How to stop omniauth client_options from being passed to facebook?

Question

My initializer/devise.rb uses:

config.omniauth :facebook, Facebook::APP_ID, Facebook::SECRET, {:scope => Facebook::SCOPE, :client_options => { :ssl => { :ca_file => '/usr/lib/ssl/certs/ca-certificates.crt' }}}

and Generates: https://graph.facebook.com/oauth/authorize?response_type=code&client_id=123&redirect_uri=http%3A%2F%2Flocalhost%3A3000%2Fusers%2Fauth%2Ffacebook%2Fcallback&parse=query&scope=user_about_me%2Cuser_birthday%2Cuser_location%2Cemail&client_options=%7B%3Assl%3D%3E%7B%3Aca_file%3D%3E%22%2Fusr%2Flib%2Fssl%2Fcerts%2Fca-certificates.crt%22%7D%7D

The strategy file facebook.rb for oa-oauth shows this:

  def initialize(app, client_id=nil, client_secret=nil, options = {}, &block)
    client_options = {
      :site => 'https://graph.facebook.com/',
      :token_url => '/oauth/access_token'
    }

    options = {
      :parse => :query
    }.merge(options)

    super(app, :facebook, client_id, client_secret, client_options, options, &block)
  end

Question: It seems like it's not possible to set the :client_options by passing in a value, so why does the omniauth wiki show this code? I don't want this info being passed over the wire if it doesn't need to be and FB just ignores it as unsupported anyway. So is there a way to set the ssl options or is it even needed?

Answer 1

I know this is old, but I googled and this was the first result came up first.

I have a facebook.yml file with my config per env. I was getting this error because I didn't have client_options set up for dev. I solve it by merging in client_options if they weren't nil.

I hope this helps someone else.

FACEBOOK = YAML.load_file("#{::Rails.root}/config/facebook.yml")[::Rails.env]
config.omniauth :facebook, FACEBOOK['app_id'], FACEBOOK['secret'], { scope:FACEBOOK['scope'] }
config.omniauth['scope'].merge(client_options:FACEBOOK['client_options']) if FACEBOOK['client_options']

Answer 2

I ended up just removing the client_options parameter since it seems the config.omniauth initializer wasn't accepting it. That way it doesn't pass the value to facebook.