无法通过 GoogleOauth2 对您进行身份验证，因为 "Authenticity error"

Question

您好，我在 GoogleOauth2 中遇到了这个错误 API “无法通过 GoogleOauth2 对您进行身份验证，因为真实性错误”和“未找到，身份验证通过”并且无法找出问题所在。

这是我的 OmniauthCallbacksController

'''

class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController
   def google_oauth2
        @user = User.from_omniauth(request.env["omniauth.auth"])
        if @user.persisted?
          flash[:notice] = I18n.t "devise.omniauth_callbacks.success", :kind => "Google"
          # auth = request.env["omniauth.auth"]
          # @user.access_token = auth.credentials.token
          # @user.expires_at = auth.credentials.expires_at
          # @user.refresh_token = auth.credentials.refresh_token
          # @user.save!
          sign_in @user, event: :authentication
          redirect_to tasks_path
        else
          session["devise.google_data"] = request.env["omniauth.auth"]
          # redirect_to new_user_registration_url
        end
      end
    end

''' 我的路线

Rails.application.routes.draw do
  devise_for :users, controllers: { omniauth_callbacks: "users/omniauth_callbacks" }
  resources :users
end

devise.rb

Devise.setup do |config|
  config.mailer_sender = 'DokRx@dispostable.com'

  require 'devise/orm/active_record'

  config.case_insensitive_keys = [:email]

  config.strip_whitespace_keys = [:email]

  config.skip_session_storage = [:http_auth]

  config.stretches = Rails.env.test? ? 1 : 12

  config.reconfirmable = true

  config.expire_all_remember_me_on_sign_out = true

  config.password_length = 6..128
  config.email_regexp = /\A[^@\s]+@[^@\s]+\z/

  config.reset_password_within = 6.hours

  config.sign_out_via = :delete

  google_client_id = Rails.application.credentials.google_oauth2[:google_client_id]
  google_client_secret = Rails.application.credentials.google_oauth2[:google_client_secret]
  config.omniauth :google_oauth2, google_client_id, google_client_secret,
    scope: 'userinfo.email, calendar',
    skip_jwt: true,
    access_type: "offline",
    prompt: "consent",
    select_account: true
    

 
end

Answer 1

1.) 检查你有这个版本的设计来修复“未找到，身份验证通过”问题：

gem 'devise', github: 'heartcombo/devise', branch: 'ca-omniauth-2'

并确保您提出 post 请求。例如：

= link_to "Sign in with Facebook", user_facebook_omniauth_authorize_path, method: :post

https://github.com/heartcombo/devise/issues/5236

2.) 安装以下 gem 以修复真实性错误：

gem "omniauth-rails_csrf_protection"

https://github.com/cookpad/omniauth-rails_csrf_protection

Answer 2

我对 authenticity_error: OmniAuth::AuthenticityError 也有类似的问题。 该问题实际上已由 gem omniauth-rails_csrf_protection 解决，但就我而言，只有当我像这样在 Gemfile 中指定它时，它才会得到解决。

gem 'omniauth-rails_csrf_protection', '~> 1.0'

另见 https://github.com/omniauth/omniauth/releases/tag/v2.0.0