openid
undefined method for_url? for OpenID::Consumer::DiscoveredServices on Rails 4.1 RC1
Works fine in Rails 4.0.x, on Ruby 2.1.0. This is with a pretty vanilla rails app, configured to use OmniAuth and Google Apps for login. We've been using this stack and exact gem versions fine for 3.2.x and 4.0.x on Ruby 1.9.x, 2.0.x and 2.1.x.
This is for version 2.5 of this gem (gem list included below).
Looking at the code, I have no idea why it's complaining. Stack trace below. Any ideas?
12:57:35 web.1 | I, [2014-02-19T12:57:35.105838 #97709] INFO -- omniauth: (google_apps) Request phase initiated.
12:57:35 web.1 | F, [2014-02-19T12:57:35.160764 #97709] FATAL -- :
12:57:35 web.1 | NoMethodError (undefined method `for_url?' for "#<OpenID::Consumer::DiscoveredServices:0x007f857ec91908>":String):
12:57:35 web.1 | ruby-openid (2.5.0) lib/openid/consumer/discovery_manager.rb:80:in `get_manager'
12:57:35 web.1 | ruby-openid (2.5.0) lib/openid/consumer/discovery_manager.rb:44:in `get_next_service'
12:57:35 web.1 | ruby-openid (2.5.0) lib/openid/consumer.rb:222:in `begin'
12:57:35 web.1 | rack-openid (1.3.1) lib/rack/openid.rb:123:in `begin_authentication'
12:57:35 web.1 | rack-openid (1.3.1) lib/rack/openid.rb:102:in `call'
12:57:35 web.1 | omniauth-openid (1.0.1) lib/omniauth/strategies/open_id.rb:53:in `start'
12:57:35 web.1 | omniauth-openid (1.0.1) lib/omniauth/strategies/open_id.rb:48:in `request_phase'
12:57:35 web.1 | omniauth (1.2.1) lib/omniauth/strategy.rb:215:in `request_call'
12:57:35 web.1 | omniauth (1.2.1) lib/omniauth/strategy.rb:183:in `call!'
12:57:35 web.1 | omniauth (1.2.1) lib/omniauth/strategy.rb:164:in `call'
12:57:35 web.1 | omniauth (1.2.1) lib/omniauth/builder.rb:59:in `call'
12:57:35 web.1 | newrelic_rpm (3.7.2.195) lib/new_relic/rack/error_collector.rb:55:in `call'
12:57:35 web.1 | newrelic_rpm (3.7.2.195) lib/new_relic/rack/agent_hooks.rb:32:in `call'
12:57:35 web.1 | newrelic_rpm (3.7.2.195) lib/new_relic/rack/browser_monitoring.rb:27:in `call'
12:57:35 web.1 | rack (1.5.2) lib/rack/etag.rb:23:in `call'
12:57:35 web.1 | rack (1.5.2) lib/rack/conditionalget.rb:25:in `call'
12:57:35 web.1 | rack (1.5.2) lib/rack/head.rb:11:in `call'
12:57:35 web.1 | actionpack (4.1.0.rc1) lib/action_dispatch/middleware/params_parser.rb:27:in `call'
12:57:35 web.1 | actionpack (4.1.0.rc1) lib/action_dispatch/middleware/flash.rb:254:in `call'
12:57:35 web.1 | rack (1.5.2) lib/rack/session/abstract/id.rb:225:in `context'
12:57:35 web.1 | rack (1.5.2) lib/rack/session/abstract/id.rb:220:in `call'
12:57:35 web.1 | actionpack (4.1.0.rc1) lib/action_dispatch/middleware/cookies.rb:551:in `call'
12:57:35 web.1 | activerecord (4.1.0.rc1) lib/active_record/query_cache.rb:36:in `call'
12:57:35 web.1 | activerecord (4.1.0.rc1) lib/active_record/connection_adapters/abstract/connection_pool.rb:621:in `call'
12:57:35 web.1 | activerecord (4.1.0.rc1) lib/active_record/migration.rb:380:in `call'
