Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Getting Authentication passthru for Omniauth when Devise.setup is wrapped under Rails.application.reloader.to_prepare #5699

Open
kcore opened this issue Jul 9, 2024 · 1 comment
Open

Getting Authentication passthru for Omniauth when Devise.setup is wrapped under Rails.application.reloader.to_prepare #5699

kcore opened this issue Jul 9, 2024 · 1 comment

Comments

@kcore
Copy link

kcore commented Jul 9, 2024

Pre-check

  • Do not use the issues tracker for help or support, try Stack Overflow.
  • For bugs, do a quick search and make sure the bug has not yet been reported
  • If you found a security bug, do not report it through GitHub. Please send an e-mail to [email protected] instead.
  • Finally, be nice and have fun!

Environment

  • Ruby 2.7.6
  • Rails 6.7.1.8
  • Devise 4.8.1

Current behavior

As part of the ruby 3.0 & Rails 7 upgrade prep, I updated config.active_support.deprecation = :raise so that we understand what all we need to fix before we move. One of the first things that came was
DEPRECATION WARNING: Initialization autoloaded the constant Devise::Mailer
so I wrapped the entire config/initializers/devise.rb contents under Rails.application.reloader.to_prepare

Rails.application.reloader.to_prepare do
     Devise.setup do |config|
        ...
     end
end

Everything worked like a charm; until it didn't!
We use omniauth (google, microsoft etc). The authorize urls starting to fail with "not found. authentication passthru"

Started POST "/users/auth/google_oauth2" for ::1 at 2024-07-09 15:50:21 +0530
Processing by Users::OmniauthCallbacksController#passthru as HTML
  Parameters: {"authenticity_token"=>"XXXXXXXXXXXXXXXXXXX"}
  Rendering text template
  Rendered text template (Duration: 0.0ms | Allocations: 3)
Completed 404 Not Found in 59ms (Views: 5.5ms | MongoDB: 0.0ms | Allocations: 70764)

Strangely, with the reloader block, even if I removed the oauth strategy registration

config.omniauth :google_oauth2, OAUTH_GOOGLE_CLIENT_ID, OAUTH_GOOGLE_SECRET, {
    name: 'google_oauth2',
    scope: OAUTH_GOOGLE_CALENDAR_SCOPE.join(","),
    prompt: "consent",
    strategy_class: OmniAuth::Strategies::GoogleOauth2
  }

the authorizer urls (user_google_oauth2_omniauth_authorize_path) still didn't give any errors and loaded just fine which led to the believe that there was some issue in the Devise.setup part eventually leading to me realising the only change that was done was adding the reloader block!

I finally update my devise initializer to move out of the reloader block and everything started to work again!

Rails.application.reloader.to_prepare do
  Devise::Mailer.default .......
end
Devise.setup do |config|
  ....
end

Can someone please explain why this happened and if this is indeed a bug or an expected behaviour?

Expected behavior

Adding the entire devise setup block under Rails.reloader should not affect its behaviour
@jomsie
Copy link

jomsie commented Aug 27, 2024

I had this same issue, and thank you @kcore for the temporary(?) fix!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@kcore @jomsie