Undefined method `[]' for Rack::Request instance with Rack 3.1.7

[adifsgaid]

Please complete all sections.

Configuration

• Provider Gem: omniauth-twitter
• Ruby Version: 3.3.2
• Framework: rails
• Platform:
  • Host OS: macOS Sonoma 14.5
  • Docker Version: 4.32.0
  • Docker Image: [registry.docker.com/library/ruby:3.3.2-slim]
  • Container OS:
    PRETTY_NAME="Debian GNU/Linux 12 (bookworm)"
    NAME="Debian GNU/Linux"
    VERSION_ID="12"
    VERSION="12 (bookworm)"
    VERSION_CODENAME=bookworm
    ID=debian
    HOME_URL="https://www.debian.org/"
    SUPPORT_URL="https://www.debian.org/support"
    BUG_REPORT_URL="https://bugs.debian.org/"

Description

When using OmniAuth 2.1.2 with Rack 3.1.7, we encountered an error during the Twitter OAuth callback phase. The error suggests that there's an incompatibility between OmniAuth and Rack 3.x versions.

Expected Behavior

The OAuth callback should complete successfully, allowing the user to authenticate via Twitter.

Actual Behavior

The callback fails with a NoMethodError, indicating that the [] method is undefined for the Rack::Request instance.

Failing here.

Steps to Reproduce

1. Set up a Rails application with Devise and OmniAuth for Twitter authentication.
2. Configure the Twitter OAuth callback.
3. Attempt to authenticate with Twitter.
4. The authentication process fails during the callback phase.
5. make sure you have the following rack version 3.1.7

Environment

• Rails version: 7.1.3.4
• OmniAuth version: 2.1.2
• omniauth-twitter version: 1.4.0
• Rack version: 3.1.7
• Devise version: 4.9.3

This are the gems I have configured with other providers as well, all seem working fine except for the twitter gem:

• gem 'omniauth', '~> 2.1'
• gem 'omniauth-facebook'
• gem 'omniauth-github'
• gem 'omniauth-google-oauth2'
• gem 'omniauth-microsoft_graph'
• gem 'omniauth-twitter', '~> 1.4.0'
• gem 'omniauth-rails_csrf_protection', '~> 1.0'

Workaround

Downgrading Rack to version 2.2.4 resolves the issue. The authentication process works as expected with this older version of Rack.

Additional Context

This error seems to be related to changes in the Rack API between versions 2.x and 3.x. It appears that OmniAuth is trying to use a method or access data from the Rack::Request object in a way that's no longer supported in Rack 3.x.

Possible Solution

The OmniAuth gem may need to be updated to accommodate the changes in Rack 3.x, particularly in how it interacts with the Rack::Request object during the OAuth callback phase.

Question

Is there a planned update for OmniAuth to support Rack 3.x? If so, is there an estimated timeline for this release?

Thank you for your attention to this issue. Let me know if you need any additional information or if there are any specific tests I can run to help diagnose this problem further.

[BobbyMcWho]

Thank you for the detailed report, I haven't heard of this yet, is it possible since the other providers appear to be working, that this error lives in the omniauth-twitter gem?

[adifsgaid]

I will do an investigation into the omniauth-twitter gem. If the issue is indeed related to this gem, I will open an issue in its repository. Based on the stack trace, I initially suspected the omniauth gem might be the source of the problem. However, I will perform a more in-depth analysis to pinpoint the exact cause. Once I have identified the problematic gem, whether it's omniauth-twitter, omniauth, or another related dependency, I will prepare and submit a pull request with the necessary support and fixes to resolve this issue.

I will nevertheless keep this issue open until the fix, if someone runs in a similar issue, know's how to solve it.

Thanks for the fast reply @BobbyMcWho :)

[adifsgaid]

Hello @BobbyMcWho,

I've identified the source of the issue and have created a pull request with a proposed fix. I'd greatly appreciate your review and feedback. Please feel free to suggest any additions or removals to the PR as you see fit.

You can find the pull request here.

Looking forward to your thoughts on this solution! 😄