12:57:35 web.1 | actionpack (4.1.0.rc1) lib/action_dispatch/middleware/callbacks.rb:29:in `block in call'
12:57:35 web.1 | activesupport (4.1.0.rc1) lib/active_support/callbacks.rb:82:in `run_callbacks'
12:57:35 web.1 | actionpack (4.1.0.rc1) lib/action_dispatch/middleware/callbacks.rb:27:in `call'
12:57:35 web.1 | actionpack (4.1.0.rc1) lib/action_dispatch/middleware/reloader.rb:73:in `call'
12:57:35 web.1 | actionpack (4.1.0.rc1) lib/action_dispatch/middleware/remote_ip.rb:76:in `call'
12:57:36 web.1 | airbrake (3.1.15) lib/airbrake/rails/middleware.rb:13:in `call'
12:57:36 web.1 | actionpack (4.1.0.rc1) lib/action_dispatch/middleware/debug_exceptions.rb:17:in `call'
12:57:36 web.1 | actionpack (4.1.0.rc1) lib/action_dispatch/middleware/show_exceptions.rb:30:in `call'
12:57:36 web.1 | stitchfix-logger (2.1.0) lib/rails_ext/rails/rack/logger.rb:29:in `call_app'
12:57:36 web.1 | stitchfix-logger (2.1.0) lib/rails_ext/rails/rack/logger.rb:23:in `call'
12:57:36 web.1 | actionpack (4.1.0.rc1) lib/action_dispatch/middleware/request_id.rb:21:in `call'
12:57:36 web.1 | rack (1.5.2) lib/rack/methodoverride.rb:21:in `call'
12:57:36 web.1 | rack (1.5.2) lib/rack/runtime.rb:17:in `call'
12:57:36 web.1 | activesupport (4.1.0.rc1) lib/active_support/cache/strategy/local_cache.rb:87:in `call'
12:57:36 web.1 | rack (1.5.2) lib/rack/lock.rb:17:in `call'
12:57:36 web.1 | actionpack (4.1.0.rc1) lib/action_dispatch/middleware/static.rb:64:in `call'
12:57:36 web.1 | rack (1.5.2) lib/rack/sendfile.rb:112:in `call'
12:57:36 web.1 | airbrake (3.1.15) lib/airbrake/user_informer.rb:16:in `_call'
12:57:36 web.1 | airbrake (3.1.15) lib/airbrake/user_informer.rb:12:in `call'
12:57:36 web.1 | railties (4.1.0.rc1) lib/rails/engine.rb:515:in `call'
12:57:36 web.1 | railties (4.1.0.rc1) lib/rails/application.rb:142:in `call'
12:57:36 web.1 | rack (1.5.2) lib/rack/lint.rb:49:in `_call'
12:57:36 web.1 | rack (1.5.2) lib/rack/lint.rb:37:in `call'
12:57:36 web.1 | rack (1.5.2) lib/rack/showexceptions.rb:24:in `call'
12:57:36 web.1 | rack (1.5.2) lib/rack/commonlogger.rb:33:in `call'
12:57:36 web.1 | rack (1.5.2) lib/rack/chunked.rb:43:in `call'
12:57:36 web.1 | rack (1.5.2) lib/rack/content_length.rb:14:in `call'
12:57:36 web.1 | unicorn (4.8.2) lib/unicorn/http_server.rb:572:in `process_client'
12:57:36 web.1 | unicorn (4.8.2) lib/unicorn/http_server.rb:666:in `worker_loop'
12:57:36 web.1 | newrelic_rpm (3.7.2.195) lib/new_relic/agent/instrumentation/unicorn_instrumentation.rb:22:in `call'
12:57:36 web.1 | newrelic_rpm (3.7.2.195) lib/new_relic/agent/instrumentation/unicorn_instrumentation.rb:22:in `block (4 levels) in <top (required)>'
12:57:36 web.1 | unicorn (4.8.2) lib/unicorn/http_server.rb:521:in `spawn_missing_workers'
12:57:36 web.1 | unicorn (4.8.2) lib/unicorn/http_server.rb:140:in `start'
12:57:36 web.1 | unicorn (4.8.2) bin/unicorn:126:in `<top (required)>'
12:57:36 web.1 | /Users/davec/.rvm/gems/ruby-2.1.0@astro_city/bin/unicorn:23:in `load'
