Sample Oauth2 Sinatra client

[Trương Hoàng Dũng]

I've implemented a sinatra client using Oauth2 as described in https://canvas.instructure.com/doc/api/file.oauth.html but i don't understand where error is.

def client
Oauth2::Client.new("<id>","<secret>", :site => "https://10.1.2.15", :authorize_url => "/login/oauth2/auth")
end
get "/auth/test" do
redirect client.auth_code.authorize_url(:redirect_uri => redirect_uri)
end
def "/auth/test/callback" do
# get access_token here
end
def redirect_uri
uri = URI.parse(request.url)
uri.path = "/auth/test/callback"
uri.query = nil
uri.to_s
end

But when i login and confirm, the canvas system leads to an error page: https://10.1.2.15/login/oauth2/accept
Please help me. Thank you very much.

[Zach Wily]

You can see an example of using oauth2 against Canvas in an Sinatra app in this little generic app:

https://github.com/zwily/canvas-self-configuring-lti-tool

-- 
Zach Wily

VP of Engineering, Instructure

[Trương Hoàng Dũng]

Thank you for quick response. But when i confirm, it still leads to an error page at url: https://10.1.2.15/login/oauth2/accept (my lti url domain is 10.1.2.15:4567)

[Trương Hoàng Dũng]

I've checked the production.log file in canvas and notice the following error:

RuntimeError: (Redis is not enabled for this install):
lib/canvas.rb:34: in 'redis'

Is Redis required to use with Oauth2 ?

[Zach Wily]

Actually yes - we store the temporary authorization code in redis. Sorry, that might be an undocumented dependency...

-- 
Zach Wily

VP of Engineering, Instructure

[Trương Hoàng Dũng]

I'm sorry, i meet a SSL error, in this code:

get '/oauth_callback' do
  token = oauth_client.auth_code.get_token(params[:code],
    :redirect_uri => "http#{"s" if TOOL_SSL}://#{TOOL_DOMAIN}/oauth_callback")

  session[:canvas_token] = token.token
  redirect to '/setup'
end

How can i set up the oauth_client NOT to use OpenSSL verify mode , like this:

http = Net::HTTP.new(uri.host, uri.port)

  http.use_ssl = true

  http.verify_mode = OpenSSL::SSL::VERIFY_NONE
?

Thank you very much.

[Zach Wily]

I don't know. It looks like the oauth2 gem uses Faraday for its HTTP connection handling, and I don't know how to set the SSL verify mode there.

-- 
Zach Wily

VP of Engineering, Instructure

[Trương Hoàng Dũng]

I've made the following code based on your code:

get '/oauth_callback' do
  token = oauth_client.auth_code.get_token(params[:code],

    {:redirect_uri => "http#{"s" if TOOL_SSL}://#{TOOL_DOMAIN}/oauth_callback",
:client_id => OAUTH_CLIENT_ID, :client_secret => OAUTH_CLIENT_SECRET
})

  session[:canvas_token] = token.token
  redirect to '/setup'
end

But the server log says that: That Post request to get access_token is 400 request.
Do you know how to fix this problem ?
Thank you very much.

[Zach Wily]

Did you enable redis?

Zach

[Bracken Mosbacker]

Trương Hoàng Dũng,
Google marked your message as potential spam yesterday, probably because of the weird url. I let it through and made it so that shouldn't happen again. :)

On Jun 20, 2012, at 6:00 PM, Trương Hoàng Dũng wrote:

> Yes, i enabled redis. The server has received request from client, but it says that's a 400 request. That request is a POST request, to url : https://<canvas-url>/login/
> oauth2/token, with data is from code, client_id, client_secret.
> Where would be the error ?