I am using devise and omniauth-linkedin-oauth2 to sign in users and I am trying to get some basic API access at the time of the login.
User gets logged in properly. But when I try to use the same code from callback to get an access token, that request is failing.
Here's the code I am using to get access token after user signs in with linkedin + omniauth -
code = params[:code]
uri = URI('https://www.linkedin.com/oauth/v2/accessToken')
res = Net::HTTP.post_form(uri, grant_type: 'authorization_code',
code: auth_code,
redirect_uri: 'https://devlopmentsite.com/users/auth/linkedin/callback',
client_id: 'xxxxxxxxxxxxx',
client_secret: 'xxxxxxxxxxxxxxxx')
I get the following error in response -
"{\"error\":\"invalid_request\",\"error_description\":\"Unable to retrieve access token: appid/redirect uri/code verifier does not match authorization code. Or authorization code expired. Or external member binding exists\"}"
However if the same code block with same client_id and client_secret are working properly when I am doing it without omniauth. So there is another button for use to provide linkedin api access after logging in - that is independent of omniauth.
The same workflow and code block work properly there. But they are failing when used with omniauth, is there any reason for this? Or am I doing something wrong?
