ruby omniauth facebook stopped working all of a sudden - ruby-on-rails

All of a sudden, it got impossible for anyone to login into my website using facebook.
I really don't get it as I didn't change anything on my ends.
I suspected my token would have expired or something like that, but apparently facebook app token don't expire.
Any idea ? Here is what I get back from the omniauth call :
Started GET "/users/auth/facebook/callback?code=AQDE-eQkHGXsonQb9cNONr0dhCH6sDRniGh5bLBT3b52rtzOrPWkNgQWeORECn_aaX9vhIcrQP-4Psa91vPblNdXghzPYaauzp1ljzXBUzFsdD3nbwPzjRi7HbagODS6hLE0rHY3saPxf5JGV4t4it87u3B-FeQ4R4JZFMwGubqgxzRmbimdRiotcBzfloqVGU9c_m4cK48hihhNraCNUvC-eL-mD1wkJ-s1zxRooiBQdoyZbWoniVd53MJJUf17nXTH6CSXq1ba57t_jlTAPZNLIkHrXVWD6UA0YJcakZAM&state=5fad05a6b5c1aa578feaf1bfbc60ae6ab722883e62fddb71" for 127.0.0.1 at 2017-04-09 11:22:49 +0200
(facebook) Callback phase initiated.
(facebook) Authentication failure! invalid_credentials: OAuth2::Error, :
{"access_token":"EAAPhpHRqK0cBAHsTlcFbnkEUlk6cREnOUGN3VebSUfMZAYccJ6UTeMZBfFCXRcf2RJSsQa0c2ZAsIcM595n8TG5wHWtIJPvLjSpmh36Th4WgTThZAvO8eFaHwitKEZD","token_type":"bearer","expires_in":5182389}
Processing by Users::OmniauthCallbacksController#failure as HTML
Parameters: {"code"=>"AQDE-eQkHGXsonQb9cNONr0dhCH6sDReORECn_aaX9vhIcrQP-4Psa91vPblNdXghzPYaauzp1ljzXBUzFsdDlQhhrpL5qSqp9333nbwPzjRi7HbagODS6hLE0rHY3saPxf5JGV4t4it87u3B-FeQ4R4JZFMwGubqgxloqkJs1zxRooiBQdoyZbWoniVd53MJJUf17nXTH6CSXq1ba57t_jlTAPZNLIkHrXVWD6UA0YJcakZAM", "state"=>"5fad05a6b5c1aa52883e62fddb71"}
:
{"access_token":"EAAPhpHRqK0cBUTeMZBfFCXRcf2RJSsQa0c2ZAsIcM59uMakbUTq42b79lq7E5n8TG5wHWtIJPvLjSpmh36Th4WgTThZAvfmpB04q00uP","token_type":"bearer","expires_in":5182389}
Thanks

Related

Could not authenticate you from GoogleOauth2, Devise. Rails 6

I trying to authenticate with Google and Devise Gem
at the final stage, I receive a flash message: Could not authenticate you from Google because user#gmail.com is not authorized. Therefore, I cannot log in
logs:
DEBUG -- omniauth: (google_oauth2) Request phase initiated.
Started GET "/users/auth/google_oauth2/callback?state=bfcb81a9dc331af478dcd5ccb3dda620894b0e577d1fabe8&code=4%2F0AX4XfWifE4F2PzgdO28g5GSMPg28WltztgoSpJHfM-CsQl8oplhFAKix-WJZAf9LRREIHw&scope=email+openid+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fcontacts.readonly+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email&authuser=0&prompt=none" for ::1 at 2021-07-23 11:59:55 +0300
D, [2021-07-23T11:59:55.042930 #13482] DEBUG -- omniauth: (google_oauth2) Callback phase initiated.
Processing by Users::OmniauthCallbacksController#google_oauth2 as HTML
Parameters: {"state"=>"bfcb81a9dc331af478dcd5ccb3dda620894b0e577d1fabe8", "code"=>"4/0AX4XfWifE4F2PzgdO28g5GSMPg28WltztgoSpJHfM-CsQl8oplhFAKix-WJZAf9LRREIHw", "scope"=>"email openid https://www.googleapis.com/auth/contacts.readonly https://www.googleapis.com/auth/userinfo.email", "authuser"=>"0", "prompt"=>"none"}
Redirected to http://localhost:3000/users/sign_in
image
It looks like you might need to create Google authorization credentials for your app. Take a look at https://developers.google.com/identity/sign-in/web/sign-in#create_authorization_credentials.

