535A2 535A2 - 4 months ago 28
Ruby Question

Ruby - reddit oauth returns 404

I'm trying to get an auth token from reddit using HTTParty. I'm using reddit's script authentication which is explained here.

The curl version from that page looks like this. If I enter my details in this then it works correctly and returns the authentication token.

curl -X POST -d 'grant_type=password&username=reddit_bot&password=snoo' --user 'p-jcoLKBynTLew:gko_LXELoV07ZBNUXrvWZfzE3aI' https://www.reddit.com/api/v1/access_token


Here is my ruby code with the auth implementation that isn't working.

require 'httparty'
require 'logger'

class Reddit
include HTTParty
base_uri 'https://reddit.com'
logger ::Logger.new("httparty.log"), :debug, :curl

def initialize(client_id, client_secret, username, password, user_agent)
@auth = { username: client_id, password: client_secret }
@username = username
@password = password
@user_agent = user_agent
end

def authenticate()
options = {
basic_auth: @auth,
body: { grant_type: 'password', username: @username, password: @password },
headers: { 'User-Agent' => @user_agent }
}
self.class.post('/api/v1/access_token', options)
end
end


Here is my log

D, [2016-07-21T20:21:29.581864 #10739] DEBUG -- : [HTTParty] [2016-07-21 20:21:29 +0100] > POST /api/v1/access_token
[HTTParty] [2016-07-21 20:21:29 +0100] > User-Agent: MY_USER_AGENT
[HTTParty] [2016-07-21 20:21:29 +0100] > grant_type=password&username=MYUSERNAME&password=MYPASSWORD
[HTTParty] [2016-07-21 20:21:29 +0100] >
[HTTParty] [2016-07-21 20:21:29 +0100] < HTTP/1.1 301
[HTTParty] [2016-07-21 20:21:29 +0100] < Date: Thu, 21 Jul 2016 19:21:29 GMT
[HTTParty] [2016-07-21 20:21:29 +0100] < Transfer-encoding: chunked
[HTTParty] [2016-07-21 20:21:29 +0100] < Connection: close
[HTTParty] [2016-07-21 20:21:29 +0100] < Set-cookie: __cfduid=d1653e1497aa10c1e9b5c9c1e65027f841469128889; expires=Fri, 21-Jul-17 19:21:29 GMT; path=/; domain=.reddit.com; HttpOnly
[HTTParty] [2016-07-21 20:21:29 +0100] < Location: https://www.reddit.com/api/v1/access_token
[HTTParty] [2016-07-21 20:21:29 +0100] < Strict-transport-security: max-age=15552000; includeSubDomains; preload
[HTTParty] [2016-07-21 20:21:29 +0100] < X-content-type-options: nosniff
[HTTParty] [2016-07-21 20:21:29 +0100] < Server: cloudflare-nginx
[HTTParty] [2016-07-21 20:21:29 +0100] < Cf-ray: 2c6104281c703500-LHR
[HTTParty] [2016-07-21 20:21:29 +0100] <

D, [2016-07-21T20:21:30.930118 #10739] DEBUG -- : [HTTParty] [2016-07-21 20:21:30 +0100] > GET https://www.reddit.com/api/v1/access_token
[HTTParty] [2016-07-21 20:21:30 +0100] > User-Agent: MY_USER_AGENT
[HTTParty] [2016-07-21 20:21:30 +0100] > Cookie: __cfduid=d1653e1497aa10c1e9b5c9c1e65027f841469128889
[HTTParty] [2016-07-21 20:21:30 +0100] > grant_type=password&username=MYUSERNAME&password=MYPASSWORD
[HTTParty] [2016-07-21 20:21:30 +0100] >
[HTTParty] [2016-07-21 20:21:30 +0100] < HTTP/1.1 404
[HTTParty] [2016-07-21 20:21:30 +0100] < Date: Thu, 21 Jul 2016 19:21:30 GMT
[HTTParty] [2016-07-21 20:21:30 +0100] < Content-type: application/json; charset=UTF-8
[HTTParty] [2016-07-21 20:21:30 +0100] < Content-length: 38
[HTTParty] [2016-07-21 20:21:30 +0100] < Connection: close
[HTTParty] [2016-07-21 20:21:30 +0100] < X-frame-options: SAMEORIGIN
[HTTParty] [2016-07-21 20:21:30 +0100] < X-content-type-options: nosniff
[HTTParty] [2016-07-21 20:21:30 +0100] < X-xss-protection: 1; mode=block
[HTTParty] [2016-07-21 20:21:30 +0100] < X-ua-compatible: IE=edge
[HTTParty] [2016-07-21 20:21:30 +0100] < Access-control-allow-origin: *
[HTTParty] [2016-07-21 20:21:30 +0100] < Access-control-expose-headers: X-Reddit-Tracking, X-Moose
[HTTParty] [2016-07-21 20:21:30 +0100] < X-reddit-tracking: https://pixel.redditmedia.com/pixel/of_destiny.png?v=cPS4SYC7eYS7PUX%2B4OpG5Vd8whFwi9HO%2Btj9EkiJOG%2BX0pPXV71coHXAWrCRqDNvm8svDX3GBsMwOXsOxbGTRaDC%2BRJqtSoM
[HTTParty] [2016-07-21 20:21:30 +0100] < Cache-control: max-age=0, must-revalidate
[HTTParty] [2016-07-21 20:21:30 +0100] < X-moose: majestic
[HTTParty] [2016-07-21 20:21:30 +0100] < Strict-transport-security: max-age=15552000; includeSubDomains; preload
[HTTParty] [2016-07-21 20:21:30 +0100] < Server: cloudflare-nginx
[HTTParty] [2016-07-21 20:21:30 +0100] < Cf-ray: 2c61042b711c3470-LHR
[HTTParty] [2016-07-21 20:21:30 +0100] <
{"message": "Not Found", "error": 404}

Answer

It seems you hit a 301 redirect from https://reddit.com to https://www.reddit.com with the initial request.

When HTTParty follows the redirect, it does a GET request instead of a POST (as it should).

Try setting your base_uri to 'https://www.reddit.com' instead.

Comments