I am getting a error:
OmniAuth::Strategies::Facebook::NoAuthorizationCodeError (must pass either a
`code` parameter or a signed request (via `signed_request` parameter or a
`fbsr_XXX` cookie)):
Its not coming all the time. Its coming once in a while, notified by airbrake.
There are lot of links for this on google search but not able to find out a proper solution.. Anyone? omniauth.rb under initializers directory:
OmniAuth.config.logger = Rails.logger
Rails.application.config.middleware.use OmniAuth::Builder do
provider :facebook, ENV['FACEBOOK_KEY'], ENV['FACEBOOK_SECRET'], {:client_options => {:ssl => {:ca_path => "/etc/ssl/certs"}}, :scope => 'user_about_me,email,publish_actions,user_location,publish_stream,offline_access,user_interests,user_likes,user_hometown', :display => 'popup'}
OmniAuth.config.on_failure = Proc.new do |env|
#this will invoke the omniauth_failure action in SessionsController.
"SessionsController".constantize.action(:omniauth_failure).call(env)
end
end
PS: I am using facebook javascript sdk with facebook-omniauth
I recently encountered this error when also using the FB JS SDK with omniauth-facebook. I fixed it by sending the signed_request parameter with the GET as shown below:
$(document).bind("fb.loaded", function() {
FB.getLoginStatus(function(response) {
console.log('FB STATUS: ' + response.status);
if(response.status == "connected") {
console.log("FB AUTHED");
location.href =
'/auth/facebook/callback?' +
$.param({ signed_request: response.authResponse.signedRequest })
});
}
});
});
The scenario occurs when a user visits your site when already logged into FB but not your site. One often needs to sign the subsequent request to the omniauth callback:
Request URL:
http://localhost:3000/auth/facebook/callback?signed_request=QXZa2TPs8JiSgSAQkrS7Y7ObPZQDYLcU_JNvD6Wru_o.eyJhbGdvcml0aG0iOiJITUFDLVNIQTI1NiIsImNvZGUiOiJBUURjQXdZUdVOMEFmd1RCbjRDQWp4eHpKcWRoRllOS1owLVZpa2pKTUQxSU1UbHJzbmEyMVNUUUtOLWl6b1dJOXJVRWUyWTBNd3ViZ1JxcmZJQmVMRDNOREI2M1EwREtqVzJCeVxTU2ZMR1foWlVwOEVlX0dMVUtwYUlqcWlaQ2FSc1h5c0NBNHdyZDBxbk4taU1haWp2cVFIX19QdUhxaldFcUtYZDc1LS1oZmptcTg4QVVuemVJdDJ4S2VOd3VPZG9vOGtaQkZlZmctZ2FDMk9CNl8wZ24iLCJpc3N1ZWRfYXQiOjEzNTg5NzQ4NzMsInVzZXJfaWQiOiIxMDYwMTg4NyJ9`
If using AJAX, you would need something like this:
$.get(
'/auth/facebook/callback',
{ signed_request: response.authResponse.signedRequest },
function(json) {
alert("received logged in response");
});
You will get this error if your app is in sandbox mode and you try to log in using real users which are not listed in the Developer Roles for your application . Once you create test users and use those instead, it will work.
You will also get this error in the opposite situation: you try to log in to your production app while being logged into facebook as a test user. You will get that error, and in my url I also get very clear information:
error_code=2102&error_message=User+is+not+a+test+user+owned+by+the+application
To create test users, click on Edit settings > Developer Roles in your application configuration at developers.facebook.com and click create
on the Test users section. After creating the user, set the password clicking on Set Password
and note down its facebook id which you can visualize when clicking modify
. Then use those credentials to login to your app in sandbox mode.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With