Menu
I'm doing a spree 3.0 installation (ROR) and trying to use facebook oauth for authentication, but the fields sent back after a successful oauth, do NOT contain the email, which is critical to our application. here is the return from the facebook successful authentication.
#<OmniAuth::AuthHash credentials=#<OmniAuth::AuthHash expires=true expires_at=1442435073 token="CAAJa3dyBtY4BAJ2ZB3vrenNOFJKSMtvxYO09ZCJtEsmKNBs90q9nmUF4LIBr06xCizEAR3lwht3BwycLkVFdjlvkS1AUGpYODQHu25K0uO8XLDDPkTO0E9oPdIILsbTTOuIT7qcl8nJ6501z0dCXEi9hVNwPYqZBbGqiEhyoLyVgCNnDWdPRLBRF5xSovJdhjjCf6XC8ulJ4NnKBfM8"> extra=#<OmniAuth::AuthHash raw_info=#<OmniAuth::AuthHash id="101230990227589" name="David Alajbbjfdjgij Bowersstein">> info=#<OmniAuth::AuthHash::InfoHash image="http://graph.facebook.com/101230990227589/picture" name="David Alajbbjfdjgij Bowersstein"> provider="facebook" uid="101230990227589"
as you can see, all i get back is the user name and their ID. Is there some setting on my facebook app that i need to check in order to get the email back? or is there a different way i'm supposed to do Oauth? I'm just using the spree_social gem which does this all internally so i've actually not written any code around this.
here is the code. copied out of the gem, i just added the logging lines to see what was coming back from facebook.
def #{provider}
authentication = Spree::UserAuthentication.find_by_provider_and_uid(auth_hash['provider'], auth_hash['uid'])
if authentication.present? and authentication.try(:user).present?
flash[:notice] = I18n.t('devise.omniauth_callbacks.success', kind: auth_hash['provider'])
sign_in_and_redirect :spree_user, authentication.user
elsif spree_current_user
spree_current_user.apply_omniauth(auth_hash)
spree_current_user.save!
flash[:notice] = I18n.t('devise.sessions.signed_in')
redirect_back_or_default(account_url)
else
user = Spree::User.find_by_email(auth_hash['info']['email']) || Spree::User.new
user.apply_omniauth(auth_hash)
Rails.logger.debug("THE AUTO HASH")
Rails.logger.debug(auth_hash.inspect)
if user.save
flash[:notice] = I18n.t('devise.omniauth_callbacks.success', kind: auth_hash['provider'])
sign_in_and_redirect :spree_user, user
else
session[:omniauth] = auth_hash.except('extra')
flash[:notice] = Spree.t(:one_more_step, kind: auth_hash['provider'].capitalize)
redirect_to new_spree_user_registration_url
return
end
end
if current_order
user = spree_current_user || authentication.user
current_order.associate_user!(user)
session[:guest_token] = nil
end
end
543
Where to grant permission to get user email? go to the facebook developer console. At the console under App Review, it says email is approved by default.
In the App Dashboard, choose your app and scroll to Add a Product Click Set Up in the Facebook Login card. Select Settings in the left side navigation panel and under Client OAuth Settings, enter your redirect URL in the Valid OAuth Redirect URIs field for successful authorization.
In your Facebook app configuration, click on the Settings tab on the left-hand navigation menu. Then go to the Advanced tab at the top and scroll down to the Client OAuth Settings section.
To get a Page access token, send a GET request to the /PAGE-ID endpoint using your User access token. Replace PAGE-ID and USER-ACCESS-TOKEN with your information. If you used a short-lived User access token, the Page access token is valid for 1 hour.
Facebook just released latest APIv2.4 that does not return email by default but we need to explicitly specify what fields to use.
Introducing Graph API v2.4
Now, on the very latest omniauth-facebook(possibly 2.1.0), "email" fields are specified by default and just works.
Fix default info_fields to 'name,email' #209
Or, you can just specify like
options['info_fields']='id,email,gender,link,locale,name,timezone,updated_time,verified';
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
