Ruby on Rails OAuth2 Endless Refreshing, never redirects back to application

BrettL475
Rookie
0 Votes

Hello,

 

I'm looking to enable users to Login with Constant Contact to our Rails application, using the Omniauth-ConstantContact2 gem with Devise.  

 

We initialize the providers as devise requires, including scope for constant contact:

 

    config.omniauth :google_oauth2, ENV['GOOGLE_CLIENT'], ENV['GOOGLE_SECRET']
		if ENV['HUBSPOT_CLIENT_ID']
    	config.omniauth :hubspot, ENV['HUBSPOT_CLIENT_ID'], ENV['HUBSPOT_SECRET_ID'], scope: 'contacts timeline'
		end
    if ENV['CC_KEY']
    	config.omniauth :constantcontact, ENV['CC_KEY'], ENV['CC_SECRET'], scope: 'contact_data'
		end

 

When we hit the authentication URL: http://localhost:3000/users/auth/constantcontact

 

The URL we are then taken to is: https://login.constantcontact.com/login/?goto=https://oauth2.constantcontact.com/oauth2/oauth/login?...

 

Upon entering username and password, the page simply ends up refreshing. It looks like the authorization succeeds, and then immediately logs the user out and refreshes the page. Here are the network requests:

 

BrettL475_0-1631566522647.png

 

The redirect URI should be http://localhost:3000/users/auth/callback/constantcontact, but we are never taken back there.

 

We currently have Google, Slack, and HubSpot OAuth all working in this same way and cannot figure out what we are doing wrong here. 

 

Our API and secret keys are setup, the redirect URIs are listed in the application, we are passing a simple contact_data scope as shown in the code sample above. We never receive a "invalid redirect uri" or similar error, the page simply always refreshes. This happens in all browsers.

 

What can we do to enable oauth authentication within our Rails app? Happy to provide any information needed!

 

 

 

 
 
 

 

1 REPLY 1
Courtney_E
Moderator
0 Votes

Hello BrettL475,

 

Thank you for reaching out to Constant Contact API Developer Support. My team is here to assist outside software developers with questions about building into Constant Contact's API.

 

The 3rd party code library that you are using appears to have been built for our legacy V2 API, whereas it looks like you are attempting authentication using a V3 API key, which is not cross-compatible.

 

Within the README file of the "Omniauth-ConstantContact2" link you provided, if you scroll down under the usage section, it states:
“You will have to put in your consumer key and secret, which you can find at http://community.constantcontact.com/t5/Documentation/API-Keys/ba-p/25015” However, the post is from 10 years ago, and the referenced link has since been updated to direct to our newest V3 API.

 

To generate a legacy V2 API key, please use the instructions in the link below:

 

How to generate an API Key and Access Token:
https://community.constantcontact.com/t5/Community-News/How-to-generate-an-API-Key-and-Access-Token/...

 

Please let us know if you have any other questions! You can also reach our team directly via email at webservices@constantcontact.com 


Regards,

Courtney E.
Tier II API Support Engineer

Did I answer your question?
If so, please mark my post as an "Accepted Solution" by clicking the Accept as Solution button in the bottom right hand corner of this post.
Resources
Developer Portal

View API documentation, code samples, get your API key.

Visit Page

Announcements

API Updates

Join our list to be notified of new features and updates to our V3 API.

Sign Up

Polls
How confident are you about the effectiveness of your current marketing strategy?

Top Choice: Not confident at all (63%)