Comments for Unhandled expression

Comment on Rails and oauth-plugin part 2: the consumer by Richard David Jordan

Richard David Jordan — Mon, 30 Jan 2012 01:47:29 +0000

Thanks for this pair of posts. Tremendously useful – you made it all a lot simpler than I’ve seen elsewhere and I got my provider/consumer up in a very short time.

Comment on Rails and oauth-plugin part 2: the consumer by Géal

Géal — Mon, 19 Dec 2011 10:27:14 +0000

I don’t really get what you’re trying to do. Could you elaborate a bit? (like, who is the provider, who is the consumer, where is the data, and where do you make the call?)

Comment on Rails and oauth-plugin part 2: the consumer by roushchris

roushchris — Wed, 14 Dec 2011 20:13:09 +0000

I’m having a problem using the client endpoint for an oauth service when the format is specified.

I try to specify the return format using the following url:
http://consumer.dev/oauth_consumers/dupl/client/series.json

But Rails just json formats the returned *html* response, and doesn’t send the format as part of the endpoint.

from the consumer log:

Started GET “/oauth_consumers/dupl/client/series.json” for 127.0.0.1 at 2011-12-14 15:06:22 -0500
Processing by OauthConsumersController#client as JSON
Parameters: {“id”=>”dupl”, “endpoint”=>”series”}

and the client log:

Started GET “/series/” for 127.0.0.1 at 2011-12-14 15:06:22 -0500

am i missing something?

Comment on Rails and oauth-plugin part 2: the consumer by roushchris

roushchris — Wed, 14 Dec 2011 00:02:29 +0000

I’m having the same problem here, and adding this to my ApplicationController doesn’t solve it.

Comment on Rails and oauth-plugin part 1: the provider by Adrian

Adrian — Thu, 17 Nov 2011 10:49:56 +0000

Thank you very much for your suggestions. I will try the second method
Maybe I will succeed

Comment on Rails and oauth-plugin part 1: the provider by Géal

Géal — Thu, 17 Nov 2011 10:17:45 +0000

This is another system:, called single sign on.

If I understand correctly, you want two applications with different sets of users (users of the 1st, users of the 2nd, users of both). And an user of both applications must be able to log in an application, and be automatically logged in the other.

There are multiple ways to do that.

The first is to use a 3rd app, an external user manager (with Oauth or SAML), to authenticate the user. On the first login on one app, the user is redirected to the user manager, enters login and password, and is redirected to the app. If he wants to log on the 2nd app, he is redirected to the user manager, but doesn’t need to enter his credentials, and is automatically authenticated.

The second, which may be simpler in your case, would be to share the database and the users table, and have the session cookies work on both sites (by putting them in subdomains).

Comment on Rails and oauth-plugin part 1: the provider by Adrian

Adrian — Thu, 17 Nov 2011 10:00:12 +0000

I have written an application in which I use Devise. I want to write a second application also uses Devise. I do not want to require users to log in to both applications. I want to log on only once and can use both applications. Additionally, in the second application users will have different roles, allowing access to different parts of the application.
Users can not register themselves, are registered by the administrator, he can give them access to both applications or only one
For example, if I log on to gmail I have access to all Google Apps. I do not have to login to each separately.
I’m looking for something that will help me in creating such a connection between applications.
One application keeps users and other log on to it.
I hope I explained it well, but I’m not sure if it will work with OAuth or OmniAuth

Comment on Rails and oauth-plugin part 1: the provider by Géal

Géal — Thu, 17 Nov 2011 08:46:33 +0000

That is not really the definition of a provider for Oauth. Oauth is an authorization protocol: the provider is holding some data, and the consumer wants to access it, and Oauth is used to manage the authorization of consumers. The Oauth-plugin gem can act as a provider (see this tutorial) or as a consumer (see the next tutorial). Devise is a completely different thing: it is an authentication system. It is used to manage your users and their credentials. Omniauth is also an authentication system, but it uses Oauth in consumer mode to perform the authentication: it tries to get access to your data in another application, and if the access is granted, it means that you were authenticated by the provider. It delegates the authentication to the provider. At the same time, it receives Oauth tokens that can be used to access the user's data. Now, could you explain a bit more your use case?

Comment on Rails and oauth-plugin part 1: the provider by Adrian

Adrian — Thu, 17 Nov 2011 07:36:19 +0000

Thank you for your quick response
I wanted to get something like that.
One application that contains users. Another application is using it.
For example, a user logs in to the application provider and has access to other applications through the provider.
One login -> multiple applications -> different roles in applications.

I use ‘Devise’ and for this I need a solution. I have not found how to create an provider application in the ‘Omniauth’.

I hoped that OAuth is what I’m looking for

Comment on Rails and oauth-plugin part 1: the provider by Géal

Géal — Wed, 16 Nov 2011 19:58:35 +0000

I don't really get what your problem is. Are you expecting that the consumer app create a user from the call to the provider? This tutorial is about getting access to another application from one you're already using (ex: giving your Linkedin account an access to your twitter account). If you want to log in using Oauth, there's a much simpler solution: the Omniauth gem.