Episodes
dev said over 1 year ago on Sign in with Apple :
I get this error at the eng of the auth when redirected from apple back to my app. any idea what can be done?

dev said over 1 year ago on Sign in with Apple :
[2021-06-19T16:34:18.604221 #2862] ERROR -- omniauth: (apple) Authentication failure! ActionController::InvalidAuthenticityToken: ActionController::InvalidAuthenticityToken, ActionController::InvalidAuthenticityToken
Processing by Users::OmniauthCallbacksController#failure as HTML
  Parameters: {"state"=>"9bf2fd47a4a6a974e80889bceeb4fa10425b05b2c75a3cf6", "code"=>"cbeb4eb304c48409da86bf313402963fd.0.rrwxw.-Z_S38uP9QWZngKVYOw_Wg"}
HTTP Origin header (https://appleid.apple.com) didn't match request.base_url (https://0d63971b17d047668e6a6f6fdb8f02ed.vfs.cloud9.eu-central-1.amazonaws.com)
Completed 422 Unprocessable Entity in 1ms (ActiveRecord: 0.0ms | Allocations: 449)

dev said over 1 year ago on Sign in with Apple :
Authentication failure! nonce_mismatch: OmniAuth::Strategies::OAuth2::CallbackError, nonce_mismatch | nonce mismatch

dev said over 1 year ago on Sign in with Apple :
fixed. I missed `  skip_before_action :verify_authenticity_token` in my controller

choffman PRO said about 1 year ago on Sign in with Apple :
Great episode! Quick question, the best approach to set this up locally (localhost:3000) for testing?

David Kimura PRO said about 1 year ago on Sign in with Apple :
I don't know if there is a good way to test localhost without something like ngrok.

choffman PRO said about 1 year ago on Sign in with Apple :
Hey, one more question. :) 
Any idea what might be causing this error? Everything seems to be working correctly, I can authenticate / login into the web app. But Ithis flash message appears. I can't figure out what's causing "Nonce mismatch".  Any thoughts?
Could not authenticate you from Apple because "Nonce mismatch".

From the logs:
Logs:
ERROR -- omniauth: (apple) Authentication failure! nonce_mismatch: OmniAuth::Strategies::OAuth2::CallbackError, nonce_mismatch | nonce mismatch

David Kimura PRO said about 1 year ago on Sign in with Apple :
It's pretty hard to tell   . During the discovery of creating this episode, I got that kind of message a few times, but nothing in the error pointed me in the right direction to resolve it. I searched the Apple developer forums a few times and found several hints to resolve the issue and one of them finally worked. However, the kind of error message I got was with the handshake and it prevented authenticating the user. I haven't seen this particular case where you are authenticated, but still get that flash message.

choffman PRO said about 1 year ago on Sign in with Apple :
I read changing this setting to :none will eliminate the error. But, that doesn't seem right. I tested it and it works in Safari and FF (no nonce mismatch error), but fails in Chrome. Hmmm.... 
config.action_dispatch.cookies_same_site_protection = :lax

alana.james2 said 11 months ago on Sign in with Apple :
Hi there,

I tried setting the keys with rails credentials, and I'm getting faced with this error now

omniauth: (apple) Authentication failure! undefined method `curve_name' for nil:NilClass: NoMethodError, undefined method `curve_name' for nil:NilClass

Any ideas how I can fix this? :/

alana.james2 said 11 months ago on Sign in with Apple :
Fixed the above following: https://github.com/nhosoya/omniauth-apple/issues/14

Now I'm receiving this error:
omniauth: (apple) Request phase initiated.

From what I can see online it may be a devise issue?

alana.james2 said 11 months ago on Sign in with Apple :
  Did you manage to solve the nonce mismatch error? Ran into this now.. 

choffman PRO said 11 months ago on Sign in with Apple :
Hey Alana - Unfortunately, no I did not find a good solution. I had to move on to other tasks. I was able to find the line of code in the Gem that caused the nonce error, removing or suppressing it didn't seem like a good idea. Let me know if find anything that might work. 

FYI - 
The issue has been reported to GitHub: https://github.com/nhosoya/omniauth-apple/issues/76



louis2again PRO said about 2 months ago on Sign in with Apple :
Hi, just tried this and seems to be working OK for me using ENV, its mentioned in the video to use credentials and this is where I'm having an issue as it seems my format of the oauth strategy added in devise.rb  is wrong, when trying to run rails server to test it crashes 

Exiting
/Users/****/.rbenv/versions/3.0.2/lib/ruby/gems/3.0.0/gems/bootsnap-1.11.1/lib/bootsnap/load_path_cache/core_ext/kernel_require.rb:39:in `load': /Users/****/****/****/****/config/initializers/devise.rb:322: syntax error, unexpected ',', expecting => (SyntaxError)
...cope: 'email name', apple_team, apple_key, apple_pem
...                              ^


 for info this is how I've declared in devise.rb 

  apple_client = Rails.application.credentials.facebook[:client]  
  apple_null = Rails.application.credentials.facebook[:applenull]  
  apple_team = Rails.application.credentials.facebook[:team]  
  apple_key = Rails.application.credentials.facebook[:key]  
  apple_pem = Rails.application.credentials.facebook[:pem]  
  config.omniauth :apple, apple_client, apple_null, scope: 'email name', apple_team, apple_key, apple_pem,  provider_ignores_state: true


Anyone able to help please?

louis2again PRO said about 2 months ago on Sign in with Apple :
OK, with some  help from  David Kimura I got it working with credentails and corrected my 'copy and paste' error from facebook Oauth strategy. Lesson learnt is about the escape character /n that must be used when specifying the key in the credentials file, something about the conversion to 64 bit ..... ( error you get from Apple will be something along the lines of 'OpenSSL::PKey::ECError, invalid curve name'. Thanks again to David for his prompt help.

Login to Comment