Ruby on Rails OAuth runs on the client, but not on the server (OAuth :: Unauthorized (401 Unauthorized))

Question

Ruby on Rails OAuth runs on the client, but not on the server (OAuth :: Unauthorized (401 Unauthorized))

I have a Ruby on Rails application that works fine on my computer and on my server. I am moving this application to another server that runs on a different hosting service, and I am having a problem with the OAuth Ruby Gem.

Any request that I use using the OAuth harness gets:

OAuth::Unauthorized (401 Unauthorized):
  oauth (0.4.3) lib/oauth/consumer.rb:217:in `token_request'
  oauth (0.4.3) lib/oauth/consumer.rb:139:in `get_request_token'
  ...

My code is:

def self.consumer
  # The readkey and readsecret below are the values you get during registration
  OAuth::Consumer.new("XXXXXXXXXXXXXXXXXXXXXXXXXXXXX", "YYYYYYYYYYYYYYYYYYYYYYYYYYYY", {:site => "http://api.twitter.com"})
end

def create_authorize_url
  @request_token = UserController.consumer.get_request_token(:oauth_callback => "http://mysite.com/callback")
  session[:request_token] = @request_token.token
  session[:request_token_secret] = @request_token.secret

  redirect_to @request_token.authorize_url
end

The problem is that the same code works well on my computer and on other servers. This only happens on one server. Anything related to the firewall or something that can block OAuth calls?

I searched a lot for this error, and I didn’t have an answer, and therefore I ask about it here.

Thank.

+3

authentication ruby-on-rails twitter-oauth oauth

Pedro Franceschi 06 . '10 2:00

6

anandvc · Answer 1 · 2013-05-08T02:32:27+0000

, Twitter- config/application.yml, .gitignore, - Heroku. 401 Twitter OAuth, . , .gitignore, , Twitter ( OAuth). .gitignore

git add .
git commit -m "Added back configuration files for OAuth provider"

,

git push heroku master

, , .

Pedro Franceschi · Answer 2 · 2010-10-06T02:35:29+0000

. , :

root@server1:~# gem list

*** LOCAL GEMS ***

actionmailer (2.3.8)
actionpack (2.3.8)
activerecord (2.3.8)
activeresource (2.3.8)
activesupport (3.0.0, 2.3.8)
addressable (2.2.1)
builder (2.1.2)
facebook_oauth (0.2.0)
faraday (0.4.6)
ffi (0.6.3)
hpricot (0.8.2)
json (1.2.4)
mime-types (1.16)
multi_json (0.0.4)
oauth (0.4.3, 0.3.5)
oauth2 (0.0.13)
rack (1.1.0)
rails (2.3.8)
rake (0.8.7)
ruby-hmac (0.4.0)
ruby-mysql (2.9.3)
rubygems-update (1.3.7)
sqlite3-ruby (1.3.1)
tmail (1.2.7.1)
twitter_oauth (0.4.3)

:

root@server1:~# ruby -v
ruby 1.8.7 (2010-01-10 patchlevel 249) [x86_64-linux]

.

Pedro Franceschi · Answer 3 · 2010-10-06T16:28:15+0000

, Ruby.

:

root@phcf:/www/rails# gem list

*** LOCAL GEMS ***

aaronp-frex (1.0.1)
actionmailer (2.3.8, 2.3.5)
actionpack (2.3.8, 2.3.5)
activerecord (2.3.8, 2.3.5)
activeresource (2.3.8, 2.3.5)
activesupport (2.3.8, 2.3.5)
addressable (2.2.1)
chronic (0.2.3)
configuration (1.1.0)
daemons (1.0.10)
eventmachine (0.12.10)
facebook_oauth (0.2.0)
faraday (0.4.6)
fastthread (1.0.7)
gemcutter (0.5.0)
gruff (0.3.6)
heroku (1.10.8, 1.9.13)
highline (1.5.2)
hoe (2.5.0)
hpricot (0.8.2)
json (1.2.2)
json_pure (1.2.3)
launchy (0.3.7)
mime-types (1.16)
multi_json (0.0.4)
mysql (2.8.1)
net-sftp (2.0.4)
net-ssh (2.0.23)
nokogiri (1.4.1)
oauth (0.4.3)
oauth2 (0.0.13)
passenger (2.2.9)
pastiepacker (1.1.1)
rack (1.1.0, 1.0.1)
rails (2.3.8, 2.3.5)
rake (0.8.7)
rest-client (1.4.2)
rmagick (2.12.2)
rubyforge (2.0.4)
rubygems-update (1.3.5)
shared-mime-info (0.1)
steam-condenser (0.10.0, 0.9.0)
thin (1.2.5)
tmail (1.2.7.1)
twitter_oauth (0.4.3)
unicorn (0.96.1)
xmpp4r (0.5)
xmpp4r-simple (0.8.8)

:

root@phcf:/www/rails# ruby -v
ruby 1.8.7 (2008-08-11 patchlevel 72) [x86_64-linux]

BaroqueBobcat · Answer 4 · 2010-10-06T16:57:50+0000

OAuth::Unauthorized . - :

def create_authorize_url
  @request_token = UserController.consumer.get_request_token(:oauth_callback => "http://mysite.com/callback")
  session[:request_token] = @request_token.token
  session[:request_token_secret] = @request_token.secret

  redirect_to @request_token.authorize_url
rescue OAuth::Unauthorized => e
  logger.error e.response.inspect
end

OAuth 401, . 401 , oauth spec .

, -, , - . .

, .

Roman · Answer 5 · 2010-11-20T16:25:13+0000

, . , ntpdate ( ntp ).

adnans · Answer 6 · 2010-12-08T10:42:53+0000

, , , - -, OAuth , OAuth .

, , !

, , , (DMZ ..).

Since we use Nginx, the solution was to transfer the external host to the internal application server using the proxy_set_header directive:

  server {
     # The external IP
     listen x.x.x.x; 
     ...
     location /api {
        # Internal app server
        proxy_pass http://192.168.1.100:4000;

        # Pass the external IP to the app server
        proxy_set_header Host $host; 
     }
     ....
  }

But first check your server clock, NTP is your friend.

Ruby on Rails OAuth runs on the client, but not on the server (OAuth :: Unauthorized (401 Unauthorized))

More articles: