Facebook Redirect url in ruby on rails open ssl error
In one project, we had to add this code to config/environments/development.rb
to get Facebook connect working for local development:
OpenSSL::SSL::VERIFY_PEER = OpenSSL::SSL::VERIFY_NONE
OmniAuth & Facebook: certificate verify failed
The real problem is that Faraday (which Omniauth/Oauth use for their HTTP calls) is not wasn't setting the ca_path variable for OpenSSL. At least on Ubuntu, most root certs are stored in "/etc/ssl/certs". Since Faraday isn't wasn't setting this variable (and currently does not have a method to do so), OpenSSL isn't wasn't finding the root certificate for Facebook's SSL certificate.
I've submitted a pull request to Faraday which will add support for this variable and hopefully they will pull in this change soon. Until then, you can monkeypatch faraday to look like this or use my fork of Faraday. After that, you should specify version 0.3.0 of the OAuth2 gem in your Gemspec which supports the passing of SSL options through to Faraday. All you need to do now is upgrade to Faraday 0.6.1, which supports passing of the ca_path variable and upgrade to OmniAuth 0.2.2, which has the proper dependencies for OAuth2. You'll then be able to properly fix this issue by just adding the following to your Omniauth initializer:
Rails.application.config.middleware.use OmniAuth::Builder do
provider :facebook, FACEBOOK_KEY, FACEBOOK_SECRET, {:client_options => {:ssl => {:ca_path => "/etc/ssl/certs"}}}
end
So, to recap:Faraday needs to be updated to support SSL ca_path.Install Faraday 0.6.1Your app needs to use OAuth2 version 0.3.0. You may need to fork omniauth since it currently has a minor version dependency in the 0.2.x tree.Upgrade to OmniAuth 0.2.2- Modify your provider initializer to point to your system's certificate path ("/etc/ssl/certs" on Ubuntu et al)
Thanks to KirylP above for setting me on the right path.
Error when I try to authenticate through Facebook with omniauth
That error appears when your server runs on http protocol. You need to add this piece of code in your_project/script/rails before APP_PATH
require 'rubygems'
require 'rails/commands/server'
require 'rack'
require 'webrick'
require 'webrick/https'
module Rails
class Server < ::Rack::Server
def default_options
super.merge({
:Port => 3000,
:environment => (ENV['RAILS_ENV'] || "development").dup,
:daemonize => false,
:debugger => false,
:pid => File.expand_path("tmp/pids/server.pid"),
:config => File.expand_path("config.ru"),
:SSLEnable => true,
:SSLVerifyClient => OpenSSL::SSL::VERIFY_NONE,
:SSLPrivateKey => OpenSSL::PKey::RSA.new(
File.open("/path_to_your/privatekey.pem").read),
:SSLCertificate => OpenSSL::X509::Certificate.new(
File.open("/path_to_your/servercert.crt").read),
:SSLCertName => [["CN", WEBrick::Utils::getservername]]
})
end
end
end
To generate self-signed certificates read this tutorial http://www.akadia.com/services/ssh_test_certificate.html (steps 1 to 4) or this www.tc.umn.edu/~brams006/selfsign.htmlAfter updating your rails script change the url from http://127.0.0.1:3000
to https://127.0.0.1:3000
How to test Facebook-Connect on local host using ssl
OK. Got it working. Here's what I did so that I can test fb and twitter registration/login over ssl on localhost:3001.
First, I set my app's FB site url to http://localhost:3001
. Then I modified the omniauth initializer as follows:
if RAILS_ENV == "production"
full_host = 'https://www.mydomain.com'
Rails.application.config.middleware.use OmniAuth::Builder do
provider :facebook, 'myfbappid', 'myfbsecret', {:scope => 'email, publish_stream'}
provider :twitter, 'mytwitterappid', 'mytwittersecret'
end
Twitter.configure do |config|
config.consumer_key = 'myconsumerkey'
config.consumer_secret = 'myconsumersecret'
config.oauth_token = 'myoauthtoken'
config.oauth_token_secret = 'myoauthtokensecret'
end
elsif RAILS_ENV == "development"
full_host = 'https://localhost:3001'
Rails.application.config.middleware.use OmniAuth::Builder do
provider :facebook, 'myfbdevappid', 'myfbdefappsecret', {:scope => 'email, publish_stream'}
provider :twitter, 'mytwitterdevappid', 'mytwitterdevappsecret'
end
Twitter.configure do |config|
config.consumer_key = 'mytwitterconsumerkey'
config.consumer_secret = 'mytwitterconsumersecret'
config.oauth_token = 'mytwitteroauthtoken'
config.oauth_token_secret = 'mytwitteroathtokensecret'
end
end
OmniAuth.config.full_host = full_host
Related Topics
Broken Rails Routes After Implementing Single Table Inheritance
How to Use The "Self" Keyword in Rails
Why Can't The Mail Block See My Variable
How to Evaluate a Block Inside a Proc
One or More Params in Model Find Conditions with Ruby on Rails
Asynchronously Iterating Over The Response of a Request Using Thin and Sinatra
How to Use Variable Arguments with Ruby's Optionparser
Prawn Doesn't Seem to Push Layout Down When Using Repeat(:All)
Install Ree-1.8.7 with Rvm on Mountain Lion
Interpolation Within Single Quotes
Can You Specify The Http Method to Use with Sinatra's Redirect
How to Access Sinatra App on Host Machine with Vagrant Forwarded Ports
Converting Escaped Xml Entities Back into Utf-8
Set Ruby 2.0 Keyword Arguments with Attr_Accessor on Initialize
Do I Need to Install Passenger as a Regular Gem Even Though My App Uses Bundler