【发布时间】:2025-12-11 06:40:01
【问题描述】:
有人使用过 OmniAuth 和 Facbeook 吗?我刚刚从在我的应用程序中使用硬编码的应用程序 ID 和密钥转移到 ENV['FACEBOOK_APP_ID'] 方法。我知道这些值是正确的,因为当我尝试登录我的应用程序时,我得到了正确应用程序的权限对话框,但是当 Facebook 在开发模式下重定向回我的应用程序时,我收到错误“身份验证错误:无效凭据”。
然而,在生产中,一切都与 Facebook 应用设置的生产版本相匹配。
# initializers/omniauth.rb
Rails.application.config.middleware.use OmniAuth::Builder do
provider :facebook, ENV['FACEBOOK_APP_ID'], ENV['FACEBOOK_APP_SECRET'], :scope => 'email,offline_access,user_work_history'
end
#sessions_controller.rb
class SessionsController < ApplicationController
def new
redirect_to '/auth/facebook'
end
def callback
auth = request.env["omniauth.auth"]
logger.info auth.inspect
user = User.where(:provider => auth['provider'], :uid => auth['uid']).first || User.create_with_omniauth(auth)
session[:user_id] = user.id
session[:token] = auth['credientials']['token']
redirect_to root_url, :notice => "Signed in!"
end
def destroy
session[:user_id] = nil
# current_user = nil
# request.env['omniauth.auth'] = nil
redirect_to root_url, :notice => 'Signed out!'
end
def failure
logger.info request.inspect
redirect_to root_url, :alert => "Authentication error: #{params[:message].humanize}"
end
def auth; request.env['omniauth.auth'] end
end
#user.rb
# Authentication Stuff
class User
include Mongoid::Document
include Mongoid::Timestamps
# ...
def self.create_with_omniauth(auth)
begin
create! do |user|
user.provider = auth['provider']
user.uid = auth['uid']
if auth['info']
user.name = auth['info']['name'] if auth['info']['name'] # Twitter, Google, Yahoo, GitHub
user.email = auth['info']['email'] if auth['info']['email'] # Google, Yahoo, GitHub
end
if auth['extra']['raw_info']
user.name = auth['extra']['raw_info']['name'] if auth['extra']['raw_info']['name'] # Facebook
user.email = auth['extra']['raw_info']['email'] if auth['extra']['raw_info']['email'] # Facebook
user.employer = auth['extra']['raw_info']['work'][0]['employer'] if auth['extra']['raw_info']['work'] # Facebook
end
end
rescue Exception
raise Exception, "cannot create user record"
end
end
end
然后发生这种情况:
Started GET "/auth/facebook" for 127.0.0.1 at 2011-11-26 11:53:38 +0200
Started GET "/auth/facebook/callback?code=AQBapjqIJixqmSxjj-i61WJtJN-ncCBUM_mPyhunqY4esQsaX7wiU794wMSOWT6oRJ0TMl-N5eqNh2MHuap0Oey4i6ef0F8281zQ6V1Vhct3g" for 127.0.0.1 at 2011-11-26 11:53:40 +0200
Started GET "/auth/failure?message=invalid_credentials" for 127.0.0.1 at 2011-11-26 11:53:42 +0200
Processing by SessionsController#failure as HTML
Parameters: {"message"=>"invalid_credentials"}
Redirected to http://localapp.dev/
Completed 302 Found in 1ms
知道我缺少什么吗?我应该强调,我在这个错误之前所做的唯一更改是,我没有在我的 ombiauth.rb 初始化程序中使用 provider :facebook, "XXXXXX", "XXXXXXXXXXXXXXX",而是让它从 ENV 获取这些值
-Avishai
# Gemfile
source 'http://rubygems.org'
gem 'rails', '3.0.9'
gem "airbrake"
gem "bson_ext"
gem "mongoid", ">= 2.0.2"
gem "omniauth", "~> 1.0"
gem "omniauth-facebook"
gem "carrierwave", "0.5.4"
gem 'carrierwave-mongoid', :require => 'carrierwave/mongoid'
gem "geocoder"
gem 'will_paginate'
gem "rmagick"
gem "jquery-rails"
gem "mongoid-history"
gem "mongoid-rating"
gem "flash_cookie_session"
group :development, :test do
gem "ya2yaml"
gem "chronic"
end
【问题讨论】:
-
描述你的开发环境..(系统,捆绑列表)。
-
我认为如果回调 url 不是你指定的那个有问题,它可能不会来自localapp.dev
标签: ruby-on-rails ruby facebook oauth omniauth