Attempting to use Ueberauth with github, but local testing hits a csrf error. I found some other threads, including the recommendation of downporting the oauth2 dependency to 2.0.1
But none of this has resolved the issue. I’m wondering if anyone has github oauth testable in a localhost environment, or whether I need to set up a test from a “real” domain in order to develop this feature.
UPDATE:
Of note, github is returning the full authentication information; it is only after receiving the authentication data and tokens that ueberauth throws the csrf error – e.g. this does not seem to be a problem with the github configuration.
Just forget about local testing. There is very little code involved for an Oauth setup; I’d just put in my credentials and take a leap of faith.
I got it working. I prefer to test before deploying.
It helps future readers to show how.
In this case, the ueberauth object included both a csrf failure notification AND the actual correct results from the authenticating body. I still don’t know why, but if I handle the success first and only fall through to the error if there is no success, then it does not trip me up in localhost. I will have to do subsequent testing in a prod environment to make sure this remains a valid code structure, but at the very least I unblocked testing on localhost.
