadSafe::Cache:0x007fe8acdd2ad8 @backend={"signed_global_ids64"=>"\xCBF\x8A\xB8@S\xEA\xC6\xB6Y\xE4p\x87\x8BQ\x98\xA5F\xD3\x83\x83\x95[\x06Y\xA0\xF8\xAE\xA5\x99\x883\xE9\xA0\xFFH,\x91\xEC\x91)t\xCB!\x81\\\x06\xB8\xFB\x19\xD0\x92\xC5\x8D|\xF5\xB8 $\xB9\xC4->J", "encrypted cookie64"=>"OUg\xD7=\xBCI5\eY4\x17'h\x94\x81\xCE\x80\xD0\x1A\x97P\xB2\xBB%\xA8\xB6bml6\x99\xFD\x19^vU\xC9i\x9D\xBE\x9E\x95:@\xA3M\x8F\xF0\x1D\x91_\x9EV8\xB3\x85\xE8m\x1E \xBB\xE3*", "signed encrypted cookie64"=>"\x94=\xCE\xB6p\xD6\xE5eh\xF468\x19\x87\xB3\xD1\v\x91[\x1D\xC4\xB9\xAA\xC9\x81\xEE\xDAoRv\x89yB\x9F\xAA\xB2\xFD\xA4=;5\r\xC0X\xFE-`\x88G\xD9u\xFES\x8F\xDB\x9C\xEE\xE2\xBCv|\xDD\n\x0F", "signed cookie64"=>"\x9D\xE3\xFA\x0E\xB0\xE0\xF6j\xE85Z\x8C\xB8Qa\n\xB7\xA0\xF2\xC3\xC6MN\xAF\xC0\x01p\xE0\xEE~\xBA\v'\xB4qO\\4\x8A\x00\x03\x8B\xEA\xAE\x91\xC2\xAD\xE3\xEE~f\x15t\x80\x84q\xE5>;Sx\x89\xE7\xEE"}, @default_proc=nil>>, @set_cookies={}, @delete_cookies={}, @host="mainview_m.awe.docker", @secure=false, @options={:signed_cookie_salt=>"signed cookie", :encrypted_cookie_salt=>"encrypted cookie", :encrypted_signed_cookie_salt=>"signed encrypted cookie", :secret_token=>nil, :secret_key_base=>"7b424e3f13cf9f72df32681aa77fac6cfbc534bda80362220e5d63e0b8ca21394ad64e47ec7eacc4a7e7bbefc74bfa707627275ec68560de0f89c7e09ef31dfb", :upgrade_legacy_signed_cookies=>false, :serializer=>:json, :digest=>nil}, @cookies={"_mainview_m_session"=>"amlJYWZXQy9oOWdVTkRYK1FBcUkwZzNsMTFqQXlnSE12WStBbEZlQ0QzOFdyeENmc2FtdjY3NDNmV3dldHhEcG9TQ09JZDJiZWlKdGVyWmlqUm9RTWFNdEFucHUvNjAyM2RzNlJUaHNIQUUrZ0dUQkNPa0l0QWIvQk9iZ1N1eW9tcWR0NktteCtlZ1VXS3pVTjI3R3pYdWh5ZFhUVFN2SU5xbk9IZDQ2aXZrNk9QMUtwSjlIWlpyNmk1dW5VcjZZcHNiVEpHRGdrbElxQWlVRk5RUC9IVmkrekZ2SEwzdGVhcWJSeFM4Qkw4bFVnRm1Yd0pyOUNRekZFWUNZTG95M240TjUrUEN3V3p0WUF4WlBaVTZjejlYcEJnVW9aZ09DMHdxZzY3QUtWVVNnZzN0Q3p2amdMVWdqNEE3S0JHSHd6TEJ4VkJkZkF3MkJLbTQvZk1HYjVUSXRHYlZHdlIwbksvRk1vQjJwVmNvYkp3SFVVVGtUZXE0NVdpR0t6RTJZYXdZYktYdmlvV3BaUTgxSzRvSmk3UlJOVHNDSThYMnppa0FNakZ1YkRneFNuaW9qVENNajN4SzRnV1cyeGZCMDRaNzV5L2pLNkUrQTFoQUorNVRmNnJlbUpESDcvWUZweUttUVZKUUlHYzFaZ2tXUytCMk1HWUdOaXUxc2JSUHUtLVpnK3p6aGZJSmk0bzBKYlJMTVRneXc9PQ==--ebafe0fc589fd91cf221390a44fd33a568c512d3"}, @committed=false, @encrypted=#<ActionDispatch::Cookies::EncryptedCookieJar:0x007fe885b270f8 @parent_jar=#<ActionDispatch::Cookies::CookieJar:0x007fe885b27878 ...>, @options={:signed_cookie_salt=>"signed cookie", :encrypted_cookie_salt=>"encrypted cookie", :encrypted_signed_cookie_salt=>"signed encrypted cookie", :secret_token=>nil, :secret_key_base=>"7b424e3f13cf9f72df32681aa77fac6cfbc534bda80362220e5d63e0b8ca21394ad64e47ec7eacc4a7e7bbefc74bfa707627275ec68560de0f89c7e09ef31dfb", :upgrade_legacy_signed_cookies=>false, :serializer=>:json, :digest=>nil}, @encryptor=#<ActiveSupport::MessageEncryptor:0x007fe885b26f68 @secret="OUg\xD7=\xBCI5\eY4\x17'h\x94\x81\xCE\x80\xD0\x1A\x97P\xB2\xBB%\xA8\xB6bml6\x99\xFD\x19^vU\xC9i\x9D\xBE\x9E\x95:@\xA3M\x8F\xF0\x1D\x91_\x9EV8\xB3\x85\xE8m\x1E \xBB\xE3*", @sign_secret="\x94=\xCE\xB6p\xD6\xE5eh\xF468\x19\x87\xB3\xD1\v\x91[\x1D\xC4\xB9\xAA\xC9\x81\xEE\xDAoRv\x89yB\x9F\xAA\xB2\xFD\xA4=;5\r\xC0X\xFE-`\x88G\xD9u\xFES\x8F\xDB\x9C\xEE\xE2\xBCv|\xDD\n\x0F", @cipher="aes-256-cbc", @verifier=#<ActiveSupport::MessageVerifier:0x007fe885b26e78 @secret="\x94=\xCE\xB6p\xD6\xE5eh\xF468\x19\x87\xB3\xD1\v\x91[\x1D\xC4\xB9\xAA\xC9\x81\xEE\xDAoRv\x89yB\x9F\xAA\xB2\xFD\xA4=;5\r\xC0X\xFE-`\x88G\xD9u\xFES\x8F\xDB\x9C\xEE\xE2\xBCv|\xDD\n\x0F", @digest="SHA1", @serializer=ActiveSupport::MessageEncryptor::NullSerializer>, @serializer=ActiveSupport::MessageEncryptor::NullSerializer>>, @signed_or_encrypted=#<ActionDispatch::Cookies::EncryptedCookieJar:0x007fe885b270f8 @parent_jar=#<ActionDispatch::Cookies::CookieJar:0x007fe885b27878 ...>, @options={:signed_cookie_salt=>"signed cookie", :encrypted_cookie_salt=>"encrypted cookie", :encrypted_signed_cookie_salt=>"signed encrypted cookie", :secret_token=>nil, :secret_key_base=>"7b424e3f13cf9f72df32681aa77fac6cfbc534bda80362220e5d63e0b8ca21394ad64e47ec7eacc4a7e7bbefc74bfa707627275ec68560de0f89c7e09ef31dfb", :upgrade_legacy_signed_cookies=>false, :serializer=>:json, :digest=>nil}, @encryptor=#<ActiveSupport::MessageEncryptor:0x007fe885b26f68 @secret="OUg\xD7=\xBCI5\eY4\x17'h\x94\x81\xCE\x80\xD0\x1A\x97P\xB2\xBB%\xA8\xB6bml6\x99\xFD\x19^vU\xC9i\x9D\xBE\x9E\x95:@\xA3M\x8F\xF0\x1D\x91_\x9EV8\xB3\x85\xE8m\x1E \xBB\xE3*", @sign_secret="\x94=\xCE\xB6p\xD6\xE5eh\xF468\x19\x87\xB3\xD1\v\x91[\x1D\xC4\xB9\xAA\xC9\x81\xEE\xDAoRv\x89yB\x9F\xAA\xB2\xFD\xA4=;5\r\xC0X\xFE-`\x88G\xD9u\xFES\x8F\xDB\x9C\xEE\xE2\xBCv|\xDD\n\x0F", @cipher="aes-256-cbc", @verifier=#<ActiveSupport::MessageVerifier:0x007fe885b26e78 @secret="\x94=\xCE\xB6p\xD6\xE5eh\xF468\x19\x87\xB3\xD1\v\x91[\x1D\xC4\xB9\xAA\xC9\x81\xEE\xDAoRv\x89yB\x9F\xAA\xB2\xFD\xA4=;5\r\xC0X\xFE-`\x88G\xD9u\xFES\x8F\xDB\x9C\xEE\xE2\xBCv|\xDD\n\x0F", @digest="SHA1", @serializer=ActiveSupport::MessageEncryptor::NullSerializer>, @serializer=ActiveSupport::MessageEncryptor::NullSerializer>>>, "action_dispatch.request.unsigned_session_cookie"=>{"session_id"=>"571a6fd5c4032241a4f5f08638f33d7b", "_csrf_token"=>"g61BEYcVehgbUUY5EVB4j9Ax9mF4FKvBcL5y/K624Z4=", "flash"=>{"discard"=>[], "flashes"=>{"alert"=>"Could not authenticate you from Doorkeeper because \"Csrf detected\"."}}, "omniauth.state"=>"8f2442d5b7510ed60f89579a4b07f794e5a00d0cd8dd2fb3", "omniauth.params"=>{}, "omniauth.origin"=>"http://mainview_m.awe.docker:3030/"}, "omniauth.origin"=>"http://mainview_m.awe.docker:3030/", "omniauth.params"=>{}, "rack.request.query_string"=>"", "rack.request.query_hash"=>{}, "omniauth.error"=>#<OmniAuth::Strategies::OAuth2::CallbackError: OmniAuth::Strategies::OAuth2::CallbackError>, "omniauth.error.type"=>:csrf_detected, "omniauth.error.strategy"=>#<OmniAuth::Strategies::Doorkeeper>, "devise.mapping"=>#<Devise::Mapping:0x007fe8ab0d2eb0 @scoped_path="users", @singular=:user, @class_name="User", @klass=#<Devise::Getter:0x007fe8ab0be640 @name="User">, @path="users", @path_prefix=nil, @sign_out_via=:delete, @format=nil, @router_name=nil, @failure_app=Devise::FailureApp, @controllers={:omniauth_callbacks=>"users/omniauth_callbacks", :sessions=>"devise/sessions", :passwords=>"devise/passwords", :registrations=>"devise/registrations"}, @path_names={:registration=>"", :new=>"new", :edit=>"edit", :sign_in=>"sign_in", :sign_out=>"sign_out", :password=>"password", :sign_up=>"sign_up", :cancel=>"cancel"}, @modules=[:database_authenticatable, :rememberable, :omniauthable, :recoverable, :registerable, :validatable, :trackable], @routes=[:session, :omniauth_callback, :password, :registration], @used_routes=[:session, :omniauth_callback, :password, :registration], @used_helpers=[:session, :omniauth_callback, :password, :registration]>}, @delegate={"session_id"=>"571a6fd5c4032241a4f5f08638f33d7b", "_csrf_token"=>"g61BEYcVehgbUUY5EVB4j9Ax9mF4FKvBcL5y/K624Z4=", "flash"=>{"discard"=>[], "flashes"=>{"alert"=>"Could not authenticate you from Doorkeeper because \"Csrf detected\"."}}, "omniauth.state"=>"8f2442d5b7510ed60f89579a4b07f794e5a00d0cd8dd2fb3"}, @loaded=true, @exists=nil>
def doorkeeper
raise "this is not going to be executed"
end
end
call within the .erb
<%= link_to "Sign in via doorkeeper", user_omniauth_authorize_path(provider: :doorkeeper) %>
devise.rb
config.omniauth: привратник, ENV ['DOORKEEPER_APP_ID'], ENV ['DOORKEEPER_APP_SECRET']
user.rb
class User
include Mongoid::Document
include Mongoid::Timestamps
# Include default devise modules. Others available are:
# :confirmable, :lockable, :timeoutable and :omniauthable
devise :database_authenticatable, :registerable,
:recoverable, :rememberable, :trackable, :validatable, :omniauthable, omniauth_providers: [:doorkeeper]
## Database authenticatable
field :email, type: String, default: ""
field :encrypted_password, type: String, default: ""
## Recoverable
field :reset_password_token, type: String
field :reset_password_sent_at, type: Time
## Rememberable
field :remember_created_at, type: Time
## Trackable
field :sign_in_count, type: Integer, default: 0
field :current_sign_in_at, type: Time
field :last_sign_in_at, type: Time
field :current_sign_in_ip, type: String
field :last_sign_in_ip, type: String
doorkeeper.rb
require 'omniauth-oauth2'
module OmniAuth
module Strategies
class Doorkeeper < OmniAuth::Strategies::OAuth2
option :name, :doorkeeper
option :client_options, {
site: ENV['DOORKEEPER_APP_URL'],
authorize_url: '/oauth/authorize' #ENV['DOORKEEPER_APP_URL'] +
}
uid {
raw_info['id']
}
info do
{
email: raw_info['email'],
}
end
extra do
{ raw_info: raw_info }
end
def raw_info
auth = "Bearer " + access_token.token
@raw_info = HTTParty.get(ENV['DOORKEEPER_APP_URL'] + "/api/v1/user/current_user", :headers => { "Authorization" => auth})
