Comments (22)
I didn't test this code but this might help:
class MyController < ActionController::Metal
include AbstractController::Callbacks
include Doorkeeper::Helpers::Filter
doorkeeper_for :all
end
You have to include this two modules manually because when we started doorkeeper, we didn't build with Metal
in mind.
This is something that will have to change in this next version, since makes much more sense to work with Metal
controllers for API.
from doorkeeper.
Let me know whether this works or not, then I'll add it to the wiki.
Thanks!
from doorkeeper.
Thanks for responding!
I actually tried something similar to that earlier, although I hadn't tried with the AbstractController::Callbacks entry. Trying your suggestion throws the following error when trying to start the server.
api/v1/users_controller.rb:8:in `<class:UsersController>': uninitialized constant Doorkeeper::Helpers (NameError)
I've tried adding a bunch of require statements to pull everything in too, but that didn't seem to work either. It also didn't make sense since I didn't actually need any require statements when using ActionController::Base
I assume that it's something fairly simple, but I'm at a loss for how to make it work.
Thanks again,
Chris
from doorkeeper.
@r3ap3r2004 are you working from master? because this helpers were introduced yesterday.
from doorkeeper.
I'm using 0.4.0
from doorkeeper.
Ah ok. Would you mind to try this from master
? It might break some stuff though, sorry.
I'll check a best way to do this tonight and release a 0.4.1 with this improvement.
from doorkeeper.
Using master and adding include Doorkeeper::Helpers::Filter seems to have worked. I'm not sure if I needed to also add include AbstractController::Callbacks since it looks like I was already including that one.
Thanks for your help, I really appreciate it!
Chris
from doorkeeper.
Well it looks like master breaks the applications controller (or at least the routes have changed somehow).
I get the following error:
No route matches [GET] "/oauth/applications/1"
It works fine with 0.4.0.
from doorkeeper.
@r3ap3r2004 yes, it's because the routes were changed. You have to use use_doorkeeper
instead of mounting the app with mount
.
This will be the defaults on 0.5
from doorkeeper.
That worked great! Thanks again.
from doorkeeper.
There still seems to be an issue.
I'm now running into problems where the system can't find my rabl view templates for some reason when accessing info through the api. I'll need to debug that one in the morning, but it appears there are still some issues with using ActionController::Metal.
It's doorkeeper related because I can hit them just fine if I leave doorkeeper out of the equation, or if I use ActionController::Base instead. Too tired to debug it tonight though. :-(
Thanks again for your help.
from doorkeeper.
Post the error when you find it out, maybe I can help.
But, if you try to access the API with an invalid token, doorkeeper might try to render the error response, which might be your case.
from doorkeeper.
You can see the output here: https://gist.github.com/2821603
I have a node.js app that calls into my rails app. Everything works perfectly if I change the rails class to extend from ActionController::Metal to ActionController::Base which tells me that my tokens, etc are all working as expected.
I can also access the template just fine using ActionController::Metal if I remove these lines from the class.
include Doorkeeper::Helpers::Filter
doorkeeper_for :all
That tells me that it is definitely Doorkeeper that is causing the problem, I'm just not exactly sure why it is causing a problem.
Currently my ActionController::Metal class is including the following modules:
include AbstractController::Rendering
include AbstractController::ViewPaths
include AbstractController::Callbacks
include AbstractController::Helpers
include ActiveSupport::Rescuable
include ActionController::Rendering
include ActionController::ImplicitRender
include ActionController::Rescue
include ActionController::MimeResponds
include CanCan::ControllerAdditions
Any help you can give me would be greatly appreciated.
Thanks again,
Chris
from doorkeeper.
Thanks!
It's very weird behaviour, I still couldn't find why this happens. Going to investigate it today and let you know.
from doorkeeper.
Thanks. I look forward to seeing what you find out.
from doorkeeper.
I just tested and this works:
class MetalController < ActionController::Metal
include AbstractController::Callbacks
include ActionController::Head
include Doorkeeper::Helpers::Filter
doorkeeper_for :all
def index
self.response_body = { :ok => true }.to_json
end
end
This is the bare minimun to get an :unauthorized
response or, if the access token passes, you'll get the response body.
