omniauth-facebook callback methods causes Facebook App Not Setup error

Question

I'm trying to implement Facebook authentication to my Rails 4.0.1 application using the omniauth-facebook gem. This is the guide I'm using to help me accomplish this, https://github.com/plataformatec/devise/wiki/OmniAuth:-Overview

I've followed all the instructions and I'm getting a facebook error. I think the error is coming from one of the methods that handles the facebook omniauth callback.

The error being shown by Facebook is "App Not Setup: The developers of this app have not set up this app properly for Facebook Login"

omniauth_callbacks_controller.rb

class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController

def facebook     
  @user = User.find_for_facebook_oauth(request.env["omniauth.auth"], current_user) 

  if @user.persisted?       
    sign_in_and_redirect @user, :event => :authentication #this will throw if @user is not activated
    set_flash_message(:notice, :success, :kind => "Facebook") if is_navigational_format?
  else
    session["devise.facebook_data"] = request.env["omniauth.auth"]
    redirect_to new_user_registration_url
  end
end

end

user.rb

class User < ActiveRecord::Base
# Include default devise modules. Others available are:
# :lockable, :timeoutable and :omniauthable
devise :database_authenticatable, :registerable,
     :recoverable, :rememberable, :trackable, :validatable, :confirmable,
     :omniauthable, :omniauth_providers => [:facebook]

def self.new_with_session(params, session)
   super.tap do |user|
      if data = session["devise.facebook_data"] && session["devise.facebook_data"]["extra"]["raw_info"]
        user.email = data["email"] if user.email.blank?
      end
    end
 end

def self.from_omniauth(auth)
  where(provider: auth.provider, uid: auth.uid).first_or_create do |user|
    user.email = auth.info.email
    user.password = Devise.friendly_token[0,20]
    user.profile_name = auth.info.name   # assuming the user model has a name
  end
end


def self.find_for_facebook_oauth(auth, signed_in_resource=nil)
  user = User.where(:provider => auth.provider, :uid => auth.uid).first
  if user
    return user
  else
    registered_user = User.where(:email => auth.info.email).first
    if registered_user
      return registered_user
    else
      user = User.create(profile_name:auth.extra.raw_info.name,
                        provider:auth.provider,
                        uid:auth.uid,
                        email:auth.info.email,
                        password:Devise.friendly_token[0,20],
                      )
    end  
  end
end

end

When I first finished the guide from the OmniAuth Overview page, it worked. I registered for my application with my personal Facebook. My account successfully logs in an out. When I started registering other Facebook accounts, it broke and I got the "App Not Setup" error.

Thanks in advance, any help is much appreciated.

Answer 1

We ran into the same problem and found the answer here:

"When testing your apps, place them into Development Mode. This hides your app entirely from all users who you have not authorized in the App Dashboard to see the app, for the roles described below. Please note that when your app is in Development Mode, you cannot call any API calls on behalf of users who cannot see your app." Facebook App Security Guidelines

Solution is to add the other accounts you want to test with as administrators, developers or testers by going to the facebook developers panel and adding them in the Roles section.