12:57:36 web.1 | /Users/davec/.rvm/gems/ruby-2.1.0@astro_city/bin/unicorn:23:in `<main>'
12:57:36 web.1 | /Users/davec/.rvm/gems/ruby-2.1.0@astro_city/bin/ruby_executable_hooks:15:in `eval'
12:57:36 web.1 | /Users/davec/.rvm/gems/ruby-2.1.0@astro_city/bin/ruby_executable_hooks:15:in `<main>'
> gem list
actionmailer (4.1.0.rc1)
actionpack (4.1.0.rc1)
actionview (4.1.0.rc1)
activemodel (4.1.0.rc1)
activerecord (4.1.0.rc1)
activesupport (4.1.0.rc1)
airbrake (3.1.15)
arel (5.0.0)
atomic (1.1.14)
bigdecimal (1.2.3)
bootstrap-sass (3.1.1.0)
bower-rails (0.7.1)
braintree (2.19.0)
brakeman (2.4.1)
builder (3.2.2)
bundler (1.3.5)
bundler-unload (1.0.2)
cancan (1.6.10)
capybara (2.2.1)
childprocess (0.5.1)
coffee-rails (4.0.1)
coffee-script (2.2.0)
coffee-script-source (1.7.0)
daemons (1.1.9)
dalli (2.7.0)
database_cleaner (1.2.0)
diff-lcs (1.2.5)
dotenv (0.9.0)
erubis (2.7.0)
eventmachine (1.0.3)
execjs (2.0.2)
executable-hooks (1.2.6)
factory_girl (4.4.0)
factory_girl_rails (4.4.0)
fastercsv (1.5.5)
ffi (1.9.3)
foreman (0.63.0)
gem-man (0.3.0)
gem-wrappers (1.2.1)
gli (2.8.1)
haml (4.0.5)
hashie (2.0.5)
highline (1.6.20)
hike (1.2.3)
hk (0.0.1)
hl (1.1.0)
i18n (0.6.9)
io-console (0.4.2)
jbuilder (2.0.3)
jquery-rails (3.1.0)
jquery-ui-rails (4.2.0)
json (1.8.1)
kgio (2.9.2)
mail (2.5.4)
mail_view (2.0.4)
mailcatcher (0.2.4)
mc-settings (0.1.6)
methadone (1.0.0)
mime-types (1.25.1)
mini_portile (0.5.2)
minitest (5.2.3, 4.7.5)
mono_logger (1.1.0)
multi_json (1.8.4)
newrelic_rpm (3.7.2.195)
nokogiri (1.6.1)
omniauth (1.2.1)
omniauth-google-apps (0.1.0, 0.0.2)
omniauth-openid (1.0.1)
paper_trail (3.0.0)
pg (0.17.1)
phantomjs (1.9.2.1)
polyglot (0.3.4)
psych (2.0.2)
rack (1.5.2)
rack-openid (1.3.1)
rack-protection (1.5.2)
rack-test (0.6.2)
rails (4.1.0.rc1)
rails_12factor (0.0.2)
rails_serve_static_assets (0.0.2)
rails_stdout_logging (0.0.3)
railties (4.1.0.rc1)
rainbow (2.0.0, 1.99.1)
raindrops (0.13.0)
rake (10.1.1, 10.1.0)
rdoc (4.1.1, 4.1.0)
redis (3.0.7)
redis-namespace (1.4.1)
resque (1.25.1)
resque-retry (1.0.0)
resque-scheduler (2.5.4)
resque_mailer (2.2.6)
rspec (2.14.1)
rspec-core (2.14.7)
rspec-expectations (2.14.5)
rspec-mocks (2.14.5)
rspec-rails (2.14.1)
ruby-openid (2.5.0, 2.3.0)
ruby-openid-apps-discovery (1.2.0)
ruby2ruby (2.0.7)
ruby_css_lint (0.1.0)
ruby_parser (3.4.1)
rubygems-bundler (1.4.2)
rubyzip (1.1.0)
rufus-scheduler (2.0.24)
rvm (1.11.3.8)
sass (3.2.14, 3.2.13)
sass-rails (4.0.1)
sdoc (0.4.0)
selenium-webdriver (2.39.0)
sexp_processor (4.4.1)
sinatra (1.4.4)
skinny (0.2.3)
slim (2.0.2)
spring (1.1.1)
sprockets (2.10.1)
sprockets-rails (2.0.1)
sqlite3 (1.3.8)
sqlite3-ruby (1.3.3)
teaspoon (0.7.9)
temple (0.6.7)
terminal-table (1.4.5)
test-unit (2.1.0.0)
thin (1.5.1)
thor (0.18.1)
thread_safe (0.1.3)
tilt (1.4.1)
treetop (1.4.15)
trickster (1.3.1)
tzinfo (1.1.0)
uglifier (2.4.0)
unicorn (4.8.2)
vegas (0.1.11)
websocket (1.0.7)
xpath (2.0.0)
Maybe the problem happens because the OpenID is 2.0 and not 1.0. I think that library only supports 1.0.
