I have been using this for a while with great success to allow single sign on between a rails app my wordpress site. The rails app is 4.1.6 on ruby version 2.1.3p242
Lately I've been experiencing intermittent login failures when authenticating via my wordpress site. This occurs on both my live app and when testing via my local test instance.
It happens regardless of being logged into wordpress or not. If not logged into wordpress I'm prompted for my password and then it fails, otherwise it fails after trying to connect.
When I look at the logs I see the following error
Started GET "/users/auth/wordpress_hosted/callback?code=00dd73317a8fdc9c4a9acdd8fdbdb7fc2c53ce02&state=f0d26dd2d85ce217b9b304a05cfc839fc2cdb9ce253c3e21" for 127.0.0.1 at 2015-06-12 16:47:34 -0700
I, [2015-06-12T16:47:34.885836 #9774] INFO -- omniauth: (wordpress_hosted) Callback phase initiated.
E, [2015-06-12T16:47:36.261085 #9774] ERROR -- omniauth: (wordpress_hosted) Authentication failure! invalid_credentials: OAuth2::Error, invalid_grant: The authorization code has expired
{"error":"invalid_grant","error_description":"The authorization code has expired"}
Processing by OmniauthCallbacksController#failure as HTML
Parameters: {"code"=>"00dd73317a8fdc9c4a9acdd8fdbdb7fc2c53ce02", "state"=>"f0d26dd2d85ce217b9b304a05cfc839fc2cdb9ce253c3e21"}
Redirected to http://localhost:3000/users/sign_in
Completed 302 Found in 1ms (ActiveRecord: 0.0ms)
Upon failure I'm forwarded back to login screen and the message that is returned from wordpress blames bad credentials despite the fact that they were correct or that the user was already signed into the wordpress site.
Another thing to note about the log is that I see two entries about the request phase being initiated back to back. Is this expected behavior and it could be the cause for my intermittent login failures?
Started GET "/users/auth/wordpress_hosted" for 127.0.0.1 at 2015-06-12 16:47:31 -0700
I, [2015-06-12T16:47:31.310787 #9774] INFO -- omniauth: (wordpress_hosted) Request phase initiated.
Started GET "/users/auth/wordpress_hosted" for 127.0.0.1 at 2015-06-12 16:47:31 -0700
I, [2015-06-12T16:47:31.328794 #9774] INFO -- omniauth: (wordpress_hosted) Request phase initiated.
I have been using this for a while with great success to allow single sign on between a rails app my wordpress site. The rails app is 4.1.6 on ruby version 2.1.3p242
Lately I've been experiencing intermittent login failures when authenticating via my wordpress site. This occurs on both my live app and when testing via my local test instance.
It happens regardless of being logged into wordpress or not. If not logged into wordpress I'm prompted for my password and then it fails, otherwise it fails after trying to connect.
When I look at the logs I see the following error
Upon failure I'm forwarded back to login screen and the message that is returned from wordpress blames bad credentials despite the fact that they were correct or that the user was already signed into the wordpress site.
Another thing to note about the log is that I see two entries about the request phase being initiated back to back. Is this expected behavior and it could be the cause for my intermittent login failures?