I've seen many answers here, but none of them has worked.
I'm using omniauth-oauth2 gem to integrate with a third-party customer.
I'm using the setup phase described here but I'm always getting this error:
Authentication failure! failed_to_connect: Faraday::Error::ConnectionFailed, SSL_connect SYSCALL returned=5 errno=0 state=SSLv2/v3 read server hello A
Faraday::Error::ConnectionFailed (SSL_connect SYSCALL returned=5 errno=0 state=SSLv2/v3 read server hello A):
.rvm/rubies/ruby-2.0.0-p247/lib/ruby/2.0.0/net/http.rb:918:in `connect'
.rvm/rubies/ruby-2.0.0-p247/lib/ruby/2.0.0/net/http.rb:918:in `block in connect'
My initializer at config/initializers
is:
Rails.application.config.middleware.use OmniAuth::Builder do
client_id = 'my_client_id'
client_secret = 'secret'
ca_file = Rails.root.join('config', 'cacert.pem').to_s
ssl_options = {}
ssl_options[:ca_path] = '/usr/local/etc/openssl'
ssl_options[:ca_file] = ca_file
provider :my_partner_provider, client_id, client_secret, :client_options => {:ssl => ssl_options},
setup: ->(env){
req = Rack::Request.new(env)
site = "https://#{req.params.fetch('shop')}"
env['omniauth.strategy'].options[:client_options][:site] = site
}
end
I've tried with and without ssl options.
To complement, here's my stack: https://gist.github.com/cleytonmessias/11274209
I've typed in terminal openssl s_client -showcerts -connect partnerurl.com:443 <<<OK
and it returned this: https://gist.github.com/cleytonmessias/11288646
Does anyone know the solution to this issue?
Thanks to @mislav who give the hint to change SSL version
.
I had to change this because my partner has its application built using asp.net and uses this version of SSL. More info at https://mislav.net/2013/07/ruby-openssl/
So the final code is as follows:
Rails.application.config.middleware.use OmniAuth::Builder do
client_id = 'my_client_id'
client_secret = 'secret'
ssl_options = {}
ssl_options[:version] = :TLSv1
ssl = {}
ssl[:ssl] = ssl_options
provider :partner, client_id, client_secret,
client_options: { connection_opts: ssl} ,
setup: ->(env){
req = Rack::Request.new(env)
token_url = "https://#{req.params.fetch('shop')}"
env['omniauth.strategy'].options[:client_options][:token_url] = token_url
}
end