Missing_OAuth_Token - invalid_credentials

[ghost]

ERROR -- omniauth: (salesforce) Authentication failure! invalid_credentials: OAuth2::Error, Missing_OAuth_Token

we started getting this error recently, any suggestions. It is an intermittent issue.

[dchaley]

FYI I got around this by changing a post to a get:
https://github.com/docsend/omniauth-salesforce/

and in particular,
docsend/omniauth-salesforce@a3445d8

I'm not sure if it's relevant to your issue, but it worked for me. Full disclosure: I didn't track down why changing to a get works. I just observed that it does... so, YMMV!

(BTW, this is out of date, the newly maintained version is: https://github.com/realdoug/omniauth-salesforce)

[ghost]

Cool,will give it a try, thanks for the response.

[msreekm]

Thanks dchaley ,that worked.

I am wondering how changing from POST to GET fixed the issue!

[dchaley]

My suspicion is that it's a Faraday version issue, because the code works as-is in the sample (which uses Faraday 0.7.6). More info in my pull request here: realdoug/omniauth-salesforce#12 (<-- that is the currently maintained site for this project, afaict)

I think it's that the POST requires the oauth_token to be part of a multipart form body, whereas the GET puts it as a parameter; I am guessing that the older version of Faraday did the right thing but the newer one is being stricter or an interface changed, or something like that.

What version of Faraday are you using @msreekm ?

[msreekm]

faraday (0.8.9) and it was working fine with version 0.8.8.

[GLandes]

Hi. I am experiencing same issue. Tried to run your application "in action" getting
An error occurred in the application and your page could not be served. Please try again in a few moments.
If you are the application owner, check your logs for details.

Thanks.
--GL

[sb8244]

Follow up that this is fixed with the latest version at realdoug.

[msreekm]

Hi sb8244- just curious, was this fixed recently @realdoug and do you know what was causing it to fail?

[sb8244]

@msreekm yea, I fixed it. The issue (I think) is that the old way was to POST the access_token in the body of the request. This may have worked in the past, but I think that SFDC changed their encoding so that spaces in the post body trip it up. I came to this conclusion while talking to Pat Patterson at Dreamforce and he said that is a likely cause (although blamed the library and not SFDC).

In any case, the proper way of sending an access_token is always in the header and never in the url or POST body.

[kenleezle]

I had the same issue and changing the post to get fixed the issue for me.

[sb8244]

@kenleezle pull in the latest omniauth-salesforce and it's fixed through the header method.

[realdoug]

Correct. Also, the source code for the gem is located here: https://github.com/realdoug/omniauth-salesforce so any issues, please open them under that repo.