You mentioned that you're using rabl, right? Judging by the gist you posted, it seems an issue finding view paths for your app which has nothing to do with doorkeeper.
Also, where did you include all those modules? If you are allowed, could you share the controller/action you're testing (the one from /api/users/1.json
) ?
from doorkeeper.
I'm extending Spree. You can get the base code I'm using here:
https://github.com/spree/spree
You should be able to use any of the controllers in:
/api/app/controllers/spree/api/v1
They have their own authentication method, but I need it to tie in with some other pieces that I'm doing that I need an OAuth2 solution for.
The base_controller.rb file is the controller that each individual api controller uses for it's base class, and that extends from ActionController::Metal.
The modules are pulled in via the line:
include Spree::Api::ControllerSetup
which is found in /api/lib/spree/api/controller_setup.rb
I believe this is a doorkeeper problem because the view_path works as expected as long as I leave these lines out of the controller
include Doorkeeper::Helpers::Filter
doorkeeper_for :all
Alternatively, it works fine with those two lines from Doorkeeper if I change the base_controller.rb file/class to extend from ActionController::Base instead of Metal.
Note: In order to authorize with Doorkeeper you will need to change the following methods found in base_controller.rb.
def check_for_api_key
render "spree/api/v1/errors/must_specify_api_key", :status => 401 and return if api_key.blank?
end
def authenticate_user
unless @current_api_user = User.find_by_api_key(api_key)
render "spree/api/v1/errors/invalid_api_key", :status => 401 and return
end
end
You should be able to just do this:
def check_for_api_key
end
def authenticate_user
unless @current_api_user = User.find(doorkeeper_token.resource_owner_id) if doorkeeper_token
render "spree/api/v1/errors/invalid_api_key", :status => 401 and return
end
end
I really appreciate the help. Unfortunately I won't be anywhere that I will be able to test your code suggestion for at least another 10 hours.
Thanks again,
Chris
from doorkeeper.
I had a similar issue yesterday on another project without even including doorkeeper. Still have no idea why...
from doorkeeper.
@r3ap3r2004 just released 0.4.1
with the doorkeeper filter module.
There's also some docs related to this. https://github.com/applicake/doorkeeper/wiki/ActionController::Metal-with-doorkeeper
from doorkeeper.
@r3ap3r2004 any news on this?
from doorkeeper.
Sorry for the lack of update. I've been buried getting some other pieces in place and haven't had a chance to test it yet. Although when I tried the master version adding the "include ActionController::Head" section right after you put up that example it still didn't work. I haven't tried with the 0.4.1 release yet. Hopefully I'll have time to look into it later today or tomorrow. I'll be sure and post back here and let you know.
Thanks again,
Chris
from doorkeeper.
I'm closing this. If anybody else run into the same issue, please reopen.
Thanks!
from doorkeeper.
Related Issues (20)
- Issue with defining application_class in Doorkeeper config causing NoMethodError
- Do not recommend setting access_token_expires_in to nil HOT 1
- It is not possible to revoke refresh token bound to the expired access token HOT 3
- Enhancement: expose `current_resource_owner` to views
- Better support for credential rotation
- Always requiring `redirect_uri` is not compliant to RFC 6749 HOT 2
- NotImplementedError error response must define #exception_class after upgrading to 5.6.7 from 5.6.6 HOT 4
- NoMethodError: undefined method `name_for_response' since v5.6.8 HOT 3
- Doorkeeper::Errors::InvalidRedirectUri Raised When No Redirect URI Set HOT 2
- OpenId Connect - No e-mail information in the SSO response
- How do I know if an application has been authorized by a resource owner? HOT 1
- Regression with Errors in 5.6.8 HOT 5
- Refreshing a token sending scopes separated by `+` does not work
- Cleanup job removes not expired tokens HOT 1
- Different access grants return the same access token with `reuse_access_token` enabled
- Removing active_record_options was a breaking change HOT 1
- `Doorkeeper::AccessToken.find_or_create_for` with empty scopes raises NoMethodError HOT 6
- Token revocation error when token contains null byte. HOT 2
- Doorkeeper is loading ActiveRecord too early HOT 1
- AuthorizedApplications returns the date that the _application_ was created, not the date that the _authorization_ was created
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from doorkeeper.