1

I'm trying to connect to the mapmyfitness api via oauth2. However I am getting an error whenever i try to connect.

this is the config file..

OmniAuth.config.logger = Rails.logger

Rails.application.config.middleware.use OmniAuth::Builder do
  provider :mapmyfitness, ENV['wn3ghaaqgbpnztsupsyfvswd3gtprvm9'], ENV['fRMsDbrNQJBgFUBkYReuqKffFKWTzZWVUKz9jCSTeVJ']
end

Using that should allow me to at least log in to mapmyfitness, however whenever i try to connect (it redirects to https://www.mapmyfitness.com/v7.1/oauth2/authorize/confirm)... i get this error in the browser "An unauthorized client tried to access your resources."

I'm not sure how to fix this, any help is appreciated!

ncrouch25
  • 260
  • 2
  • 4
  • 12
  • Unless wn3ghaaqgbpnztsupsyfvswd3gtprvm9 is a key that you set in your environment to equal your mapmyfitness access secret / token - then you need to remove the ENV parts - it probably should look more like: `provider :mapmyfitness, wn3ghaaqgbpnztsupsyfvswd3gtprvm9', 'fRMsDbrNQJBgFUBkYReuqKffFKWTzZWVUKz9jCSTeVJ'` – trh Apr 08 '16 at 14:43
  • yeah those are both key/secrets... if i take away the ENV i get hit with this error when trying to access mapmyfitness "The requested redirect didn't match the client settings." – ncrouch25 Apr 08 '16 at 14:52
  • That's good. Because you're no longer unauthorized - now it's just telling you that your callback url is wrong :) – trh Apr 08 '16 at 14:53
  • ok, good. I have my callback address set as "http://localhost.mapmyapi.com:3000/callback" as per their docs here...https://developer.underarmour.com/docs/v71_OAuth_2_Demo (unfortunately their are for python) because i'm just developing on my local machine (host is localhost:3000).. any tips on how to change it to make it work? – ncrouch25 Apr 08 '16 at 14:57

1 Answers1

2

The two issues you have

  1. Only use ENV[] if your data is stored in the shell evironment - the "safer" way to to do this is to store the info in secret.yml
  2. Your callback URL needs to match what Omniauth is expecting -- it should be http://localhost.mapmyapi.com:12345/auth/mapmyfitness/callback as described here: https://github.com/intridea/omniauth#integrating-omniauth-into-your-application

Example for your omniauth initializer using secrets

Rails.application.config.middleware.use OmniAuth::Builder do
  provider :mapmyfitness, Rails.application.secrets.mapmyfitness_provider_key, Rails.application.secrets.mapmyfitness_provider_secret
end

Then your secrets.yml would look like:

development:
  mapmyfitness_provider_key: wn3ghaaqgbpnztsupsyfvswd3gtprvm9
  mapmyfitness_provider_secret: fRMsDbrNQJBgFUBkYReuqKffFKWTzZWVUKz9jCSTeVJ

Obviously you'll have a different line for production. Remember also that now that your keys are out there for the world you might consider requesting a new set of credentials :)

Also usually important to remember not to your check your config/secrets.yml file into version control - instead copy it with deployment.

Might try using lvh.me instead of mapmyfitness's localhost passthrough.

Change your callback URL registered at mapmyfitness to

http://lvh.me:3000/auth/mapmyfitness/callback

Then in your browser - visit http://lvh.me:3000

Obviously you'll need to make sure that whatever port your using the same port your rails server is running on.

trh
  • 7,186
  • 2
  • 29
  • 41
  • i set the callback address as that, and then added the appropriate routes but i'm still getting the "The requested redirect..." error, i'm not sure where i'm going wrong here – ncrouch25 Apr 08 '16 at 15:23
  • First of all, you'd need to check that your server is running on port 12345 - but I it is possible something isn't quite right with their proxy (passing localhost.mapmyapi.com back to your local machine. -- So instead - I would try using a public localhost passthrough, like lvh.me or localtest.me , i'll edit. – trh Apr 08 '16 at 16:58