In rails omniauth-facebook, it requires a signed_request or a code as
params in auth/facebook/callback?
However, my problem is I can only get AccessToken from react-native fbsdk in app only, I tried using code: accessToken and signed_request: accessToken, but they doesn't seem fit, as I get this error
ERROR -- omniauth: (facebook) Authentication failure! invalid_credentials: OAuth2::Error, {"message"=>"Invalid verification code format.", "type"=>"OAuthException", "code"=>100,
I tried passing access_token: accessToken but it returns
ERROR -- omniauth: (facebook) Authentication failure! no_authorization_code: OmniAuth::Strategies::Facebook::NoAuthorizationCodeError, must pass either a `code` (via URL or by an `fbsr_XXX` signed request cookie)
Any idea how can I get signedRequest or a code from react-native fbsdk? Or how can I use access_token in omniauth-facebook?
Related
I'm trying to implement Facebook Authentication and I'm stuck.
I exactly followed this guide
https://www.crondose.com/2016/12/guide-integrating-omniauth-rails-5-facebook-login-feature/
and get this error
I, [2017-11-07T00:55:47.114884 #12099] INFO -- omniauth: (facebook)
Callback phase initiated. E, [2017-11-07T00:55:47.489634 #12099] ERROR
-- omniauth: (facebook) Authentication failure! invalid_credentials: OAuth2::Error, :
Facebook API Version v2.10
I am using ruby 2.4.0 and Rails 5.1.4
You are likely getting this error because your App ID or App Secret are incorrect. Make sure your initializer has the correct Facebook API credentials:
# config/initializers/devise.rb
config.omniauth :facebook, <your App Id>, <your App Secret>,
callback_url: "http://localhost:3000/users/auth/facebook/callback"
Another Tip: Facebook now requires you to specify the fields you want back from Facebook. In other words, if you want the Facebook user's email address, you need to specifically request it. In the past it was returned by default. You can request fields by using the scope parameter in the Devise configuration.
For example, to request the Facebook user's email and name, do this:
# config/initializers/devise.rb
config.omniauth :facebook, <your App Id>, <your App Secret>,
callback_url: "http://localhost:3000/users/auth/facebook/callback",
scope: 'email,name'
I'm using devise(3.4.1) and omniauth-facebook(4.0.0) (omniauth-oauth2 is at 1.3.1). I've whitelisted my servers on my app. I can sign up from local. But on my staging or production, I keep getting invalid credential error. Logs:
I, [2017-09-23T16:07:41.020163 #28378] INFO -- omniauth: (facebook) Callback phase initiated.
E, [2017-09-23T16:07:41.288616 #28378] ERROR -- omniauth: (facebook) Authentication failure! invalid_credentials: OAuth2::Error, :
{"access_token":"EAAMc0KQg6xYBAI1MeVyW5uP3ox4LArwCRKnrvFRoHJl7LhEx5E1P3vtxHLMSGgdlxLTfGlLnckVJP3XLYeZAus0ZAr6H3IIR0UPwMFFoo9MGocN1bZBiB31M4ZCJNGqd6aze1ZCqLn1yZCCkBgO4m37w8FYmrZAg20ZD","token_type":"bearer","expires_in":5104141}
This happens for both http and https callback urls. I've found one post with the same problem, but the cause there is using older gem (pre-4.0), but I'm already at 4.0. Any help would be much appreciated.
All of a sudden, it got impossible for anyone to login into my website using facebook.
I really don't get it as I didn't change anything on my ends.
I suspected my token would have expired or something like that, but apparently facebook app token don't expire.
