问题
I am getting a error:
OmniAuth::Strategies::Facebook::NoAuthorizationCodeError (must pass either a
`code` parameter or a signed request (via `signed_request` parameter or a
`fbsr_XXX` cookie)):
Its not coming all the time. Its coming once in a while, notified by airbrake.
There are lot of links for this on google search but not able to find out a proper solution.. Anyone? omniauth.rb under initializers directory:
OmniAuth.config.logger = Rails.logger
Rails.application.config.middleware.use OmniAuth::Builder do
provider :facebook, ENV['FACEBOOK_KEY'], ENV['FACEBOOK_SECRET'], {:client_options => {:ssl => {:ca_path => "/etc/ssl/certs"}}, :scope => 'user_about_me,email,publish_actions,user_location,publish_stream,offline_access,user_interests,user_likes,user_hometown', :display => 'popup'}
OmniAuth.config.on_failure = Proc.new do |env|
#this will invoke the omniauth_failure action in SessionsController.
"SessionsController".constantize.action(:omniauth_failure).call(env)
end
end
PS: I am using facebook javascript sdk with facebook-omniauth
回答1:
I recently encountered this error when also using the FB JS SDK with omniauth-facebook. I fixed it by sending the signed_request parameter with the GET as shown below:
$(document).bind("fb.loaded", function() {
FB.getLoginStatus(function(response) {
console.log('FB STATUS: ' + response.status);
if(response.status == "connected") {
console.log("FB AUTHED");
location.href =
'/auth/facebook/callback?' +
$.param({ signed_request: response.authResponse.signedRequest })
});
}
});
});
The scenario occurs when a user visits your site when already logged into FB but not your site. One often needs to sign the subsequent request to the omniauth callback:
Request URL:
http://localhost:3000/auth/facebook/callback?signed_request=QXZa2TPs8JiSgSAQkrS7Y7ObPZQDYLcU_JNvD6Wru_o.eyJhbGdvcml0aG0iOiJITUFDLVNIQTI1NiIsImNvZGUiOiJBUURjQXdZUdVOMEFmd1RCbjRDQWp4eHpKcWRoRllOS1owLVZpa2pKTUQxSU1UbHJzbmEyMVNUUUtOLWl6b1dJOXJVRWUyWTBNd3ViZ1JxcmZJQmVMRDNOREI2M1EwREtqVzJCeVxTU2ZMR1foWlVwOEVlX0dMVUtwYUlqcWlaQ2FSc1h5c0NBNHdyZDBxbk4taU1haWp2cVFIX19QdUhxaldFcUtYZDc1LS1oZmptcTg4QVVuemVJdDJ4S2VOd3VPZG9vOGtaQkZlZmctZ2FDMk9CNl8wZ24iLCJpc3N1ZWRfYXQiOjEzNTg5NzQ4NzMsInVzZXJfaWQiOiIxMDYwMTg4NyJ9`
If using AJAX, you would need something like this:
$.get(
'/auth/facebook/callback',
{ signed_request: response.authResponse.signedRequest },
function(json) {
alert("received logged in response");
});
回答2:
When you get the error
You will get this error if your app is in sandbox mode and you try to log in using real users which are not listed in the Developer Roles for your application . Once you create test users and use those instead, it will work.
You will also get this error in the opposite situation: you try to log in to your production app while being logged into facebook as a test user. You will get that error, and in my url I also get very clear information:
error_code=2102&error_message=User+is+not+a+test+user+owned+by+the+application
How to create test users
To create test users, click on Edit settings > Developer Roles in your application configuration at developers.facebook.com and click create on the Test users section. After creating the user, set the password clicking on Set Password and note down its facebook id which you can visualize when clicking modify. Then use those credentials to login to your app in sandbox mode.
回答3:
Just solved this same issue in my code by updating gems to:
gem "omniauth", "~> 1.1.1"
gem "omniauth-facebook", "~> 1.4.1"
That was really the crux of it. But in case you need it, my routes.rb setting:
match "/auth/failure" => redirect("/")
My omniauth.rb is
OmniAuth.config.on_failure = Proc.new { |env|
OmniAuth::FailureEndpoint.new(env).redirect_to_failure
}
回答4:
I got the same error. I tried above solution but it didn't work for me. So I disable the sandbox mode and then it worked as I expected.
回答5:
Facebook has updated there API to v.2.0 which causes fb login errors to this. The solution is to have a Privacy policy page and put that link on the privay policy link under App Details in facebook developers site.
回答6:
Not setting cookie: true in FB.init will cause this problem.
来源:https://stackoverflow.com/questions/12370056/omniauth-strategies-facebook-noauthorizationcodeerror-must-pass-either-a-code