React-native FBSDK with rails omniauth-facebook

In rails omniauth-facebook, it requires a signed_request or a code as
params in auth/facebook/callback?
However, my problem is I can only get AccessToken from react-native fbsdk in app only, I tried using code: accessToken and signed_request: accessToken, but they doesn't seem fit, as I get this error
ERROR -- omniauth: (facebook) Authentication failure! invalid_credentials: OAuth2::Error, {"message"=>"Invalid verification code format.", "type"=>"OAuthException", "code"=>100,
I tried passing access_token: accessToken but it returns
ERROR -- omniauth: (facebook) Authentication failure! no_authorization_code: OmniAuth::Strategies::Facebook::NoAuthorizationCodeError, must pass either a `code` (via URL or by an `fbsr_XXX` signed request cookie)
Any idea how can I get signedRequest or a code from react-native fbsdk? Or how can I use access_token in omniauth-facebook?

facebook omniauth login invalid_credentials

I'm using devise(3.4.1) and omniauth-facebook(4.0.0) (omniauth-oauth2 is at 1.3.1). I've whitelisted my servers on my app. I can sign up from local. But on my staging or production, I keep getting invalid credential error. Logs:
I, [2017-09-23T16:07:41.020163 #28378] INFO -- omniauth: (facebook) Callback phase initiated.
E, [2017-09-23T16:07:41.288616 #28378] ERROR -- omniauth: (facebook) Authentication failure! invalid_credentials: OAuth2::Error, :
{"access_token":"EAAMc0KQg6xYBAI1MeVyW5uP3ox4LArwCRKnrvFRoHJl7LhEx5E1P3vtxHLMSGgdlxLTfGlLnckVJP3XLYeZAus0ZAr6H3IIR0UPwMFFoo9MGocN1bZBiB31M4ZCJNGqd6aze1ZCqLn1yZCCkBgO4m37w8FYmrZAg20ZD","token_type":"bearer","expires_in":5104141}
This happens for both http and https callback urls. I've found one post with the same problem, but the cause there is using older gem (pre-4.0), but I'm already at 4.0. Any help would be much appreciated.

Rails Devise Omniauth Facebook Client Token

I'm having issues with getting saving a facebook login into my database. I'm getting the error in my browser.
Could not authenticate you from Facebook because "Invalid credentials".
And this error is in my terminal. Any ideas? I've been browsing for 2 days and it's possible that the facebook api has changed. My only lead is that my app isn't using the client token at all.
And I don't know how to debug where user is nil or not. Any help is appreciated. Thanks.
Started GET "/users/auth/facebook/callback
code=AQCdbZAc0Nk6YS9_YNebSvNzRC9TQwWQbgolxpu2ZtNsxjP9nzECvkDGFQE71gxTTv86_ uc5mhkTzB4FBZinlDEaD0FFakDu3H-V7YmmYy_kcTRjxQTPucD-GnBlAiozDyQ3KLhnXE3nzWbcRsXwF_eFfc4kGUU8ww9Sgds906-w6lFppl4e78iudEfs9d-lhxgP_qa3_oUBfcG2fEiIYkMGYIOQIg_-9PWhgdrh_WT8qFyemN1qtkBuwE173UI-EodfrfGBTZVBBjM-U8n4rqeFX6gqgyNldMMa9gzXRVPuZ7cBEc1okzuQTgTAagz-KMmW0rNXgP81nWCVgqSPsX1O&state=c8957c4caba73271f3ed9a083412aa995afebf1ba2e63f50" for 127.0.0.1 at 2016-02-27 22:11:16 -0800
I, [2016-02-27T22:11:16.190167 #9991] INFO -- omniauth: (facebook) Callback phase initiated.
E, [2016-02-27T22:11:16.350628 #9991] ERROR -- omniauth: (facebook) Authentication failure! invalid_credentials: OAuth2::Error, :
{"error":{"message":"The request is invalid because the app is configured as a desktop app","type":"OAuthException","code":1,"fbtrace_id":"GWdVBeCdl0k"}}
Processing by Devise::OmniauthCallbacksController#failure as HTML
Parameters: {"code"=>"AQCdbZAc0Nk6YS9_YNebSvNzRC9TQwWQbgolxpu2ZtNsxjP9nzECvkDGFQE71gxTTv86_uc5mhkTzB4FBZinlDEaD0FFakDu3H-V7YmmYy_kcTRjxQTPucD-GnBlAiozDyQ3KLhnXE3nzWbcRsXwF_eFfc4kGUU8ww9Sgds906-w6lFppl4e78iudEfs9d-lhxgP_qa3_oUBfcG2fEiIYkMGYIOQIg_-9PWhgdrh_WT8qFyemN1qtkBuwE173UI-EodfrfGBTZVBBjM-U8n4rqeFX6gqgyNldMMa9gzXRVPuZ7cBEc1okzuQTgTAagz-KMmW0rNXgP81nWCVgqSPsX1O", "state"=>"c8957c4caba73271f3ed9a083412aa995afebf1ba2e63f50"}
Redirected to http://localhost:3000/users/sign_in
Completed 302 Found in 211ms (ActiveRecord: 0.0ms)
My guess would be
1. You used improper credentials for facebook developer api
2. The facebook login failed since you entered invalid email id or password.

