I have set this in the initializer
Rails.application.config.middleware.use OmniAuth::Builder do
provider :facebook , 'app' , 'secret' , {:scope => "manage_pages"}
end
And I have saved the token in User model after the callback.
How do I use the token to request for https://graph.facebook.com/${current_user.uid}/accounts?
With the Facebook ID you can query the Facebook Graph. Have a look at fb_graph gem: https://github.com/nov/fb_graph, it is a Facebook API wrapper.
Related
I'm trying to get my access token in OAuth2 so that I can access the Google Calendar API. Everywhere I look it says that i'm supposed to pass in a 'grant_type' that is equal to refresh_token but I keep getting the error
"undefined local variable or method `refresh_token' for # Did you mean? real_csrf_token"
So somewhere a long the line my 'refresh_token' is not being set. Please
events_controller.rb
auth = Signet::OAuth2::Client.new(
access_type: 'offline',
token_credential_uri: 'https://accounts.google.com/o/oauth2/token',
client_id: ENV['GOOGLE_CLIENT_ID'],
client_secret: ENV['GOOGLE_SECRET_KEY'],
grant_type: refresh_token
)
auth.fetch_access_token!
Also, I have an omniauth initializer file, which is where I believe i'm missing my opportunity to grab the access token and refresh token.
config/initializers/omniauth.rb
Rails.application.config.middleware.use OmniAuth::Builder do
provider :google_oauth2, ENV['GOOGLE_CLIENT_ID'], ENV['GOOGLE_SECRET_KEY'],
{
scope: ['https://www.googleapis.com/auth/calendar', 'https://www.googleapis.com/auth/plus.login'],
skip_jwt: true
}
end
Any help is appreciated!
The documentation is telling you to pass a grant_type of 'refresh_token'. That's a string.
In my omniauth.rb
OmniAuth.config.logger = Rails.logger
Rails.application.config.middleware.use OmniAuth::Builder do
provider :facebook, Rails.application.secrets[:facebook_app_id], Rails.application.secrets[:facebook_secret], :scope => 'email,public_profile', :display => 'popup', :info_fields => 'email,public_profile'
end
Client side, javascript:
return FB.login(function(response) {
if (response.authResponse) {
return window.location = '/auth/facebook/callback;
}
}, {scope: 'email,public_profile'});
as per the FB API docs.
When the FB popup opens to ask for permissions, it correctly asks for email and public_profile. I hit OK and this is what request.env['omniauth.auth] provides me with only:
{"provider":"facebook","uid":"XXXXXXX","info":{"name":"XXXXXXX
XXXXXXX","image":"http://graph.facebook.com/XXXXXXX/picture"},"credentials":{"token":"XXXXXXX","expires_at":1444467600,"expires":true},"extra":{"raw_info":{"name":"XXXXXXX
XXXXXXX","id":"XXXXXXX"}}}
I see neither the email address nor any public info except the full name and the profile picture.
I have no clue what I'm doing wrong as I follow exactly the guidelines of the omniauth-facebook gem here: https://github.com/mkdynamic/omniauth-facebook and also the FB developer docs.
Any hints?
