General
	Request URL: http://localhost:3000/forest/authentication
	Referrer Policy: no-referrer-when-downgrade

Request Headers
	Provisional headers are shown
	Content-Type: application/json; charset=utf-8
	DNT: 1
	Referer: http://app.forestadmin.com/socktest/Development/Operations/data/ActiveStorage__Attachment/index
	User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 7_1_2 like Mac OS X) AppleWebKit/537.51.2 (KHTML, like Gecko) Version/7.0 Mobile/11D257 Safari/9537.53
	{renderingId: "84657"}
	renderingId: "84657"

General
	Request URL: http://localhost:3000/forest/authentication
	Request Method: OPTIONS
	Status Code: 404 Not Found
	Remote Address: [::1]:3000
	Referrer Policy: no-referrer-when-downgrade

Response Headers
	Content-Length: 33
	Content-Type: text/plain
	X-Cascade: pass
	Accept: */*
	Accept-Encoding: gzip, deflate, br
	Accept-Language: en-US,en;q=0.9
	Access-Control-Request-Headers: content-type
	Access-Control-Request-Method: POST
	Connection: keep-alive
	Host: localhost:3000
	Origin: http://app.forestadmin.com
	Referer: http://app.forestadmin.com/socktest/Development/Operations/data/ActiveStorage__Attachment/index
	Sec-Fetch-Dest: empty
	Sec-Fetch-Mode: cors
	Sec-Fetch-Site: cross-site
	User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 7_1_2 like Mac OS X) AppleWebKit/537.51.2 (KHTML, like Gecko) Version/7.0 Mobile/11D257 Safari/9537.53

########

View Source

Request URL: http://localhost:3000/forest/authentication
Referrer Policy: no-referrer-when-downgrade
Provisional headers are shown
Content-Type: application/json; charset=utf-8
DNT: 1
Referer: http://app.forestadmin.com/socktest/Development/Operations/data/ActiveStorage__Attachment/index
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 7_1_2 like Mac OS X) AppleWebKit/537.51.2 (KHTML, like Gecko) Version/7.0 Mobile/11D257 Safari/9537.53
{"renderingId":"84657"}

View Source

Request URL: http://localhost:3000/forest/authentication
Request Method: OPTIONS
Status Code: 404 Not Found
Remote Address: [::1]:3000
Referrer Policy: no-referrer-when-downgrade
HTTP/1.1 404 Not Found
Content-Type: text/plain
X-Cascade: pass
Content-Length: 33
OPTIONS /forest/authentication HTTP/1.1
Host: localhost:3000
Connection: keep-alive
Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://app.forestadmin.com
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 7_1_2 like Mac OS X) AppleWebKit/537.51.2 (KHTML, like Gecko) Version/7.0 Mobile/11D257 Safari/9537.53
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Sec-Fetch-Dest: empty
Referer: http://app.forestadmin.com/socktest/Development/Operations/data/ActiveStorage__Attachment/index
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Ok, so the problem is that the request OPTIONS http://localhost:3000/forest/authentication gets a 404 on your instance. So I guess there is a problem with your cors configuration.

This call should return a 204 with some specific headers to authorize the call to the route /forest/authentication.

Can you share with us the code that is supposed to handle the CORS on your instance?

OK, I will try.
Thanks for all your help so far, I really appreciate it!

This is in initializers/cors.rb

Rails.application.config.middleware.insert_before 0, Rack::Cors do
  allow do
    origins '*'
    resource '*', headers: :any, methods: [:get, :post, :patch, :put]
  end
end

and this in config/application.rb, based on Forest Admin docs

# For Rails 5, use the class Rack::Cors. For Rails 4, you MUST use the string 'Rack::Cors'.
    config.middleware.insert_before 0, Rack::Cors do
      allow do
        origins 'app.forestadmin.com'
        resource '*', headers: :any, methods: :any,
        expose: ['Content-Disposition'],
        credentials: true
      end
    end

Not sure if this is relevant, but we use a subdirectory on our rails app: http://localhost:3000/portal/ The site is not accessible via http://localhost:3000. Wondering if that makes a difference, because in secrets.yml I have this:
forest_application_url: http://localhost:3000
I tried changing that to forest_application_url: http://localhost:3000/portal but it made no difference.

Sorry, I was unable to post for three hours (new user)

Hello,

Can you try to set explicit domain names as stated in the docs for the parameter origin? I’m not sure that wildcards are supported for this parameter.

I tried

null_regex = Regexp.new(/\Anull\z/)

Rails.application.config.middleware.insert_before 0, Rack::Cors do
  allow do
    origins [null_regex, 'app.forestadmin.com']
    resource '*',
              headers: :any,
              methods: :any,
              expose: ['Content-Disposition'],
              credentials: true
  end
end

AND

ForestLiana.application_url = ENV.fetch('SAYDUCK_API_URL')

It works now

Ok, great, thanks for sharing it with us

Good morning,

I tried @sayduck-daniel approach but still no luck.

in config/application.rb

    null_regex = Regexp.new(/\Anull\z/)

    config.middleware.insert_before 0, Rack::Cors do
      allow do
        origins [null_regex, 'app.forestadmin.com']
        resource '*', headers: :any, methods: :any,
        expose: ['Content-Disposition'],
        credentials: true
      end
    end

but still getting CORS failures (CORS Failed, CORS Missing Allow Origin, NS_ERROR_DOM_BAD_URI)

I can provide network request and response headers and body if it helps.

forest_admin_2021-03-08_11307×646 95.2 KB

Hello @muz,

Can you share the response to the request just above, OPTIONS https://[...]/callback[...]? The problem comes from the response of this request, that does not allow the browser to continue further with the real GET request.