Any idea ? Here is what I get back from the omniauth call :
Started GET "/users/auth/facebook/callback?code=AQDE-eQkHGXsonQb9cNONr0dhCH6sDRniGh5bLBT3b52rtzOrPWkNgQWeORECn_aaX9vhIcrQP-4Psa91vPblNdXghzPYaauzp1ljzXBUzFsdD3nbwPzjRi7HbagODS6hLE0rHY3saPxf5JGV4t4it87u3B-FeQ4R4JZFMwGubqgxzRmbimdRiotcBzfloqVGU9c_m4cK48hihhNraCNUvC-eL-mD1wkJ-s1zxRooiBQdoyZbWoniVd53MJJUf17nXTH6CSXq1ba57t_jlTAPZNLIkHrXVWD6UA0YJcakZAM&state=5fad05a6b5c1aa578feaf1bfbc60ae6ab722883e62fddb71" for 127.0.0.1 at 2017-04-09 11:22:49 +0200
(facebook) Callback phase initiated.
(facebook) Authentication failure! invalid_credentials: OAuth2::Error, :
{"access_token":"EAAPhpHRqK0cBAHsTlcFbnkEUlk6cREnOUGN3VebSUfMZAYccJ6UTeMZBfFCXRcf2RJSsQa0c2ZAsIcM595n8TG5wHWtIJPvLjSpmh36Th4WgTThZAvO8eFaHwitKEZD","token_type":"bearer","expires_in":5182389}
Processing by Users::OmniauthCallbacksController#failure as HTML
Parameters: {"code"=>"AQDE-eQkHGXsonQb9cNONr0dhCH6sDReORECn_aaX9vhIcrQP-4Psa91vPblNdXghzPYaauzp1ljzXBUzFsdDlQhhrpL5qSqp9333nbwPzjRi7HbagODS6hLE0rHY3saPxf5JGV4t4it87u3B-FeQ4R4JZFMwGubqgxloqkJs1zxRooiBQdoyZbWoniVd53MJJUf17nXTH6CSXq1ba57t_jlTAPZNLIkHrXVWD6UA0YJcakZAM", "state"=>"5fad05a6b5c1aa52883e62fddb71"}
:
{"access_token":"EAAPhpHRqK0cBUTeMZBfFCXRcf2RJSsQa0c2ZAsIcM59uMakbUTq42b79lq7E5n8TG5wHWtIJPvLjSpmh36Th4WgTThZAvfmpB04q00uP","token_type":"bearer","expires_in":5182389}
Thanks
I'm having issues with getting saving a facebook login into my database. I'm getting the error in my browser.
Could not authenticate you from Facebook because "Invalid credentials".
And this error is in my terminal. Any ideas? I've been browsing for 2 days and it's possible that the facebook api has changed. My only lead is that my app isn't using the client token at all.
And I don't know how to debug where user is nil or not. Any help is appreciated. Thanks.
Started GET "/users/auth/facebook/callback
code=AQCdbZAc0Nk6YS9_YNebSvNzRC9TQwWQbgolxpu2ZtNsxjP9nzECvkDGFQE71gxTTv86_ uc5mhkTzB4FBZinlDEaD0FFakDu3H-V7YmmYy_kcTRjxQTPucD-GnBlAiozDyQ3KLhnXE3nzWbcRsXwF_eFfc4kGUU8ww9Sgds906-w6lFppl4e78iudEfs9d-lhxgP_qa3_oUBfcG2fEiIYkMGYIOQIg_-9PWhgdrh_WT8qFyemN1qtkBuwE173UI-EodfrfGBTZVBBjM-U8n4rqeFX6gqgyNldMMa9gzXRVPuZ7cBEc1okzuQTgTAagz-KMmW0rNXgP81nWCVgqSPsX1O&state=c8957c4caba73271f3ed9a083412aa995afebf1ba2e63f50" for 127.0.0.1 at 2016-02-27 22:11:16 -0800
I, [2016-02-27T22:11:16.190167 #9991] INFO -- omniauth: (facebook) Callback phase initiated.
