The omniauth-facebook README mentions how to set it up in an initializer and how to set options like scope per request only. I wonder if it is possible to set app id and app secret per request as well.
Asked
Active
Viewed 2,798 times
11
powerboy
- 10,523
- 20
- 63
- 93
-
I'm wondering why would you want to set app id and app secret per request. There is only one key per app. – Super Engineer Nov 23 '12 at 08:16
-
2What if my site needs to support more than one facebook apps? Think SaaS. – powerboy Nov 23 '12 at 08:26
3 Answers
16
You can do this:
On your omniauth.rb, do this:
Rails.application.config.middleware.use OmniAuth::Builder do
provider :facebook,:setup => true
end
Then on your controller you have to define the following:
def setup
request.env['omniauth.strategy'].options[:client_id] = @site.facebook_key
request.env['omniauth.strategy'].options[:client_secret] = @site.facebook_secret
render :text => "Setup complete.", :status => 404
end
Of course you have to add the associated routes, on your routes.rb.
#Facebook Omniauth routes
match '/auth/facebook/callback' => 'session#authorize_callback'
match '/auth/facebook/setup' => 'session#setup'
Good luck
Regards. Ivan.
Ivangrx
- 445
- 3
- 11
-
So it makes one more request to '/auth/facebook/setup' for each authentication process? And why that `:status => 404`? – powerboy Nov 24 '12 at 04:40
-
-
1I got this to work, but not with Twitter as well... I set up two `setup` methods, but it seems omniauth-twitter doesn't have this same functionality? – Kyle Macey May 28 '13 at 19:54
-
Kyle, I'm not sure if this helps but, in the case of twitter you have to replace the "request.env['omniauth.strategy'].options[:client_id]" to "request.env['omniauth.strategy'].options[:consumer_key]" and the "request.env['omniauth.strategy'].options[:client_secret]" to "request.env['omniauth.strategy'].options[:consumer_secret]". – Ivangrx May 31 '13 at 22:59
5
I use devise (followed this railscast: http://railscasts.com/episodes/235-devise-and-omniauth-revised), but it took me a while to understand how to implement Ivangrx' solution. It turned out to be quite easy. Here's my code:
# /config/initializers/devise.rb
config.omniauth :facebook, setup: true
# routes.rb
devise_scope :user do
#where omniauth_callback is the controller I made when following the Railscast
get "users/auth/facebook/setup" => "omniauth_callbacks#setup"
end
# omniauth_callbacks_controller.rb
def setup
request.env['omniauth.strategy'].options[:client_id] = @site.facebook_id
request.env['omniauth.strategy'].options[:client_secret] = @site.facebook_key
render :text => "Setup complete.", :status => 404
end
Thanks for the help on this one!
Henk
- 59
- 1
- 3
-
Is it possible to use the same setup function to handle multiple strategies (for example: both `facebook` and `google_oauth2`). – Jacob Jun 19 '15 at 05:39
1
If you are using devise you can do this
config.omniauth :facebook, :setup => lambda{
current_app_secret = // Get current domain
current_app_key = // Get config
env['omniauth.strategy'].options[:client_id] = current_app_secret
env['omniauth.strategy'].options[:client_secret] = current_app_key
}
Super Engineer
- 1,966
- 1
- 13
- 21
-
Where to this code? An initializer? What if `current_app_secret` needs to be fetched from database? It looks ugly to have ActiveRecord code in an initializer even if it works. – powerboy Nov 23 '12 at 09:28
-
I think you should be able to override them in application controller also. You can write a before_filter in application_controller. Let me know what happens. – Super Engineer Nov 23 '12 at 10:12
-
Thanks! But actually I am not using devise. My site does not need any feature provided by devise. – powerboy Nov 24 '12 at 04:38
-
It doesn't work for me: /users/auth/facebook redirects me and I get `No route matches [GET] "/oauth/authorize"` – collimarco Feb 09 '14 at 20:19