问题标签 [omniauth-facebook]

我正在尝试使用omniauth-facebook gem 对我的Rails 4.0.1 应用程序实施Facebook 身份验证。这是我用来帮助我完成此任务的指南，https://github.com/plataformatec/devise/wiki/OmniAuth:-Overview

我已按照所有说明进行操作，但我收到了 facebook 错误。我认为错误来自处理 facebook omniauth 回调的方法之一。

Facebook 显示的错误是“应用程序未设置：此应用程序的开发人员尚未正确设置此应用程序以进行 Facebook 登录”

omn​​iauth_callbacks_controller.rb

用户.rb

当我第一次完成 OmniAuth 概述页面中的指南时，它起作用了。我用我的个人 Facebook 注册了我的应用程序。我的帐户成功登出。当我开始注册其他 Facebook 帐户时，它坏了，我收到“App Not Setup”错误。

在此先感谢，非常感谢任何帮助。

我在我的 ruby​​ on rails 应用程序中设置了基本的 facebook 身份验证。我遵循了http://railscasts.com/episodes/360-facebook-authentication?view=asciicast教程。

我正在尝试为处理与 Facebook 服务器通信的 session_controller 编写单元规范。这是我的控制器的样子：

我的规格是这样的：

结尾

但是通过这个设置我得到了以下错误
Failure/Error: get :create ActionController::UrlGenerationError: No route matches {:action=>"create", :controller=>"sessions"

我在 routes.rb 文件中添加了以下内容

match '/auth/:provider/callback', to: 'sessions#create', via: [:get]

大佬们有什么解决办法吗？顺便说一句，这真的有必要测试这部分代码吗？因为第三方 gem 开发人员必须注意这一点。

现在才开始考虑身份验证，想知道来自 Intridea 的 Omniauth 与所有单一提供商选项（如 Omniauth-Facebook）之间的区别是什么。

在我看来，如果 Omniauth 允许多个提供者，它也应该允许单个提供者，在这种情况下使用它几乎总是一个更好的选择，因为您永远不知道以后何时要添加另一个提供者，而使用某些东西就像 Omniauth-Facebook 一样，如果您决定稍后添加其他内容，则必须回溯。

I've had a lot of issues trying to get the client-side login to work, so I'm going to take the liberty of referencing a ton of other questions here... none have resulted in an answer that has worked for me.

CONTEXT

• Server-side login works fine
• Client-side login using JS SDK works fine on Safari* (have not tested in Firefox or IE or mobile non-Chrome), but not in Chrome, which is what this question is about (and majority of my users use Chrome so it's super important)
• Gem versions:
  • ruby (2.1.2)
  • rails (4.1.1)
  • oauth (0.4.7)
  • oauth2 (1.0.0)
  • omniauth (1.2.2)
  • omniauth-facebook (2.0.0)
  • omniauth-oauth2 (1.2.0)
• This is for an app in development mode, where as the developer, I am definitely authorized to log in

*By works fine, I mean if you just copied the code from Ryan Bates' RailsCast (http://railscasts.com/episodes/360-facebook-authentication?view=asciicast) it works without any additional anything

TL:DR; I'm passing the following URL which should work...

...but am still getting the error OmniAuth::Strategies::Facebook::NoAuthorizationCodeError (must pass either acodeparameter or a signed request (viasigned_requestparameter or afbsr_XXXcookie)):

TROUBLESHOOTING TO DATE + OVERVIEW OF MANY OTHER ERRORS/ POTENTIAL SOLUTIONS

The code solutions below build on the code from Ryan Bates' RailsCast:

Hurdle #1: Are 3rd party cookies blocked?

Doesn't lead to an error necessarily, just makes it so that you can't connect the app to Facebook.

Connecting your app to Facebook first requires you to be logged in with Facebook because the code FB.login (response) -> window.location = "/auth/facebook/callback" if response.authResponse depends on the validity of authResponse and its contained signedRequest parameter.

If cookies are blocked (i.e., Chrome Settings > Advanced Settings > Privacy > Content Settings > Block Third Party Cookies is CHECKED), you will never get a authResponse object back. This is the question/answer combination here: FB.getLoginStatus always returns status='unknown'. In other words, if you do a FB.getLoginStatus, regardless of how many times you click a Login button, the status will always return back as unknown per the docs: https://developers.facebook.com/docs/reference/javascript/FB.getLoginStatus.

Code Solution so far...: If FB.login returns a response of unknown divert back to server-side login.

Hurdle #2: Are parameters passed appropriately?

If you have third party cookies unblocked, you might then encounter an error:

Despite setting cookie: true in the FB.init, sometimes params are still not passed. As stated in:

• This SO answer (OmniAuth Strategies Facebook NoAuthorizationCodeError (must pass either a `code` parameter or a signed request (via `signed_request` parameter):
• Omniauth-facebook author in the final comment of this Github issue (https://github.com/mkdynamic/omniauth-facebook/issues/110)

...you might need to manually pass in the signed_request parameter. Quick watch-out. Per Facebook docs (https://developers.facebook.com/docs/facebook-login/using-login-with-games), the signedRequest needs to have two components separated by a .. Not sure how, but I have gotten one without the . before. The separation is important, because it's the latter half that is a base64url coded JSON object containing the code information.

