does anybody have experience with OmniAuth & Facbeook? I just moved from using a hardcoded app id & secret key in my application, to the ENV['FACEBOOK_APP_ID'] method. I know that these values are correct, since when I try to log in to my app I get the permissions dialog for the correct app, but then when Facebook redirects back to my app in development mode, I get the error "Authentication error: Invalid credentials".
In production, however, everything works fine against the production version of the Facebook app settings.
# initializers/omniauth.rb
Rails.application.config.middleware.use OmniAuth::Builder do
provider :facebook, ENV['FACEBOOK_APP_ID'], ENV['FACEBOOK_APP_SECRET'], :scope => 'email,offline_access,user_work_history'
end
#sessions_controller.rb
class SessionsController < ApplicationController
def new
redirect_to '/auth/facebook'
end
def callback
auth = request.env["omniauth.auth"]
logger.info auth.inspect
user = User.where(:provider => auth['provider'], :uid => auth['uid']).first || User.create_with_omniauth(auth)
session[:user_id] = user.id
session[:token] = auth['credientials']['token']
redirect_to root_url, :notice => "Signed in!"
end
def destroy
session[:user_id] = nil
# current_user = nil
# request.env['omniauth.auth'] = nil
redirect_to root_url, :notice => 'Signed out!'
end
def failure
logger.info request.inspect
redirect_to root_url, :alert => "Authentication error: #{params[:message].humanize}"
end
def auth; request.env['omniauth.auth'] end
end
#user.rb
# Authentication Stuff
class User
include Mongoid::Document
include Mongoid::Timestamps
# ...
def self.create_with_omniauth(auth)
begin
create! do |user|
user.provider = auth['provider']
user.uid = auth['uid']
if auth['info']
user.name = auth['info']['name'] if auth['info']['name'] # Twitter, Google, Yahoo, GitHub
user.email = auth['info']['email'] if auth['info']['email'] # Google, Yahoo, GitHub
end
if auth['extra']['raw_info']
user.name = auth['extra']['raw_info']['name'] if auth['extra']['raw_info']['name'] # Facebook
user.email = auth['extra']['raw_info']['email'] if auth['extra']['raw_info']['email'] # Facebook
user.employer = auth['extra']['raw_info']['work'][0]['employer'] if auth['extra']['raw_info']['work'] # Facebook
end
end
rescue Exception
raise Exception, "cannot create user record"
end
end
end
Then this happens:
Started GET "/auth/facebook" for 127.0.0.1 at 2011-11-26 11:53:38 +0200
Started GET "/auth/facebook/callback?code=AQBapjqIJixqmSxjj-i61WJtJN-ncCBUM_mPyhunqY4esQsaX7wiU794wMSOWT6oRJ0TMl-N5eqNh2MHuap0Oey4i6ef0F8281zQ6V1Vhct3g" for 127.0.0.1 at 2011-11-26 11:53:40 +0200
Started GET "/auth/failure?message=invalid_credentials" for 127.0.0.1 at 2011-11-26 11:53:42 +0200
Processing by SessionsController#failure as HTML
Parameters: {"message"=>"invalid_credentials"}
Redirected to http://localapp.dev/
Completed 302 Found in 1ms
Have any idea what I'm missing? I should stress that the only change that I made before this bug was that instead of having provider :facebook, "XXXXXX", "XXXXXXXXXXXXXXX" in my ombiauth.rb initializer, I made it get those values from ENV
-Avishai
# Gemfile
source 'http://rubygems.org'
gem 'rails', '3.0.9'
gem "airbrake"
gem "bson_ext"
gem "mongoid", ">= 2.0.2"
gem "omniauth", "~> 1.0"
gem "omniauth-facebook"
gem "carrierwave", "0.5.4"
gem 'carrierwave-mongoid', :require => 'carrierwave/mongoid'
gem "geocoder"
gem 'will_paginate'
gem "rmagick"
gem "jquery-rails"
gem "mongoid-history"
gem "mongoid-rating"
gem "flash_cookie_session"
group :development, :test do
gem "ya2yaml"
gem "chronic"
end
