Rails Omniauth with outbound http proxy

Question

We're trying to use the linkedin-omniauth gem in a Rails application that's behind an http proxy.

I've tried everything I can find to get omniauth to use the proxy but I cannot get it to work.

provider :linkedin, 'xxx', 'xxx', {
  :client_options => {
    :proxy => ENV["HTTP_PROXY"] || ENV["http_proxy"]
  }
}

Which doesn't work for me and I see no mention of 'proxy' in the source. I've also tried hard coding the proxy. No success.

This SO post doesn't work for me either.

I also created an initialiser for net::http with a proxy. That also doesn't work. I've exported the proxy in my shell and bashrc. And in /etc/environment. Nothing's working.

How can I get omniauth to use an outbound proxy?

--- UPDATE ---

Whilst the accepted answer below does indeed work for Linkedin Oauth, most gems now rely on Oauth2. This does away with Net::HTTP and introduces Faraday which has a separate set on rules for the proxy / connection settings:

https://github.com/simonmorley/oauth2/blob/master/lib/oauth2/client.rb#L36

In order to get a proxy working with later gems (inc. popular Facebook, Google, Github check what gem they rely on), you need to use the following in your initialiser:

  provider :foursquare, 'xxx', 'xxx', {
    :client_options => {
      :connection_opts => {
        :proxy => "http://127.0.0.1:3128"
      }
    }
  }

This is a great update! I'm definitely on the OAuth2 bandwagon, having had to make my site into a provider. You might want to check the proxy setting, as the localhost to port 3128 sounds a little too specific to be the general case, unless every proxy works like a squid proxy (http://www.squid-cache.org/). — Marc, Mar 28 '14 at 04:22
3128 localhost, jus' for testing :) Blimey, who'd have thought embedding your servers behind a proxy would cause so much pain! — simonmorley, Mar 28 '14 at 10:56

score 2 · Accepted Answer · answered Jan 17 '14 at 07:10

I came across this pull-request from a year ago that fixed the same issue for omniauth-twitter. If you look at the fix, it appears that all they did was change this:

require 'omniauth-oauth'
require 'multi_json'

module OmniAuth
  module Strategies
    class Twitter < OmniAuth::Strategies::OAuth
      option :name, 'twitter'
      option :client_options, {:authorize_path => '/oauth/authenticate',
                               :site => 'https://api.twitter.com'}

to this:

require 'omniauth-oauth'
require 'multi_json'

module OmniAuth
  module Strategies
    class Twitter < OmniAuth::Strategies::OAuth
      option :name, 'twitter'
      option :client_options, {:authorize_path => '/oauth/authenticate',
                               :site => 'https://api.twitter.com',
                       :proxy => ENV['http_proxy'] ? URI(ENV['http_proxy']) : nil}

I assume this sets the oauth "proxy" value parameter that will be passed through the request header. I think if you fork the omniauth-linkedin repo and make a similar change in OmniAuth::Strategies::LinkedIn, it should get you authenticated through the proxy server. I propose a change along the lines of:

require 'omniauth/strategies/oauth'

module OmniAuth
  module Strategies
    class LinkedIn < OmniAuth::Strategies::OAuth
      option :name, "linkedin"

      option :client_options, {
        :site => 'https://api.linkedin.com',
        :request_token_path => '/uas/oauth/requestToken',
        :access_token_path => '/uas/oauth/accessToken',
        :authorize_url => 'https://www.linkedin.com/uas/oauth/authenticate',
        :proxy => ENV['http_proxy'] ? URI(ENV['http_proxy']) : nil
      }

This should convert the environment setting to a URI instance that OmniAuth can consume, parameterize, and properly place in the request.

Actually, slight change of plan having noticed most oauth gems now use Oauth2.. Have added an example for anyone searching in the future. Seems to be quite high on the google rn. — simonmorley, Mar 28 '14 at 00:46

Rails Omniauth with outbound http proxy

1 Answers1