Doorkeeper: Filter chain halted as :doorkeeper_authorize! Completed 403 Forbidden

Created on 6 Jul 2016  路  3Comments  路  Source: doorkeeper-gem/doorkeeper

I'm trying to get OAuth 2 to work with Rails 5.0.0,
When I execute rspec, I get a 403 error when test credential with rspec as following.

Can anyone please guide me if I am missing something?

I use the gems as below:
doorkeeper 3.1.0
postgresql 0.18.4
devise 4.1.1

credentials_controller.rb:

module Api
  module V1
    # Credentials Controller
    class CredentialsController < ApiController
      before_action :doorkeeper_authorize!
      respond_to :json
      def me
        respond_with current_resource_owner
      end
    end
  end
end

credentials_controller_spec.rb:

describe Api::V1::CredentialsController, type: :controller do
  describe 'GET #me (integrated)' do
    # sample
    let!(:application) { Doorkeeper::Application.create!(:name => 'MyApp', :redirect_uri => 'http://app.com') }
    let!(:user) { User.create!(:email => '[email protected]', :password => 'abc123', :password_confirmation => 'abc123') }
    let!(:token) { Doorkeeper::AccessToken.create! :application_id => application.id, :resource_owner_id => user.id }

    context 'When responds succeeded' do
      subject(:response) { get :me, format: :json, access_token: token.token }
      it 'Return 200 status code' do
        expect(response.status).to be == 200
      end
    end
  end
end

log

  [1m[36mActiveRecord::SchemaMigration Load (1.1ms)[0m  [1m[34mSELECT "schema_migrations".* FROM "schema_migrations"[0m
  [1m[35m (0.4ms)[0m  [1m[35mBEGIN[0m
  [1m[35m (0.6ms)[0m  [1m[35mSAVEPOINT active_record_1[0m
  [1m[36mDoorkeeper::Application Exists (2.4ms)[0m  [1m[34mSELECT  1 AS one FROM "oauth_applications" WHERE "oauth_applications"."uid" = $1 LIMIT $2[0m  [["uid", "e3f3a2ef90419eee24bfa1655fea0e2c8555a79fd95f94c841baa9fa07d28dfe"], ["LIMIT", 1]]
  [1m[35mSQL (1.1ms)[0m  [1m[32mINSERT INTO "oauth_applications" ("name", "uid", "secret", "redirect_uri", "created_at", "updated_at") VALUES ($1, $2, $3, $4, $5, $6) RETURNING "id"[0m  [["name", "MyApp"], ["uid", "e3f3a2ef90419eee24bfa1655fea0e2c8555a79fd95f94c841baa9fa07d28dfe"], ["secret", "1baa29493585232c23b7d53b418b6bff9df9a5f5f018a47a223f7afa6e678004"], ["redirect_uri", "http://app.com"], ["created_at", 2016-07-06 03:43:01 UTC], ["updated_at", 2016-07-06 03:43:01 UTC]]
  [1m[35m (0.2ms)[0m  [1m[35mRELEASE SAVEPOINT active_record_1[0m
  [1m[35m (0.6ms)[0m  [1m[35mSAVEPOINT active_record_1[0m
  [1m[36mUser Exists (10.7ms)[0m  [1m[34mSELECT  1 AS one FROM "users" WHERE "users"."email" = $1 LIMIT $2[0m  [["email", "[email protected]"], ["LIMIT", 1]]
  [1m[35mSQL (1.0ms)[0m  [1m[32mINSERT INTO "users" ("email", "encrypted_password", "created_at", "updated_at") VALUES ($1, $2, $3, $4) RETURNING "id"[0m  [["email", "[email protected]"], ["encrypted_password", "$2a$11$wclAIfVHRR2rKPPMNY4By.iSEeM.xEt/9xn6ZMdIOXGWKHE8A4Kyy"], ["created_at", 2016-07-06 03:43:02 UTC], ["updated_at", 2016-07-06 03:43:02 UTC]]
  [1m[35m (0.2ms)[0m  [1m[35mRELEASE SAVEPOINT active_record_1[0m
  [1m[35m (0.6ms)[0m  [1m[35mSAVEPOINT active_record_1[0m
  [1m[36mDoorkeeper::Application Load (1.2ms)[0m  [1m[34mSELECT  "oauth_applications".* FROM "oauth_applications" WHERE "oauth_applications"."id" = $1 LIMIT $2[0m  [["id", 88], ["LIMIT", 1]]
  [1m[36mDoorkeeper::AccessToken Exists (4.2ms)[0m  [1m[34mSELECT  1 AS one FROM "oauth_access_tokens" WHERE "oauth_access_tokens"."token" = $1 LIMIT $2[0m  [["token", "2260761b3f5587619ea0944a09623624dbb1dc2d5ed539b705d6334b764a27e2"], ["LIMIT", 1]]
  [1m[35mSQL (2.6ms)[0m  [1m[32mINSERT INTO "oauth_access_tokens" ("resource_owner_id", "application_id", "token", "created_at") VALUES ($1, $2, $3, $4) RETURNING "id"[0m  [["resource_owner_id", 354], ["application_id", 88], ["token", "2260761b3f5587619ea0944a09623624dbb1dc2d5ed539b705d6334b764a27e2"], ["created_at", 2016-07-06 03:43:02 UTC]]
  [1m[35m (0.5ms)[0m  [1m[35mRELEASE SAVEPOINT active_record_1[0m
DEPRECATION WARNING: ActionController::TestCase HTTP request methods will accept only
keyword arguments in future Rails versions.

