Omniauth-facebook keeps reporting invalid_credentials

Question

I am trying to implement omniauth-facebook as described in Railscast #360 and have run into quite a roadblock. When I click on the signin link, I get the desired popup aski

Answer 1

It seems like omniauth-facebook v1.4.1 introduced an issue with CSRF. A temporary fix is to just roll back to v1.4.0. In your Gemfile, change the omniauth-facebook line to:

gem 'omniauth-facebook', '1.4.0'

I've reported the issue: https://github.com/mkdynamic/omniauth-facebook/issues/73