end
end
end
end
.Env DOORKEEPER_APP_ID = 9cc1f0e768459c4d0039a4142d28c82f2d9503ae2c8b0fe6b58cfb0b2be49b6f DOORKEEPER_APP_SECRET = 76219e2bf4500f5c7b8842d951cb0bef1a788ddbca7d84673f5b63288921d02a DOORKEEPER_APP_URL = http://authentication_m.awe.docker:3000/
session_store.rb
Rails.application.config.session_store :cookie_store, key: '_mainview_m_session'
Различные классы внутри oauth_provider:
doorkeeper.rb
Doorkeeper.configure do
orm :active_record
resource_owner_authenticator do
User.find_by_id(session[:user_id]) || redirect_to(params[:redirect_uri])
end
resource_owner_from_credentials do |_routes|
user = User.find_for_database_authentication(email: params[:username])
user if user && user.valid_password?(params[:password])
end
reuse_access_token
use_refresh_token
grant_flows %w[password client_credentials]
end
OAuth / приложения
Application Id:
9cc1f0e768459c4d0039a4142d28c82f2d9503ae2c8b0fe6b58cfb0b2be49b6f
Secret:
76219e2bf4500f5c7b8842d951cb0bef1a788ddbca7d84673f5b63288921d02a
Scopes:
Callback urls:
http://mainview_m.awe.docker:3030/users/auth/doorkeeper/callback
class User < ActiveRecord::Base
# Use friendly_id on Users
extend FriendlyId
friendly_id :friendify, use: :slugged
# necessary to override friendly_id reserved words
def friendify
if username.downcase == "admin"
"user-#{username}"
else
"#{username}"
end
end
# Include default devise modules. Others available are:
# :confirmable, :lockable, :timeoutable and :omniauthable
devise :database_authenticatable,
#:recoverable, :rememberable, :trackable, :validatable, :confirmable
:trackable, :validatable
# Pagination
paginates_per 100
# Validations
# :username
validates :username, uniqueness: { case_sensitive: false }
#validates_format_of :username, with: /\A[a-zA-Z0-9]*\z/, on: :create, message: "can only contain letters and digits"
validates :username, length: { in: 3..15 }
# :email
validates_format_of :email, with: /\A([^@\s]+)@((?:[-a-z0-9]+\.)+[a-z]{2,})\Z/i
def self.paged(page_number)
order(admin: :desc, username: :asc).page page_number
end
def self.search_and_order(search, page_number)
if search
where("username LIKE ?", "%#{search.downcase}%").order(
admin: :desc, username: :asc
).page page_number
else
order(admin: :desc, username: :asc).page page_number
end
end
def self.last_signups(count)
order(created_at: :desc).limit(count).select("id","username","slug","created_at")
end
def self.last_signins(count)
order(last_sign_in_at:
:desc).limit(count).select("id","username","slug","last_sign_in_at")
end
def self.users_count
where("admin = ? AND locked = ?",false,false).count
end
end
докер-compose.yml
dnsdock:
image: tonistiigi/dnsdock
volumes:
- /var/run/docker.sock:/run/docker.sock
ports:
- 172.17.0.1:53:53/udp
db:
image: postgres
dns: ["172.17.0.1"]
environment:
- DNSDOCK_NAME=db
- DNSDOCK_IMAGE=awe
ports:
- "5432:5432"
mongodb:
image: mongo
