We initialize the providers as devise requires, including scope for constant contact:
config.omniauth :google_oauth2, ENV['GOOGLE_CLIENT'], ENV['GOOGLE_SECRET'] if ENV['HUBSPOT_CLIENT_ID'] config.omniauth :hubspot, ENV['HUBSPOT_CLIENT_ID'], ENV['HUBSPOT_SECRET_ID'], scope: 'contacts timeline' end if ENV['CC_KEY'] config.omniauth :constantcontact, ENV['CC_KEY'], ENV['CC_SECRET'], scope: 'contact_data' end
When we hit the authentication URL: http://localhost:3000/users/auth/constantcontact
The URL we are then taken to is: https://login.constantcontact.com/login/?goto=https://oauth2.constantcontact.com/oauth2/oauth/login?...
Upon entering username and password, the page simply ends up refreshing. It looks like the authorization succeeds, and then immediately logs the user out and refreshes the page. Here are the network requests:
The redirect URI should be http://localhost:3000/users/auth/callback/constantcontact, but we are never taken back there.
We currently have Google, Slack, and HubSpot OAuth all working in this same way and cannot figure out what we are doing wrong here.
Our API and secret keys are setup, the redirect URIs are listed in the application, we are passing a simple contact_data scope as shown in the code sample above. We never receive a "invalid redirect uri" or similar error, the page simply always refreshes. This happens in all browsers.
What can we do to enable oauth authentication within our Rails app? Happy to provide any information needed!
Thank you for reaching out to Constant Contact API Developer Support. My team is here to assist outside software developers with questions about building into Constant Contact's API.
The 3rd party code library that you are using appears to have been built for our legacy V2 API, whereas it looks like you are attempting authentication using a V3 API key, which is not cross-compatible.
Within the README file of the "Omniauth-ConstantContact2" link you provided, if you scroll down under the usage section, it states:
“You will have to put in your consumer key and secret, which you can find at http://community.constantcontact.com/t5/Documentation/API-Keys/ba-p/25015” However, the post is from 10 years ago, and the referenced link has since been updated to direct to our newest V3 API.
To generate a legacy V2 API key, please use the instructions in the link below:
How to generate an API Key and Access Token:
Please let us know if you have any other questions! You can also reach our team directly via email at firstname.lastname@example.org