Episodes
dev said 11 months ago on Sign in with Apple :
I get this error at the eng of the auth when redirected from apple back to my app. any idea what can be done?

dev said 11 months ago on Sign in with Apple :
[2021-06-19T16:34:18.604221 #2862] ERROR -- omniauth: (apple) Authentication failure! ActionController::InvalidAuthenticityToken: ActionController::InvalidAuthenticityToken, ActionController::InvalidAuthenticityToken
Processing by Users::OmniauthCallbacksController#failure as HTML
  Parameters: {"state"=>"9bf2fd47a4a6a974e80889bceeb4fa10425b05b2c75a3cf6", "code"=>"cbeb4eb304c48409da86bf313402963fd.0.rrwxw.-Z_S38uP9QWZngKVYOw_Wg"}
HTTP Origin header (https://appleid.apple.com) didn't match request.base_url (https://0d63971b17d047668e6a6f6fdb8f02ed.vfs.cloud9.eu-central-1.amazonaws.com)
Completed 422 Unprocessable Entity in 1ms (ActiveRecord: 0.0ms | Allocations: 449)

dev said 11 months ago on Sign in with Apple :
Authentication failure! nonce_mismatch: OmniAuth::Strategies::OAuth2::CallbackError, nonce_mismatch | nonce mismatch

dev said 11 months ago on Sign in with Apple :
fixed. I missed `  skip_before_action :verify_authenticity_token` in my controller

choffman PRO said 8 months ago on Sign in with Apple :
Great episode! Quick question, the best approach to set this up locally (localhost:3000) for testing?

David Kimura PRO said 8 months ago on Sign in with Apple :
I don't know if there is a good way to test localhost without something like ngrok.

choffman PRO said 8 months ago on Sign in with Apple :
Hey, one more question. :) 
Any idea what might be causing this error? Everything seems to be working correctly, I can authenticate / login into the web app. But Ithis flash message appears. I can't figure out what's causing "Nonce mismatch".  Any thoughts?
Could not authenticate you from Apple because "Nonce mismatch".

From the logs:
Logs:
ERROR -- omniauth: (apple) Authentication failure! nonce_mismatch: OmniAuth::Strategies::OAuth2::CallbackError, nonce_mismatch | nonce mismatch

David Kimura PRO said 8 months ago on Sign in with Apple :
It's pretty hard to tell   choffman  . During the discovery of creating this episode, I got that kind of message a few times, but nothing in the error pointed me in the right direction to resolve it. I searched the Apple developer forums a few times and found several hints to resolve the issue and one of them finally worked. However, the kind of error message I got was with the handshake and it prevented authenticating the user. I haven't seen this particular case where you are authenticated, but still get that flash message.

choffman PRO said 8 months ago on Sign in with Apple :
I read changing this setting to :none will eliminate the error. But, that doesn't seem right. I tested it and it works in Safari and FF (no nonce mismatch error), but fails in Chrome. Hmmm.... 
config.action_dispatch.cookies_same_site_protection = :lax

alana.james2 said 7 months ago on Sign in with Apple :
Hi there,

I tried setting the keys with rails credentials, and I'm getting faced with this error now

omniauth: (apple) Authentication failure! undefined method `curve_name' for nil:NilClass: NoMethodError, undefined method `curve_name' for nil:NilClass

Any ideas how I can fix this? :/

alana.james2 said 7 months ago on Sign in with Apple :
Fixed the above following: https://github.com/nhosoya/omniauth-apple/issues/14

Now I'm receiving this error:
omniauth: (apple) Request phase initiated.

From what I can see online it may be a devise issue?

alana.james2 said 6 months ago on Sign in with Apple :
  choffman  Did you manage to solve the nonce mismatch error? Ran into this now.. 

choffman PRO said 6 months ago on Sign in with Apple :
Hey Alana - Unfortunately, no I did not find a good solution. I had to move on to other tasks. I was able to find the line of code in the Gem that caused the nonce error, removing or suppressing it didn't seem like a good idea. Let me know if find anything that might work. 

FYI - 
The issue has been reported to GitHub: https://github.com/nhosoya/omniauth-apple/issues/76



Login to Comment