dns: ["172.17.0.1"]
environment:
- DNSDOCK_NAME=mongodb
- DNSDOCK_IMAGE=awe
rabbitmq:
image: rabbitmq
dns: ["172.17.0.1"]
environment:
- DNSDOCK_NAME=rabbitmq
- DNSDOCK_IMAGE=awe
#gemstore:
# image: busybox
# volumes:
# - /gemstore
mainview_m:
build: mainview_m
command: bash -c "rm /app/tmp/pids/server.pid ; bundle exec rails s -p 3030 -b '0.0.0.0'"
dns: ["172.17.0.1"]
environment:
- DNSDOCK_NAME=mainview_m
- DNSDOCK_IMAGE=awe
volumes:
- ./mainview_m:/app
ports:
- "3030:3030"
links:
- db
- rabbitmq
- mongodb
- authentication_m
authentication_m:
build: authentication_m
command: bash -c "rm /app/tmp/pids/server.pid ; bundle exec rails s -p 3000 -b '0.0.0.0'"
dns: ["172.17.0.1"]
environment:
- DNSDOCK_NAME=authentication_m
- DNSDOCK_IMAGE=awe
volumes:
- ./authentication_m:/app
ports:
- "3000:3000"
links:
- db
- rabbitmq
- mongodb
session_store.rb
Rails.application.config.session_store :cookie_store, key: '_authentication_m_session'
1 ответ
Хорошо, еще через 10 дней мы получили его. Надеюсь, что это поможет другим: есть много ловушек, и мы все больше и больше попадаем в конец, потому что не очень хорошо справлялись с версионированием джемов. (Docker связывает все в контейнере с нуля... поэтому мы столкнулись с проблемой omniauth-oauth2 3.1 определения callback_url в рамках стратегии oauth.
вот как это работает самым простым способом:
provider_doorkeeper:
Doorkeeper.configure do
orm :active_record
resource_owner_authenticator do
current_user || begin
session[:user_return_to] = request.fullpath
redirect_to new_user_session_url
end
end
admin_authenticator do
current_user || redirect_to(new_user_session_url)
end
default_scopes :public
end
client_strategy_doorkeeper:
require 'omniauth-oauth2'
module OmniAuth
module Strategies
class Doorkeeper < OmniAuth::Strategies::OAuth2
option :name, 'doorkeeper'
option :client_options, {
site: ENV['DOORKEEPER_APP_URL'],
authorize_url: ENV['DOORKEEPER_APP_URL'] + '/oauth/authorize'
}
uid {
raw_info['id']
}
info do
{
email: raw_info['email'],
}
end
extra do
{ raw_info: raw_info }
end
***def callback_url
full_host + script_name + callback_path
end***
def raw_info
auth = "Bearer " + access_token.token
@raw_info = HTTParty.get(ENV['DOORKEEPER_APP_URL'] + "/api/v1/user/current_user", :headers => { "Authorization" => auth})
end
end
end
end
client_omniauth_callbacks_controller
class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController
def self.provides_callback_for(provider)
class_eval %Q{
def #{provider}
@user = User.find_for_oauth(env["omniauth.auth"], current_user)
if @user.persisted?
sign_in_and_redirect @user, event: :authentication
set_flash_message(:notice, :success, kind: "#{provider}".capitalize) if is_navigational_format?
else
session["devise.#{provider}_data"] = env["omniauth.auth"]
redirect_to new_user_registration_url
end
end
}
end
[:doorkeeper].each do |provider|
provides_callback_for provider
end
end