By the way, as this query is actually the second one in the process, it seems that your CORS are correctly authorizing calls from the origin app.forestadmin.com, but not from the origin null.

During the authentication process, there are 2 queries:

• GET /forest/authentication with the origin `app.forestadmin.com``
• GET /forest/authentication/callback with the origin null (because it comes from a redirection).

As it seems that your authentication fails on the second call, it seems you have an issue with this specific value null.

Could you please copy the request & response headers from this OPTION request in order to validate this?

This one?

scheme
	http
host
	localhost:3000
filename
	/forest/authentication/callback
code
	Edy3xzgGGyv6QslLd3_kO0h5YKb1BXU4pmw8Aw7MWbl
state
	{"renderingId"=>84629}
Address
	127.0.0.1:3000
Status404
Not Found
VersionHTTP/1.1
Transferred89 B (0 B size)
Referrer Policyno-referrer-when-downgrade

	
Content-Length
	42
Content-Type
	text/plain
X-Cascade
	pass
	
Accept
	*/*
Accept-Encoding
	gzip, deflate
Accept-Language
	en-US,en;q=0.5
Access-Control-Request-Headers
	content-type
Access-Control-Request-Method
	GET
Connection
	keep-alive
DNT
	1
Host
	localhost:3000
Origin
	http://app.forestadmin.com
Referer
	http://app.forestadmin.com/[PROJECT_NAME]/Development/Operations/data/ActiveStorage__Attachment/index
Sec-GPC
	1
User-Agent
	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:86.0) Gecko/20100101 Firefox/86.0

The application url in the forest initializer is what solved it for me. Hope it helps

Ok, after a screen sharing session, we found that:

• The backend of your project needs to be called with a prefix in the url /portal/forest/
• The authentication needs returns an invalid callback url /forest/authentication/callback instead of /portal/forest/authentication/callback

We could reproduce the issue on our side, and we’re investigating it.

Hello @muz,

We released forest-rails version 6.0.4 that should fix your issue with the application_url not correctly being applied to generate authentication urls.

Can you test to upgrade? You will need to define the variable forest_application_url=http://localhost:3000/portal and it should work.

Good morning @GuillaumeGautreau

It worked! I really can’t thank you enough, you guys are awesome!

@sayduck-daniel thanks for your help too.

Hello,

I have the same problem, but those solutions didn’t worked for me. I don’t really know if i have to create a new topic about this or speak here, sorry if it’s the right move !

I just updated to v6 so i followed the guide Upgrade to v6 - Documentation

When i’m trying to access locally to the admin, here is what i get =>

Capture d’écran 2021-04-15 à 16.09.562514×1066 422 KB

Capture d’écran 2021-04-15 à 16.11.021652×954 98.6 KB

The callback url :
( http://localhost:3000/forest/authentication/callback?code=zxa-tS6vsz1c4vpDApQiYQLbSJkHBmSpzxBOAJ68J1hBns2hdse5QtO-r_pZ2kJq&state={"renderingId"%3D>88545} )
http://localhost:3000 being my application_url

My forest_liana.rb initializer :

ForestLiana.env_secret = Rails.application.secrets.forest_env_secret
ForestLiana.auth_secret = Rails.application.secrets.forest_auth_secret
ForestLiana.application_url = Rails.application.secrets.forest_application_url

My secrets.yml :

development:
  forest_env_secret: <%= ENV["FOREST_ENV_SECRET"] %>
  forest_auth_secret: <%= ENV["FOREST_AUTH_SECRET"] %>
  forest_application_url: <%= ENV["APPLICATION_URL"] %>

My cors :

null_regex = Regexp.new(/\Anull\z/)

    config.middleware.insert_before 0, Rack::Cors do
      allow do
        hostnames = [null_regex, 'localhost:4200', 'app.forestadmin.com', 'localhost:3001']
        hostnames += ENV['CORS_ORIGINS'].split(',') if ENV['CORS_ORIGINS']

        origins hostnames
        resource '*',
                 headers: :any,
                 methods: :any,
                 expose: %w[pages_count Content-Disposition],
                 credentials: true
      end
    end

Thank you in advance for your time and response !
Feel free to tell me if i need to create a new topic or if u need more informations !

Joé

Hi @Joe_Marc,

Thanks for the detailed description.

This bug is caused by an undefined FOREST_AUTH_SECRET.

I think you have some troubles with your environment variables. Are you sure the variables are defined (at the OS level) ?

I hope this will help.

Best regards,
Morgan PERRE

Hi @morganperre ,

Thanks for your quick answer, apparently it wasn’t the one for this project…

So it worked

Best regards,

Joé