CSRF Rails Issue

Hi folks, I’ve tried to start a rails application from scratch, and add in the elements from the rails quickstart guide but its failing. I’m not sure whats wrong. I’ve tried multiple approaches and none seem to work - I currently get a 422 error every time I attempt to login via omniauth.

I’ve a copy of the project @ https://github.com/dan-mcm/ultima-api for reference. I dont understand whats wrong.

The stack trace looks like the following, seemingly suggesting some CSRF issue but this makes no sense as the default ruby quickstart app works fine.

Started POST "/auth/auth0" for 172.29.0.1 at 2024-05-27 20:46:01 +0000
D, [2024-05-27T20:46:01.594757 #1] DEBUG -- omniauth: (auth0) Request phase initiated.
E, [2024-05-27T20:46:01.595241 #1] ERROR -- omniauth: (auth0) Authentication failure! ActionController::InvalidAuthenticityToken: ActionController::InvalidAuthenticityToken, ActionController::InvalidAuthenticityToken

ActionController::InvalidAuthenticityToken (ActionController::InvalidAuthenticityToken):

omniauth-rails_csrf_protection (1.0.2) lib/omniauth/rails_csrf_protection/token_verifier.rb:38:in `_call'
omniauth-rails_csrf_protection (1.0.2) lib/omniauth/rails_csrf_protection/token_verifier.rb:31:in `call'
omniauth (2.1.2) lib/omniauth/strategy.rb:240:in `request_call'
omniauth (2.1.2) lib/omniauth/strategy.rb:193:in `call!'
omniauth (2.1.2) lib/omniauth/strategy.rb:169:in `call'
omniauth (2.1.2) lib/omniauth/builder.rb:44:in `call'
rack (3.0.11) lib/rack/tempfile_reaper.rb:20:in `call'
rack (3.0.11) lib/rack/etag.rb:29:in `call'
rack (3.0.11) lib/rack/conditional_get.rb:43:in `call'
rack (3.0.11) lib/rack/head.rb:15:in `call'
actionpack (7.1.3.2) lib/action_dispatch/http/permissions_policy.rb:36:in `call'
actionpack (7.1.3.2) lib/action_dispatch/http/content_security_policy.rb:33:in `call'
rack-session (2.0.0) lib/rack/session/abstract/id.rb:272:in `context'
rack-session (2.0.0) lib/rack/session/abstract/id.rb:266:in `call'
actionpack (7.1.3.2) lib/action_dispatch/middleware/cookies.rb:689:in `call'
activerecord (7.1.3.2) lib/active_record/migration.rb:655:in `call'
actionpack (7.1.3.2) lib/action_dispatch/middleware/callbacks.rb:29:in `block in call'
activesupport (7.1.3.2) lib/active_support/callbacks.rb:101:in `run_callbacks'
actionpack (7.1.3.2) lib/action_dispatch/middleware/callbacks.rb:28:in `call'
actionpack (7.1.3.2) lib/action_dispatch/middleware/executor.rb:14:in `call'
actionpack (7.1.3.2) lib/action_dispatch/middleware/actionable_exceptions.rb:16:in `call'
actionpack (7.1.3.2) lib/action_dispatch/middleware/debug_exceptions.rb:29:in `call'
actionpack (7.1.3.2) lib/action_dispatch/middleware/show_exceptions.rb:31:in `call'
railties (7.1.3.2) lib/rails/rack/logger.rb:37:in `call_app'
railties (7.1.3.2) lib/rails/rack/logger.rb:24:in `block in call'
activesupport (7.1.3.2) lib/active_support/tagged_logging.rb:135:in `block in tagged'
activesupport (7.1.3.2) lib/active_support/tagged_logging.rb:39:in `tagged'
activesupport (7.1.3.2) lib/active_support/tagged_logging.rb:135:in `tagged'
activesupport (7.1.3.2) lib/active_support/broadcast_logger.rb:240:in `method_missing'
railties (7.1.3.2) lib/rails/rack/logger.rb:24:in `call'
sprockets-rails (3.4.2) lib/sprockets/rails/quiet_assets.rb:13:in `call'
actionpack (7.1.3.2) lib/action_dispatch/middleware/remote_ip.rb:92:in `call'
actionpack (7.1.3.2) lib/action_dispatch/middleware/request_id.rb:28:in `call'
rack (3.0.11) lib/rack/method_override.rb:28:in `call'
rack (3.0.11) lib/rack/runtime.rb:24:in `call'
activesupport (7.1.3.2) lib/active_support/cache/strategy/local_cache_middleware.rb:29:in `call'
actionpack (7.1.3.2) lib/action_dispatch/middleware/server_timing.rb:59:in `block in call'
actionpack (7.1.3.2) lib/action_dispatch/middleware/server_timing.rb:24:in `collect_events'
actionpack (7.1.3.2) lib/action_dispatch/middleware/server_timing.rb:58:in `call'
actionpack (7.1.3.2) lib/action_dispatch/middleware/executor.rb:14:in `call'
actionpack (7.1.3.2) lib/action_dispatch/middleware/static.rb:25:in `call'
rack (3.0.11) lib/rack/sendfile.rb:114:in `call'
actionpack (7.1.3.2) lib/action_dispatch/middleware/host_authorization.rb:141:in `call'
railties (7.1.3.2) lib/rails/engine.rb:536:in `call'
puma (6.4.2) lib/puma/configuration.rb:272:in `call'
puma (6.4.2) lib/puma/request.rb:100:in `block in handle_request'
puma (6.4.2) lib/puma/thread_pool.rb:378:in `with_force_shutdown'
puma (6.4.2) lib/puma/request.rb:99:in `handle_request'
puma (6.4.2) lib/puma/server.rb:464:in `process_client'
puma (6.4.2) lib/puma/server.rb:245:in `block in run'
puma (6.4.2) lib/puma/thread_pool.rb:155:in `block in spawn_thread'
^C%

Any help appreciated. Getting really frustrated trying to work with Auth0’s omniauth.