问题
I am using node, express and passport with facebook authentication.
I have the following routes (when /facebook/auth/callback is the callback url):
function render(page, req, res) {
var user = null;
if (req.user) {
user = req.user.toObject();
user.isLoggedIn = true;
}
res.render(page, { user: user });
}
app.get('/auth-failure', function (req, res) {
res.render('auth-failure');
});
app.get('/auth-success', function (req, res) {
render('auth-success', req, res);
});
app.get('/facebook/auth', passport.authenticate('facebook', { scope: [ 'email', 'user_about_me', 'publish_actions']}));
app.get('/facebook/auth/callback', passport.authenticate('facebook', { failureRedirect: '/auth-failure', successRedirect: '/auth-success' }));
When the authentication succeeded I got the page auth-success view as I expected. But when the authentication failed and facebook returns to:
http://localhost:3000/facebook/auth/callback?error_code=2102&error_message=User+is+not+a+test+user+owned+by+the+application#=
I don't get the auth-failure view! Instead, firefox returns me the page:
When running in chrome, I get the message:
I try to check things and I replace the failure router to:
app.get('/facebook/auth/callback', function (req, res) {
res.redirect('/auth-failure');
});
And this rendered the auth-failure view successfully.
What is the problem with the passport.js facebook failure authentication?
Why does it returns me that error page?
Regarding to @Matt Bakaitis comment:
Here is me serialize and deserialize functions:
// serialize sessions
passport.serializeUser(function(user, done) {
done(null, user.id);
});
passport.deserializeUser(function(id, done) {
User.findOne({ _id: id }, function (err, user) {
done(err, user);
});
});
回答1:
I believe it is because you are using a custom callback and need to provide a res object like....
app.get('/facebook/auth/callback', function(req, res, next) {
passport.authenticate('facebook',..............
回答2:
I would fire up Fiddler to see what exactly is sent over the wire.
回答3:
Doing more research, because I also use passport.js to integrate with a facebook (and others), it looks like this might already be an open issue reported for the passport-oauth (which passport-facebook uses).
The person logging the problem had a workaround for the error check on line 98 of the oauth2 code :
app.get('/auth/facebook', passport.authenticate('facebook'));
app.get('/auth/facebook/callback',
, function(req, res, next) {
if (req.query && !req.query.error && req.query.error_code) {
req.query.error = true;
}
next();
}
, passport.authenticate('facebook', { failureRedirect: '/auth-failure', successRedirect: '/auth-success' }
);
For good measure, it's also a good idea to double-check your settings on Facebook and that your localhost is listed in the right location(s). Also, check to be sure that everything matches perfectly in Node.js. I had issues with passport-twitter when I made a typo in my configuration strings that was very hard to catch as it didn't throw an error in Node.js but caused my auth to fail in a difficult way to catch. Here are a few links with people who had the same error_message as you and they seem to indicate facebook-side configuration issues:
- redirect_uri is not owned by the application
- Facebook login, redirect_uri is not owned by the application. why?
- facebook oauth api login problems
来源:https://stackoverflow.com/questions/16861903/passport-authentication-failure-leads-to-redirect-loop