我正在使用带有Devise和omniauth-stripe-connect gem的Rails。
Devise.rb
config.omniauth :stripe_connect,
ENV['STRIPE_CONNECT_CLIENT_ID'],
ENV['STRIPE_SECRET_KEY'],
:scope => 'read_write',
:stripe_landing => 'register'
全身份验证回调控制器
class OmniauthCallbacksController < Devise::OmniauthCallbacksController
def stripe_connect
@user = current_user
if @user.update_attributes({
provider: request.env["omniauth.auth"].provider,
uid: request.env["omniauth.auth"].uid,
access_code: request.env["omniauth.auth"].credentials.token,
publishable_key: request.env["omniauth.auth"].info.stripe_publishable_key
})
# anything else you need to do in response..
sign_in_and_redirect @user, :event => :authentication
set_flash_message(:notice, :success, :kind => "Stripe") if is_navigational_format?
else
session["devise.stripe_connect_data"] = request.env["omniauth.auth"]
redirect_to new_user_registration_url
end
end
end
在开发中,这工作正常,并将我需要的信息添加到用户进行条带连接,但在生产中我收到此错误。
{
2017-11-07T02:05:05.255495+00:00 app[web.1]: "error": "invalid_grant",
2017-11-07T02:05:05.255496+00:00 app[web.1]: "error_description": "Authorization code provided does not belong to you"
我在生产中设置了实时条纹 api 密钥。我想也许这与设计有关,但我真的不确定。
在我们的例子中,我们无意中使用了来自不同帐户的密钥的客户端 ID,这导致了类似的错误。