Examples:

[get :show, params: { id: 1 }, session: { user_id: 1 }
process :update, method: :post, params: { id: 1 }
 (called from block (4 levels) in <top (required)> at /Users/yongwoon_kim/Desktop/yongwoon/Source/00_private/ruby/ruby_rails_api_cloud_music/spec/app/controllers/v1/credentials_controller_spec.rb:16)
DEPRECATION WARNING: ActionController::TestCase HTTP request methods will accept only
keyword arguments in future Rails versions.
](url)
Examples:

get :show, params: { id: 1 }, session: { user_id: 1 }
process :update, method: :post, params: { id: 1 }
 (called from block (4 levels) in <top (required)> at /Users/yongwoon_kim/Desktop/yongwoon/Source/00_private/ruby/ruby_rails_api_cloud_music/spec/app/controllers/v1/credentials_controller_spec.rb:16)
Processing by Api::V1::CredentialsController#me as JSON
  Parameters: {"access_token"=>"[FILTERED]"}
  [1m[36mDoorkeeper::AccessToken Load (0.2ms)[0m  [1m[34mSELECT  "oauth_access_tokens".* FROM "oauth_access_tokens" WHERE "oauth_access_tokens"."token" = $1 LIMIT $2[0m  [["token", "2260761b3f5587619ea0944a09623624dbb1dc2d5ed539b705d6334b764a27e2"], ["LIMIT", 1]]
Filter chain halted as :doorkeeper_authorize! rendered or redirected
Completed 403 Forbidden in 15ms (ActiveRecord: 0.2ms)


  [1m[35m (0.3ms)[0m  [1m[31mROLLBACK[0m
questiodiscussion

Most helpful comment

@yongwoon How did you resolve this? I sometimes face this problem for some users.

All 3 comments

The issue you describe seems very specific to your code. I suggest that you ask about it in https://stackoverflow.com/questions/tagged/doorkeeper, which will get attention from more people than in this issue tracker. Sorry I don't have the time now to help you with this question, and thanks for reporting!

I got it. Thanks. :)

@yongwoon How did you resolve this? I sometimes face this problem for some users.

Was this page helpful?
0 / 5 - 0 ratings