Ruby on rails OAuth2错误：检测到CSRF_Ruby On Rails_Oauth

Ruby on rails OAuth2错误：检测到CSRF

ruby-on-rails oauth

Ruby on rails OAuth2错误：检测到CSRF,ruby-on-rails,oauth,Ruby On Rails,Oauth,我正在Rails中使用ominauth-google-oauth2 gem。我不能说这是一个错误，但我很难解决它。我已经编写了一个超级简单的Rails程序来验证这个问题。我跟在后面似乎当我尝试登录我的gmail.com帐户时，当我有其他启用google oauth的帐户时，我会遇到以下异常： OmniAuth::Strategies::OAuth2::CallbackError at /auth/google_oauth2/callback csrf_detected | CSRF detec

我正在Rails中使用ominauth-google-oauth2 gem。我不能说这是一个错误，但我很难解决它。我已经编写了一个超级简单的Rails程序来验证这个问题。我跟在后面

似乎当我尝试登录我的gmail.com帐户时，当我有其他启用google oauth的帐户时，我会遇到以下异常：

OmniAuth::Strategies::OAuth2::CallbackError at /auth/google_oauth2/callback
csrf_detected | CSRF detected

以下是堆栈跟踪的顶部：

Started GET "/auth/google_oauth2/callback?state=732fc603c628199503f01781639123426e7fbfa874a36a4a&code=4%2FF2VhN4EQfwYxr5cAmyp5S9sufuFMLP9Rpl-o85zWyyE" for 127.0.0.1 at 2017-10-16 12:01:03 -0400
I, [2017-10-16T12:01:03.814169 #58394]  INFO -- omniauth: (google_oauth2) Callback phase initiated.
E, [2017-10-16T12:01:03.814832 #58394] ERROR -- omniauth: (google_oauth2) Authentication failure! csrf_detected: OmniAuth::Strategies::OAuth2::CallbackError, csrf_detected | CSRF detected
E, [2017-10-16T12:01:03.815656 #58394] ERROR -- omniauth: (google_oauth2) Authentication failure! invalid_credentials: OmniAuth::Strategies::OAuth2::CallbackError, csrf_detected | CSRF detected

OmniAuth::Strategies::OAuth2::CallbackError - csrf_detected | CSRF detected:
  omniauth (1.7.1) lib/omniauth/failure_endpoint.rb:25:in `raise_out!'
  omniauth (1.7.1) lib/omniauth/failure_endpoint.rb:20:in `call'
  omniauth (1.7.1) lib/omniauth/failure_endpoint.rb:12:in `call'
  omniauth (1.7.1) lib/omniauth/strategy.rb:486:in `fail!'
  omniauth-oauth2 (1.4.0) lib/omniauth/strategies/oauth2.rb:71:in `callback_phase'
  omniauth (1.7.1) lib/omniauth/strategy.rb:236:in `callback_call'
  omniauth (1.7.1) lib/omniauth/strategy.rb:188:in `call!'
  omniauth (1.7.1) lib/omniauth/strategy.rb:168:in `call'
  omniauth (1.7.1) lib/omniauth/builder.rb:63:in `call'
  rack (2.0.3) lib/rack/etag.rb:25:in `call'

以下是所有相关的代码片段：

初始化者/omniauth.rb routes.rb views/home/show.html.erb

应用程序\u controller.rb

class ApplicationController


会话\u controller.rb
class sessioncontroller


我使用rails server-P3000运行服务器
我使用
这将显示带有登录按钮的页面，我按下了该按钮
这显示了我所有可能的谷歌登录的列表（我想有4个）
我点击其中一个，得到以下异常：

OmniAuth:：Strategies:：OAuth2:：CallbackError位于/auth/google\u OAuth2/callback
检测到csrf|u |检测到csrf

堆栈跟踪已附加：
您能否仅复制stacktrace中显示到达服务器的请求的行？大概它显示了一个PUT或POST请求，但确认一下会很有帮助。我把它放在了主消息中啊，是的，对不起，你提供的所有信息中都漏掉了。您是否看到了这一潜在原因：
Rails.application.config.middleware.use OmniAuth::Builder do
  provider :google_oauth2,
  "redacted",
  "redacted"
end

get 'login', to: redirect('/auth/google_oauth2'), as: 'login'
get 'logout', to: 'sessions#destroy', as: 'logout'
get 'auth/:provider/callback', to: 'sessions#create'
get 'auth/failure', to: redirect('/')
get 'home', to: 'home#show'
get 'me', to: 'me#show', as: 'me'

<%= link_to "Sign in with Google", "/auth/google_oauth2", id: "sign_in" %>

class ApplicationController < ActionController::Base
  protect_from_forgery with: :exception

  helper_method :current_user

  def authenticate
    redirect_to :login unless user_signed_in?
  end

  def current_user
    @current_user ||= User.find(session[:user_id]) if session[:user_id]
  end

  def user_signed_in?
    # converts current_user to a boolean by negating the negation
    !current_user.nil?
  end
end

class SessionsController < ApplicationController
  def create
    @user = User.find_or_create_from_auth_hash(request.env["omniauth.auth"])
    session[:user_id] = @user.id
    redirect_to :me
  end

  def destroy
    session[:user_id] = nil
    redirect_to root_path
  end
end