Search code examples
rubyoauthhttpartyreddit

Ruby - reddit oauth returns 404

I'm trying to get an auth token from reddit using HTTParty. I'm using reddit's script authentication which is explained here.

The curl version from that page looks like this. If I enter my details in this then it works correctly and returns the authentication token. 

curl -X POST -d 'grant_type=password&username=reddit_bot&password=snoo' --user 'p-jcoLKBynTLew:gko_LXELoV07ZBNUXrvWZfzE3aI' https://www.reddit.com/api/v1/access_token

Here is my ruby code with the auth implementation that isn't working.

require 'httparty'
require 'logger'

class Reddit
  include HTTParty
  base_uri 'https://reddit.com'
  logger ::Logger.new("httparty.log"), :debug, :curl

  def initialize(client_id, client_secret, username, password, user_agent)
    @auth = { username: client_id, password: client_secret }
    @username = username
    @password = password
    @user_agent = user_agent
  end

  def authenticate()
    options = { 
      basic_auth: @auth,
      body: { grant_type: 'password', username: @username, password: @password }, 
      headers: { 'User-Agent' => @user_agent }
    }
    self.class.post('/api/v1/access_token', options)
  end
end

Here is my log

D, [2016-07-21T20:21:29.581864 #10739] DEBUG -- : [HTTParty] [2016-07-21 20:21:29 +0100] > POST /api/v1/access_token
[HTTParty] [2016-07-21 20:21:29 +0100] > User-Agent: MY_USER_AGENT
[HTTParty] [2016-07-21 20:21:29 +0100] > grant_type=password&username=MYUSERNAME&password=MYPASSWORD
[HTTParty] [2016-07-21 20:21:29 +0100] > 
[HTTParty] [2016-07-21 20:21:29 +0100] < HTTP/1.1 301
[HTTParty] [2016-07-21 20:21:29 +0100] < Date: Thu, 21 Jul 2016 19:21:29 GMT
[HTTParty] [2016-07-21 20:21:29 +0100] < Transfer-encoding: chunked
[HTTParty] [2016-07-21 20:21:29 +0100] < Connection: close
[HTTParty] [2016-07-21 20:21:29 +0100] < Set-cookie: __cfduid=d1653e1497aa10c1e9b5c9c1e65027f841469128889; expires=Fri, 21-Jul-17 19:21:29 GMT; path=/; domain=.reddit.com; HttpOnly
[HTTParty] [2016-07-21 20:21:29 +0100] < Location: https://www.reddit.com/api/v1/access_token
[HTTParty] [2016-07-21 20:21:29 +0100] < Strict-transport-security: max-age=15552000; includeSubDomains; preload
[HTTParty] [2016-07-21 20:21:29 +0100] < X-content-type-options: nosniff
[HTTParty] [2016-07-21 20:21:29 +0100] < Server: cloudflare-nginx
[HTTParty] [2016-07-21 20:21:29 +0100] < Cf-ray: 2c6104281c703500-LHR
[HTTParty] [2016-07-21 20:21:29 +0100] < 

D, [2016-07-21T20:21:30.930118 #10739] DEBUG -- : [HTTParty] [2016-07-21 20:21:30 +0100] > GET https://www.reddit.com/api/v1/access_token
[HTTParty] [2016-07-21 20:21:30 +0100] > User-Agent: MY_USER_AGENT
[HTTParty] [2016-07-21 20:21:30 +0100] > Cookie: __cfduid=d1653e1497aa10c1e9b5c9c1e65027f841469128889
[HTTParty] [2016-07-21 20:21:30 +0100] > grant_type=password&username=MYUSERNAME&password=MYPASSWORD
[HTTParty] [2016-07-21 20:21:30 +0100] > 
[HTTParty] [2016-07-21 20:21:30 +0100] < HTTP/1.1 404
[HTTParty] [2016-07-21 20:21:30 +0100] < Date: Thu, 21 Jul 2016 19:21:30 GMT
[HTTParty] [2016-07-21 20:21:30 +0100] < Content-type: application/json; charset=UTF-8
[HTTParty] [2016-07-21 20:21:30 +0100] < Content-length: 38
[HTTParty] [2016-07-21 20:21:30 +0100] < Connection: close
[HTTParty] [2016-07-21 20:21:30 +0100] < X-frame-options: SAMEORIGIN
[HTTParty] [2016-07-21 20:21:30 +0100] < X-content-type-options: nosniff
[HTTParty] [2016-07-21 20:21:30 +0100] < X-xss-protection: 1; mode=block
[HTTParty] [2016-07-21 20:21:30 +0100] < X-ua-compatible: IE=edge
[HTTParty] [2016-07-21 20:21:30 +0100] < Access-control-allow-origin: *
[HTTParty] [2016-07-21 20:21:30 +0100] < Access-control-expose-headers: X-Reddit-Tracking, X-Moose
[HTTParty] [2016-07-21 20:21:30 +0100] < X-reddit-tracking: https://pixel.redditmedia.com/pixel/of_destiny.png?v=cPS4SYC7eYS7PUX%2B4OpG5Vd8whFwi9HO%2Btj9EkiJOG%2BX0pPXV71coHXAWrCRqDNvm8svDX3GBsMwOXsOxbGTRaDC%2BRJqtSoM
[HTTParty] [2016-07-21 20:21:30 +0100] < Cache-control: max-age=0, must-revalidate
[HTTParty] [2016-07-21 20:21:30 +0100] < X-moose: majestic
[HTTParty] [2016-07-21 20:21:30 +0100] < Strict-transport-security: max-age=15552000; includeSubDomains; preload
[HTTParty] [2016-07-21 20:21:30 +0100] < Server: cloudflare-nginx
[HTTParty] [2016-07-21 20:21:30 +0100] < Cf-ray: 2c61042b711c3470-LHR
[HTTParty] [2016-07-21 20:21:30 +0100] < 
{"message": "Not Found", "error": 404}
Solution

  • It seems you hit a 301 redirect from https://reddit.com to https://www.reddit.com with the initial request.

    When HTTParty follows the redirect, it does a GET request instead of a POST (as it should).

    Try setting your base_uri to 'https://www.reddit.com' instead.