E, [2016-02-27T22:11:16.350628 #9991] ERROR -- omniauth: (facebook) Authentication failure! invalid_credentials: OAuth2::Error, :
{"error":{"message":"The request is invalid because the app is configured as a desktop app","type":"OAuthException","code":1,"fbtrace_id":"GWdVBeCdl0k"}}
Processing by Devise::OmniauthCallbacksController#failure as HTML
Parameters: {"code"=>"AQCdbZAc0Nk6YS9_YNebSvNzRC9TQwWQbgolxpu2ZtNsxjP9nzECvkDGFQE71gxTTv86_uc5mhkTzB4FBZinlDEaD0FFakDu3H-V7YmmYy_kcTRjxQTPucD-GnBlAiozDyQ3KLhnXE3nzWbcRsXwF_eFfc4kGUU8ww9Sgds906-w6lFppl4e78iudEfs9d-lhxgP_qa3_oUBfcG2fEiIYkMGYIOQIg_-9PWhgdrh_WT8qFyemN1qtkBuwE173UI-EodfrfGBTZVBBjM-U8n4rqeFX6gqgyNldMMa9gzXRVPuZ7cBEc1okzuQTgTAagz-KMmW0rNXgP81nWCVgqSPsX1O", "state"=>"c8957c4caba73271f3ed9a083412aa995afebf1ba2e63f50"}
Redirected to http://localhost:3000/users/sign_in
Completed 302 Found in 211ms (ActiveRecord: 0.0ms)
My guess would be
1. You used improper credentials for facebook developer api
2. The facebook login failed since you entered invalid email id or password.
Whenever I try to authenticate with doorkeeper provider, I always got the following error
invalid_grant: The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client. {"error":"invalid_grant","error_description":"The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client."}
I tried with other doorkeeper clients but still have the same error
Doorkeeper client:
https://github.com/doorkeeper-gem/doorkeeper-devise-client.git
http://dev.mikamai.com/post/112508735689/oauth2-on-rails-the-client-application
Doorkeeper provider:
https://github.com/doorkeeper-gem/doorkeeper-provider-app.git
Though downgrading to gem 'omniauth-oauth2', '~> 1.3.1' is a confirmed to be a solution, in Doorkeeper's Create-a-OmniAuth-strategy-for-your-provider Wiki Page it is mentioned that in your implementation of OmniAuth Strategy for Doorkeeper the following method should be present:
# https://github.com/intridea/omniauth-oauth2/issues/81
def callback_url
full_host + script_name + callback_path
end
There is long discussion in the referred omniauth-oauth2 issue #81
I personally faced the reported error when I was trying to test my Rails 5 Devise-based Doorkeeper Provider by using a Rails 5 Devise-based Client app to allow Provider's users connect their account on my client-app.
In absence of the mentioned method in my OmniAuth::Strategies::Doorkeeper
on front-end Devise OmniauthCallbacksController was flashing message Invalid Credentials and in the client-app server logs following error was seen:
Started GET "/users/auth/doorkeeper" for 127.0.0.1 at 2017-08-22 17:45:02 +0530
I, [2017-08-22T17:45:02.386866 #14535] INFO -- omniauth: (doorkeeper) Request phase initiated.
Started GET "/users/auth/doorkeeper/callback?code=1b833bcc09651f98b0424a7afb1e60bd50fdcc765daf7d499bcefb5554457187&state=c215fd707ecd71c6ad0f6b5e58fa0d2da7210d86946d41e3" for 127.0.0.1 at 2017-08-22 17:45:03 +0530
I, [2017-08-22T17:45:03.506424 #14535] INFO -- omniauth: (doorkeeper) Callback phase initiated.
E, [2017-08-22T17:45:03.523737 #14535] ERROR -- omniauth: (doorkeeper) Authentication failure! invalid_credentials: OAuth2::Error, invalid_grant: The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client.
{"error":"invalid_grant","error_description":"The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client."}
Processing by Users::OmniauthCallbacksController#failure as HTML
Parameters: {"code"=>"1b833bcc09651f98b0424a7afb1e60bd50fdcc765daf7d499bcefb5554457187", "state"=>"c215fd707ecd71c6ad0f6b5e58fa0d2da7210d86946d41e3"}
Redirected to http://localhost:5000/
Completed 302 Found in 0ms (ActiveRecord: 0.0ms)
So adding that method to the strategy can be considered as an alternate solution.
Thanks.
I solved it by downgrading omniauth-oauth2 gem version to 1.3.1 mentioned here - https://github.com/intridea/omniauth-oauth2/issues/81