Reputation: 1771
Rails 3.2 with Omniauth-Facebook - Scope for Permissions issue
I've followed Railscast 360 to setup Omniauth-Facebook authentication for my Rails app. The authentication works well, but i'm driving myself crazy trying to pass the scope request for additional permissions. I know they are available as I can manually typed the scope request into the url. I have tried everything and exhausted all google searches.
As suggested in the Railscast comments I have downgraded my Omniauth-Facebook gem to 1.4.0 which to my understanding means the scope cannot be passed as a hash from the Omniauth initializer but instead via the javascript. Neither work for me, but unlike the comments i'm running coffee script as per the Railscast, i've tried various placements for scope in this but either get errors or incomplete results....i.e. just email, no user_events etc.
I realise there's no code here, but it's exactly as per the railscast.
Can anyone who's also followed the same Railscast offer any advise on either fixing the issue with 1.4.1 so I can pass the scope hash from the initializer OR how to correctly pass it when running 1.4.0.
Massive thanks in advance!
UPDATE: I'm kind of getting somewhere! But it's not quite right. Any pointers would be really appreciated.
In my Omniauth initializer I have:
Rails.application.config.middleware.use OmniAuth::Builder do
provider :facebook, 'app_id', 'secret_id', {:scope => 'user_birthday,user_events,email'}
end
(With real ids inserted!)
I can then seem to make the correct request by placing the word scope into FB.Init within the coffeescript:
jQuery ->
$('body').prepend('<div id="fb-root"></div>')
$.ajax
url: "#{window.location.protocol}//connect.facebook.net/en_US/all.js"
dataType: 'script'
cache: true
window.fbAsyncInit = ->
FB.init(appId: 'app_id', cookie: true, scope)
$('#sign_in').click (e) ->
e.preventDefault()
FB.login (response) ->
window.location = "/auth/facebook/callback" if response.authResponse
$('#sign_out').click (e) ->
FB.getLoginStatus (response) ->
FB.logout() if response.authResponse
true
(Again with real appid inserted above)
However, this stops the popup working so i'm pretty sure i've placed scope incorrectly. The other examples I have seen place it in FB.login but my attempts to place there have either thrown errors or simply do not work.
Help! :)
Upvotes: 2
Views: 1664
Answers (1)
Reputation: 1771
Managed to solve this. It was the coffeescript that was throwing me. The try coffeescript tool at http://coffeescript.org/ was very helpful.
The correct placement of scope is as follows:
$('#sign_in').click (e) ->
e.preventDefault()
FB.login ((response) ->
window.location = '/auth/facebook/callback' if response.authResponse), scope: "email,user_events,user_location,user_birthday"
Hope this helps some others.
Upvotes: 8
Related Questions
- Rails OmniAuth NoMethodError with Facebook
- ERROR -- omniauth: (facebook) Authentication failure
- OmniAuth NoAuthorizationCodeError
- Authentication failure: omniauth
- Facebook Authorization with OmniAuth
- omniauth-facebook issues "Invalid_Credentials"
- Rails - OmniAuth-Facebook throwing NoSessionError
- Error when I try to authenticate through Facebook with omniauth
- Facebook asking for extended permissions (but should not)
- rails omniauth facebook extended permission