You are on the right path just need to update the info fields with the fields you want to pull from facebook, public_profile won't work
Rails.application.config.middleware.use OmniAuth::Builder do
provider :facebook, Rails.application.secrets[:facebook_app_id], Rails.application.secrets[:facebook_secret], :scope => 'email', :display => 'popup', :info_fields => 'email,first_name,last_name'
end
Devise.rb
require "omniauth-facebook"
# CREDENTIALS_CONFIG = YAML.load_file("#{Rails.root}/config/omniauth.yml")[Rails.env].symbolize_keys
# config.omniauth :facebook, ENV['FACEBOOK_KEY'], ENV['FACEBOOK_SECRET'], :strategy_class => OmniAuth::Strategies::Facebook, :image_size => 'large'
Rails.application.config.middleware.use OmniAuth::Builder do
if Rails.env == 'production'
provider :facebook, 'sample_key', 'sample_key'
elsif ['staging', 'development'].include? Rails.env
provider :facebook, 'key_sampl', 'key_sdfjkhd',
:scope => 'email', :info_fields => 'email'
end
end
After Login with facebook receiving this hash:
({ extra"=>{"raw_info"=>{"id"=>"846548425", "name"=>"Rakesh PD"}}, "info"=>{"image"=>"http://graph.facebook.com/846548425430988/picture (2KB)
", "name"=>"Rakesh PD"}, "provider"=>"facebook", "uid"=>"846548425"} )
Not receiving logined users email first name, last name, mobile but the account contain all the informations (email first name, last name, mobile etc)
I would recommend you to create a html/js text file for you to understand how Facebook's javascript API works.
It will be quick for you to understand the raw data sent by Facebook after the log-in. In particular the restrictions to the data will be easy to spot.
The response to the omnialth-facebook gem is the same as (or very close to it) the one from the javascript SDK.
So if the javascript SDK responce produces the account parameters you need, omnialth-facebook gem would be able to retrieve it as well. Mind that if the vanilla javascript response does not have all the parameters you need, you will probably have to adjust your facebook app.
After some round of experiments I believe you will be able to adjust your facebook app or perform the necessary changes in your rails app
First, the context: I'm writing a little web app to do some custom Google Analytics reporting for me.
In my Gemfile:
gem 'omniauth'
gem 'omniauth-google-oauth2'
In my config/initializers/omniauth.rb:
Rails.application.config.middleware.use OmniAuth::Builder do
provider :google_oauth2, ENV["GOOGLE_KEY"], ENV["GOOGLE_SECRET"]
{
:scope => "userinfo.email,userinfo.profile,analytics.readonly",
:approval_prompt => "auto"
}
end
When I get to the auth screen on google, it's only asking me for userinfo.email and userinfo.profile permissions, and nothing for analytics.readonly.
Looking at the URL when I'm auth'ing, I can see that it's only requesting the first two permissions. If I manually add the analytics permission, it grants the correct permissions. So, I've narrowed the issue down to
How I'm passing scope to the omniauth-google-oauth2 strategy, or
How the strategy is handling/ignoring the scope hash.
Also, I have double-checked that the Analytics API is turned on for my OAuth keys in the Google API Console.
Poorly formatted code, I was missing a comma after ENV["GOOGLE_SECRET"]. Below is the fixed code.
Rails.application.config.middleware.use OmniAuth::Builder do
provider :google_oauth2, ENV["GOOGLE_KEY"], ENV["GOOGLE_SECRET"],
{
:scope => "userinfo.email,userinfo.profile,analytics.readonly",
:approval_prompt => "auto"
}
end
after i added an application in twitter when i request for an authentication in twitter (/auth/twitter) i get these error message
http://localhost:3000/auth/failure?message=invalid_credentials
Routing Error
No route matches "/auth/failure"
how can i add a valid credential or is there any ssl certificate that must be included in requesting for twitter auth??
my facebook authentication just works fine after i added a parameter ssl certificate that looks like this
Rails.application.config.middleware.use OmniAuth::Builder do
provider :facebook,'xxx', 'xx', { :scope => 'publish_stream,offline_access,email',:client_options => { :ssl =>{ :ca_path => "/etc/ssl/certs" } }}
provider :twitter, 'xx','xxx' #,{ :client_options => { :ssl =>{ :ca_path => "/etc/ssl/certs" } }}
end
i've same problem with you, it happen because oauth_token in twitter login only valid on once request. May be your application trying to refresh when authentication to twitter.
when i've problem like you, my apps trying to refresh the webpage with
window.opener.location = "#{request.fullpath}";
Until now i'couldn't find how to popup a window when login using twitter. I'm using omniauth and rails 3.0.3. Thanks
This is all you need
site url http://localhost:3000/