How can I specify the Facebook permissions (aka scope) OmniAuth asks for DYNAMICALLY?

Question

This question is similar to How can I specifiy what access I need from my user's Facebook accounts when using OmniAuth? but has a caveat.

I'm using OmniAuth to authorize Facebook users on my website. For regular login/registration, asking the user for standard Facebook permissions are acceptable. But there is a feature on my site that requires extended permissions (access to their Facebook photos). I want to only ask for the extended permissions for users when/if they use our site's Facebook photo feature.

All answers I've found on the web on how to set facebook permissions for omniauth deal with just adding a scope option in your OmniAuth initializer, like so:

ActionController::Dispatcher.middleware.use OmniAuth::Strategies::Facebook, 'app_id', 'app_secret', {:scope => 'email,offline_access,the,scope,you,want}

But I need to define the scope dynamically, so that only when users use the photo feature they get asked for the photo permissions, but not if they are just logging in or registering for the first time.

Anyone know how to do this? Thanks in advance.

Answer 1

You may have figured out a solution to this problem already but I figured I'd chime in for those still looking to solve this. My solution allows you to request as little Facebook permissions as possible up front, and then dynamically request them as your app needs them.

http://www.mikepackdev.com/blog_posts/2-Dynamically-Requesting-Facebook-Permissions-with-OmniAuth

Hope this helps!

Answer 2

It looks like they're adding that to Omniauth, but it's still in beta.

You add a

:setup => true

to your provider and then create a method where you dynamically sets the options (credentials/scope) you need.

https://github.com/intridea/omniauth/wiki/Setup-Phase

https://github.com/intridea/omniauth/wiki/Dynamic-Providers