I solved this in my app by setting Rails.application.config.action_dispatch.cookies_serializer = :marshal. In new apps (generated in Rails 4.1) this is set by default to :json in config/initializers/cookies_serializer.rb
:+1: this also worked for me. I'm not sure if this is a ruby-openid problem or not, so I'll let the maintainers close if they want
I used @thadd's suggestion and restarted my app, but I get the following error
TypeError (incompatible marshal file format (can't be read)
format version 4.8 required; 123.34 given):
activesupport (4.1.1) lib/active_support/core_ext/marshal.rb:6:in `load'
activesupport (4.1.1) lib/active_support/core_ext/marshal.rb:6:in `load_with_autoloading'
actionpack (4.1.1) lib/action_dispatch/middleware/cookies.rb:428:in `deserialize'
@sguha00 This might be caused by an old cookie created with the wrong format. Try clearing existing cookies and see if it persists.
@theadd, thanks that did it! Probably the best way to invalidate all cookies in the old format is to change the key in initializers/session_store.rb. That seemed the to do the trick.
+1
Also had the issue and had to change cookies_serializer as a quick fix for now, according to @thadd.
From what I gather, this is happening because the OpenID object cannot be serialized as JSON.
Reference from the Rails 4.1 upgrading guide:
When using the :json or :hybrid serializer, you should beware that not all Ruby objects can be serialized as JSON. For example, Date and Time objects will be serialized as strings, and Hashes will have their keys stringified.
Should this be an issue to be addressed here? @dennisreimann
I assume that the strategy in omniauth-google-oauth2 does not require OpenID?
I just encountered this issue because I'm using the omniauth-steam gem.
No it does not require OpenID, but it requires you to register an app with Google and put app key and secret in the app.
Christian
On Mon, Jun 9, 2014 at 12:29 PM, Wei-Meng Lee [email protected] wrote:
I assume that the strategy in omniauth-google-oauth2 does not require OpenID?
I just encountered this issue because I'm using the omniauth-steam gem.
— Reply to this email directly or view it on GitHub https://github.com/openid/ruby-openid/issues/75#issuecomment-45533274.
Christian Hansen CTO at CrowdCurity (+1) 415 568 5431 _christian@_crowdcurity.com [email protected]
Crowdsourced Web Security www.crowdcurity.com https://www.crowdcurity.com/
I can confirm that this is still an issue in Rails 4.1.5 with ruby-openid 2.5.0.
Any word or update from the maintainers about this issue? Changing Rails' cookies serializer is not a viable permanent solution for me, unfortunately. :smile:
As an aside, is there any reason that OpenID must store a complex object in a cookie? The main reason for the new JSON serializer is to improve the security of cookies, as well as discourage developers from storing complex objects in cookies.
I still experience the same issue on 2.6.0, so #79 doesn't really fix that.
Any update about this issue? I can't also change Rail's cookies serializer.
