Problems with Omniauth and SSL

rubyonrails-talk
1

Hello,

My site uses SSL all the way through and I’m having problems running OmniAuth between /auth/twitter and /auth/open_id?openid_url=https://me.yahoo.com, for example

To deal with /auth/twitter, in my omniauth.rb file, I have had to set

if RAILS_ENV == ‘development’

full_host = ‘https://mysite.com:3001

elsif RAILS_ENV == ‘production’

full_host = ‘https://mysite.com

else

might need this later

end

OmniAuth.config.full_host = full_host

otherwise twitter would return an error saying …

The webpage at http://mysite.com:3001/auth/twitter/callback?oauth_token=[token]&oauth_verifier=[verifier] might be temporarily down or it may have moved permanently to a new web address.

But setting full_host to https doesn’t work with /auth/open_id?openid_url=https://me.yahoo.com as I get an error page at the other end. But it works without setting it.

Would anyone know what to do with this? It has been driving me crazy and took me so long to discover.

Omniauth will be working with Authlogic but at present, this is just a stripped back system.

Thank you

-ants

2

require 'openid/store/filesystem' require "openid/fetchers"

OpenID.fetcher.ca_file = "#{Rails.root}/certs/ca-bundle.crt"

provider :openid, OpenID::Store::Filesystem.new('./tmp'), :name => 'google', :identifier => 'https://www.google.com/accounts/o8/id

provider :facebook, 'yourinfo', 'yourinfo', {:client_options => {:ssl => {:verify => false}}}

provider :twitter, 'yourinfo', 'yourinfo'

This is my configuration for development...

You can create a certs folder in your rails root and put the ca-bundle.crt file in there. You can find it here:

http://certifie.com/ca-bundle/ca-bundle.crt.txt