3

I have a rails app with two separate types of users (call them A and B). Right now they can both sign in with facebook. However, I need B to be able to oauth with some extended permissions, and I DO NOT want A to give me the extended permissions.

Inside config/initializers/devise.rb 

config.omniauth :facebook, "API_KEY", "API_SECRET", :client_options => {:ssl => {:ca_path => '  /path/to/my/ssl/stuff'}}

I know I can add 

:scope => "extended_permissions"

But I only want the extended permissions to happen when B users sign up.

Since this is in an initializer is this even possible? Or can I somehow config.omniauth elsewhere in the app and keep devise happy?

mcclaskc
  • 167
  • 8
  • You can take a look to this: http://stackoverflow.com/questions/13524919/use-omniauth-facebook-when-app-id-and-app-secret-are-different-for-each-request/13528277#13528277 and set dynamically the app id, the app secret and the options per request – Ivangrx Feb 26 '13 at 22:20
  • Check the gem's [github](https://github.com/mkdynamic/omniauth-facebook#per-request-options). – Ashitaka Feb 26 '13 at 23:22

1 Answers1

1

It's clearly explained in the documentation

If you want to set the display format, auth_type, or scope on a per-request basis, you can just pass it to the OmniAuth request phase URL, for example: /auth/facebook?display=popup or /auth/facebook?scope=email.

source: https://github.com/mkdynamic/omniauth-facebook#per-request-options

Mike Szyndel
  • 10,461
  • 10
  • 47
  • 63