Code Solution so far...: Manually append signed_request parameter to callback URL

Hurdle #3: Still nothing... still same error as #2

Maybe just me at this point?

Code Solution so far...: Go super pedantic, parse out the code from the signedRequest and append to callback URL

Hurdle #4: CSRF detected, but not for why you'd think

Now I've moved right into a brick wall. When I run the code as above, I get an error CSRF detected. There are a non-related reason one might get this error:

• You can get this error if your Facebook app is in Dev mode and you are trying to login users live. In this case, FB doesn't allow any non-listed developers to log in. See first answer to this question: Rails + omniauth + facebook - csrf detected

But the problem in my case wasn't the above, it was that the code parameter was presented without a state parameter. Now, there have been answers saying that you can fix this by setting provider_ignores_state: true in the omniauth.rb config file, see second answer to question referenced above, BUT this is not a fix for me. Why? Because 1) I don't like turn things specifically designed to counter CSRF off and 2) it appears the config kicks in only for server-side log-in. Adding it simply didn't do anything for me.

Which means the bigger issue of the #3 solution was that it was trying to combine server-side login approach (takes code and state params) with client-side login approach (takes signed_request param).

Which means I'm back to the original question... how to pass the signed_request so that the client-side login works?

Since I've rambled on this much already, let me point out another error I've seen. This one has answers related to Facebook errors (Dealing with Oauth 2.0-facebook gem error 100: This authorization code has been used), but beyond that, I found something else that could trigger it.

As suggested in this tutorial (https://coderwall.com/p/bsfitw), you match the callback route via both get and post. But when I do this, my logger shows two requests to Facebook, the second obviously being blocked and triggering the error. (Also means that the first request did go through and the user is already authorized/ data is saved, whatever). My solution was to set route as so:

我正在使用回形针在 Amazon S3 上存储图片。如果我通过普通表单上传它可以正常工作，但如果他们通过omniauth注册Facebook，我还想将用户的个人资料图片默认设置为他们的Facebook图片。

它正确设置图片文件大小、名称和所有其他字段。我打电话时它甚至设置了正确的链接

但由于某种原因，图像没有被存储。

同样，如果我使用表单上传，它会很好地上传图片。

我如何尝试从注册链接中解析图像：

我的回形针配置：

我的生产.rb：

Paperclip.rb 初始化器：

我可以通过 Omniauth 获取 Facebook 头像，但我只能调整默认图像的大小，而不是默认为 50 x 50px 的 Facebook 图像。如何将其调整为 38px？

这是我的应用程序助手：

和我的用户类：

我通过 facebook 登录有问题 我使用 mongoid 4.0.0、rails 4.1.5、devise 3.3.0 和 omniauth-facebook 2.0.0

我使用这个例子https://github.com/plataformatec/devise/wiki/OmniAuth%3A-Overview

如果我尝试通过 facebook 登录，它会将我重定向到注册页面

日志文件

omn​​iauth_callbacks_controller.rb

用户.rb

我正在开发Rails 4 application我必须facebook sign up and login使用omniauth-facebook gem.

除了 1 个问题，我成功地完成了它。问题是当我通过 facebook 登录然后成功登录到我的网站时。在新标签中，我打开我已经登录的 facebook。

现在我logout从我的网站。它重定向到login我网站中的屏幕。什么都不做，只是从 Facebook 注销。

现在我尝试使用我网站中的 facebook 登录按钮再次登录。我在哪里出错。

这个错误是因为我们从 facebook 注销，现在尝试从站点再次登录。但是代码已过期，因此会生成此错误。

如果我刷新我的网站然后尝试通过 facebook 登录然后它的工作正常。

现在有什么解决方案或如何处理此错误。

谢谢

我正在使用 Devise 和 omniauth-facebook 为我的网站进行 Facebook 登录。这在 config/initializers/devise.rb 中定义：

对于我的网站，我只需要电子邮件地址。但是，我的 FB 应用程序默认设置了三个登录权限 - 电子邮件、public_profile 和 user_friends。

每当单击登录按钮时，FB 对话框都会显示我的应用“将收到以下信息：您的公开个人资料、朋友列表和电子邮件地址”。我不需要朋友列表，也不想阻止用户登录。

我试图直接操纵网址，但这也不起作用：

再深入一点，我发现omniauth-facebook 中的默认范围是仅在omniauth-facebook/lib/omniauth/strategies/facebook.rb 中定义的电子邮件：

我在这里错过了什么吗？Facebook 是否忽略或覆盖了范围参数？有没有办法更改我的 Facebook 应用程序的默认登录权限？

任何指针将不胜感激。

我知道有很多关于这个问题的话题，但是没有一个建议的修复对我有用，所以我不得不问。所以我正在使用 Omniauth-facebook 2.0.0 和 Omniauth 1.2.0。下面是 Gemfile 的样子：

此外在config/initializers/omniauth.rb

一切都工作在local，但不是production。是的，我已经在生产中检查了App_id和App_secret，它们都很好。我的 Facebook 应用程序有权限public_info（这就是我现在所需要的）。至于 Facebook，当我执行操作时，会返回以下 url：

https://www.noombers.com/auth/failure?message=invalid_credentials&origin=https%3A%2F%2Fwww.noombers.com%2Fen%2Fauthentications&strategy=facebook

请帮忙。我已经为此烦恼太久了。

预先感谢。