All geek questions in one place

Broken FB-omniauth after package upgrade, invalid credentials

Oauth data does not get into the action of the controller. I can’t understand what happened. There is another auth provider in this controller, and it works well, the kernel is exactly the same.

devise  3.5.10 
rails 4.2.4

devise.rb
config.omniauth :facebook, Figaro.env.fb_app_id, Figaro.env.fb_app_secret, callback_url: 'https://chotam.ru/users/auth/facebook/callback',
                  scope: 'email, publish_actions'

class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController

def facebook
    logger.error "fb here" # IT NO OUTPUT HERE ON REQUEST!!!
    logger.error(request.env['omniauth.auth'])
    result = User.find_for_facebook_oauth(request.env["omniauth.auth"], current_user)
    @user = result[:user]
    status = result[:status]
    if @user
      token = request.env["omniauth.auth"]["credentials"]["token"]
      @user.account.update_attribute(:fb_token, token)
      if status[:redirect] == 'added' || status[:redirect] == 'existed'
        flash[status[:key]] = status[:value]
        render 'devise/registrations/edit'
      else
        flash[status[:key]] = status[:value]
        sign_in_and_redirect @user, event: :authentication
      end
    else
      flash[status[:key]] = status[:value]
      redirect_to new_user_registration_url
    end
  end

UPDATE Using the logger, I see the following:

E, [2017-03-28T23:46:41.255481 #21494] ERROR -- : (facebook) Authentication failure! invalid_credentials: OAuth2::Error, :
{"access_token":"real_token","token_type":"bearer"$

How to find what is wrong? And I also found that users can no longer change their passwords.

+4
source share
2 answers

Ok ... found a way without updating the gem.

You can add the following to your config/initializers/devise.rbfile in the line config.omniauth:

client_options: {
  site: "https://graph.facebook.com/v2.3",
  authorize_url: "https://www.facebook.com/v2.3/dialog/oauth"
},
token_params: {
  parse: :json
}

YMMV , :

config.omniauth :facebook, ENV["FACEBOOK_KEY"], ENV["FACEBOOK_SECRET"],
    scope: 'email',
    secure_image_url: true,
    auth_type: 'https',
    info_fields: 'email,name,first_name,last_name',
    client_options: {
        site: "https://graph.facebook.com/v2.3",
        authorize_url: "https://www.facebook.com/v2.3/dialog/oauth"
    },
    token_params: {
        parse: :json
    }

, , json ( URL- ), , , api.

+4

. facebook-omniauth. ? omniauth-facebook gem, Facebook API.

, - omniauth-facebook

+1

Source: https://habr.com/ru/post/1673396/

More articles:


All Articles