OAuth2::Error invalid_client: client_id parameter missing being thrown before callback

[diasluan]

I've updated the gem to the latest version (2.3.0) with the following dependencies:

• omniauth-oauth2 (1.8.0)
• omniauth (2.1.0)
• omniauth-rails_csrf_protection (1.0.1)

But now, after logging into mailchimp and authorizing the access, I get the OAuth2::Error invalid_client: client_id parameter missing error.

Checking the mailchimp authorization url I can see that the client_id is included on it
https://login.mailchimp.com/oauth2/authorize?response_type=code&client_id=<my client id>&redirect_uri=https%3A%2F%2F<myapp.com>%2Fauth%2Fmailchimp%2Fcallback&retry=1

And looking at the stacktrace I can see that my app is not being reached yet and that the request is stuck in Oauth2 due to the error
oauth2 (2.0.6) lib/oauth2/client.rb:139:inrequest'
oauth2 (2.0.6) lib/oauth2/client.rb:188:in get_token' oauth2 (2.0.6) lib/oauth2/strategy/auth_code.rb:37:in get_token'
omniauth-oauth2 (1.8.0) lib/omniauth/strategies/oauth2.rb:126:in build_access_token' omniauth-oauth2 (1.8.0) lib/omniauth/strategies/oauth2.rb:91:in callback_phase'
omniauth (2.1.0) lib/omniauth/strategy.rb:272:in callback_call' omniauth (2.1.0) lib/omniauth/strategy.rb:194:in call!'
omniauth (2.1.0) lib/omniauth/strategy.rb:169:in call' omniauth (2.1.0) lib/omniauth/builder.rb:44:in call'
rack (2.2.4) lib/rack/tempfile_reaper.rb:15:in call' rack (2.2.4) lib/rack/etag.rb:27:in call'
rack (2.2.4) lib/rack/conditional_get.rb:27:in call' rack (2.2.4) lib/rack/head.rb:12:in call'
actionpack (7.0.3.1) lib/action_dispatch/http/permissions_policy.rb:38:in call' actionpack (7.0.3.1) lib/action_dispatch/http/content_security_policy.rb:36:in call'
rack (2.2.4) lib/rack/session/abstract/id.rb:266:in context' rack (2.2.4) lib/rack/session/abstract/id.rb:260:in call'
actionpack (7.0.3.1) lib/action_dispatch/middleware/cookies.rb:697:in call' activerecord (7.0.3.1) lib/active_record/migration.rb:603:in call'
actionpack (7.0.3.1) lib/action_dispatch/middleware/callbacks.rb:27:in block in call' activesupport (7.0.3.1) lib/active_support/callbacks.rb:99:in run_callbacks'
actionpack (7.0.3.1) lib/action_dispatch/middleware/callbacks.rb:26:in call' actionpack (7.0.3.1) lib/action_dispatch/middleware/executor.rb:14:in call'
actionpack (7.0.3.1) lib/action_dispatch/middleware/actionable_exceptions.rb:17:in call' actionpack (7.0.3.1) lib/action_dispatch/middleware/debug_exceptions.rb:28:in call'
actionpack (7.0.3.1) lib/action_dispatch/middleware/show_exceptions.rb:26:in call' railties (7.0.3.1) lib/rails/rack/logger.rb:40:in call_app'
railties (7.0.3.1) lib/rails/rack/logger.rb:25:in block in call' activesupport (7.0.3.1) lib/active_support/tagged_logging.rb:114:in block in tagged'
activesupport (7.0.3.1) lib/active_support/tagged_logging.rb:38:in tagged' activesupport (7.0.3.1) lib/active_support/tagged_logging.rb:114:in tagged'
railties (7.0.3.1) lib/rails/rack/logger.rb:25:in call' sprockets-rails (3.4.2) lib/sprockets/rails/quiet_assets.rb:13:in call'
actionpack (7.0.3.1) lib/action_dispatch/middleware/remote_ip.rb:93:in call' actionpack (7.0.3.1) lib/action_dispatch/middleware/request_id.rb:26:in call'
rack (2.2.4) lib/rack/method_override.rb:24:in call' rack (2.2.4) lib/rack/runtime.rb:22:in call'
activesupport (7.0.3.1) lib/active_support/cache/strategy/local_cache_middleware.rb:29:in call' actionpack (7.0.3.1) lib/action_dispatch/middleware/executor.rb:14:in call'
actionpack (7.0.3.1) lib/action_dispatch/middleware/static.rb:23:in call' rack (2.2.4) lib/rack/sendfile.rb:110:in call'
actionpack (7.0.3.1) lib/action_dispatch/middleware/host_authorization.rb:137:in call' railties (7.0.3.1) lib/rails/engine.rb:530:in call'
railties (7.0.3.1) lib/rails/railtie.rb:226:in public_send' railties (7.0.3.1) lib/rails/railtie.rb:226:in method_missing'
puma (5.6.4) lib/puma/configuration.rb:252:in call' puma (5.6.4) lib/puma/request.rb:77:in block in handle_request'
puma (5.6.4) lib/puma/thread_pool.rb:340:in with_force_shutdown' puma (5.6.4) lib/puma/request.rb:76:in handle_request'
puma (5.6.4) lib/puma/server.rb:441:in process_client' puma (5.6.4) lib/puma/thread_pool.rb:147:in block in spawn_thread'
`

[mattwigham]

I'm having this issue as well.

[espen]

I am getting this on v2.1.0 as well. Looks like build_access_token is not able to add client_id.

[espen]

This is due to changes in oauth2 v2

[diasluan]

@stevenkaras are you still supporting this gem?

[espen]

Reason:

#312 - BREAKING: Set :basic_auth as default for :auth_scheme instead of :request_body. This was default behavior before 1.3.0. (@tetsuya, @wy193777)

[espen]

That will get the access_token but oauth v2 seems to require a refresh token. It will say it is expired an attempt to refresh it and fail as there is no refresh_token.

Related: omniauth/omniauth-oauth2#143

[espen]

This will fix this issue: espen@fd6b007. See #8

[espen]

Looks like the expiry time has to be increased. Getting "A refresh_token is not available" for some users. Should check with omniauth-oauth2 if there is a better way.