OAuth2::Error with doorkeeper

Whenever I try to authenticate with doorkeeper provider, I always got the following error
invalid_grant: The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client. {"error":"invalid_grant","error_description":"The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client."}
I tried with other doorkeeper clients but still have the same error
Doorkeeper client:
https://github.com/doorkeeper-gem/doorkeeper-devise-client.git
http://dev.mikamai.com/post/112508735689/oauth2-on-rails-the-client-application
Doorkeeper provider:
https://github.com/doorkeeper-gem/doorkeeper-provider-app.git
Though downgrading to gem 'omniauth-oauth2', '~> 1.3.1' is a confirmed to be a solution, in Doorkeeper's Create-a-OmniAuth-strategy-for-your-provider Wiki Page it is mentioned that in your implementation of OmniAuth Strategy for Doorkeeper the following method should be present:
# https://github.com/intridea/omniauth-oauth2/issues/81
def callback_url
full_host + script_name + callback_path
end
There is long discussion in the referred omniauth-oauth2 issue #81
I personally faced the reported error when I was trying to test my Rails 5 Devise-based Doorkeeper Provider by using a Rails 5 Devise-based Client app to allow Provider's users connect their account on my client-app.
In absence of the mentioned method in my OmniAuth::Strategies::Doorkeeper
on front-end Devise OmniauthCallbacksController was flashing message Invalid Credentials and in the client-app server logs following error was seen:
Started GET "/users/auth/doorkeeper" for 127.0.0.1 at 2017-08-22 17:45:02 +0530
I, [2017-08-22T17:45:02.386866 #14535] INFO -- omniauth: (doorkeeper) Request phase initiated.
Started GET "/users/auth/doorkeeper/callback?code=1b833bcc09651f98b0424a7afb1e60bd50fdcc765daf7d499bcefb5554457187&state=c215fd707ecd71c6ad0f6b5e58fa0d2da7210d86946d41e3" for 127.0.0.1 at 2017-08-22 17:45:03 +0530
I, [2017-08-22T17:45:03.506424 #14535] INFO -- omniauth: (doorkeeper) Callback phase initiated.
E, [2017-08-22T17:45:03.523737 #14535] ERROR -- omniauth: (doorkeeper) Authentication failure! invalid_credentials: OAuth2::Error, invalid_grant: The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client.
{"error":"invalid_grant","error_description":"The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client."}
Processing by Users::OmniauthCallbacksController#failure as HTML
Parameters: {"code"=>"1b833bcc09651f98b0424a7afb1e60bd50fdcc765daf7d499bcefb5554457187", "state"=>"c215fd707ecd71c6ad0f6b5e58fa0d2da7210d86946d41e3"}
Redirected to http://localhost:5000/
Completed 302 Found in 0ms (ActiveRecord: 0.0ms)
So adding that method to the strategy can be considered as an alternate solution.
Thanks.
I solved it by downgrading omniauth-oauth2 gem version to 1.3.1 mentioned here - https://github.com/intridea/omniauth-oauth2/issues/81

Resources