Rails omniauth-facebook unsolved issue

Question

The current omniauth-facebook seems to have some issues, and I want to know if anyone has answers to them.

First issue was the invalid credentials problem. I couldn't log in to my application using the client-side authorization because of this problem. However, this could be solved by downgrading facebook-omniauth to 1.4.0 version. (reference)

However, now I'm encountering second problem, NoAuthorizationCodeError, with the error message:

OmniAuth Strategies Facebook NoAuthorizationCodeError 
(must pass either a `code` parameter or a signed request 
(via `signed_request` parameter):

this was asked in here, but the accepted answer advises to actually upgrade to 1.4.1 version again, which would make the previous invalid credentials problem occur again. So this is not an option for me.

The NoAuthorizationCodeError happens when I try to log into my application inside the Facebook iFrame (searched my app from the app center) via internet explorer. Everything works fine on chrome or firefox. There's also a github issue exactly pinpointing this problem, but no one has come up with an answer yet. I've also tried to downgrade to omniauth-facebook 1.3.0 version, but it made no difference. I also tried to pass in the signed_request parameter like follows:

window.location = '/auth/facebook/callback', 
{ signed_request: response.authResponse.signedRequest }

However, it didn't make any difference (on IE, the error still persists), and I'm not sure if that is the right way to pass in the code as a parameter (how do I check?)

I assume there is no problem with my settings. I would really appreciate any help on this matter.

UPDATE:

I upgraded to 1.4.1 version without having invalid credentials problem, but NoAuthorizationCodeError still occurs when I access the application inside Facebook through Internet Explorer. Check my Github issue.

UPDATE:

I downgraded to 1.4.0 version, and added signedRequest params.

<script>
function login() {
  FB.login(function(response) {
    if (response.authResponse) {
      window.location = '/auth/facebook/callback?' + $.param({ signed_request: response.authResponse.signedRequest })
    } 
  }, {scope: 'email,publish_stream,publish_actions'});
}
</script>

There are no errors or alerts in the log, and everything works as expected. However, if I log in within Facebook iFrame through internet explorer, it does not log me in even after the callback phase is initiated. I guess the original problem has been solved but I can't figure out how to debug this when there is not any kind of error message.

Problem: When I click "log in with Facebook" inside Facebook iFrame for my application with Internet Explorer, I'm NOT logged in when the authorization process completes. This problem only happens in that specific environment, and I have had hard time trying to figure out why.

2013-02-22T01:10:40+00:00 app[web.1]: Started GET "/auth/facebook/callback?signed_request=LONGSTRING" for 200.1.102.103 at 2013-02-22 01:10:40 +0000
2013-02-22T01:10:40+00:00 app[web.1]: (facebook) Callback phase initiated.
2013-02-22T01:10:40+00:00 app[web.1]: Processing by SessionsController#create_facebook as HTML
2013-02-22T01:10:40+00:00 app[web.1]:   Parameters: {"signed_request"=>"LONGSTRING", "provider"=>"facebook"}
2013-02-22T01:10:40+00:00 app[web.1]:   User Load (1.6ms)  SELECT "users".* FROM "users" WHERE "users"."provider" = 'facebook' AND "users"."uid" = 'MYUID' LIMIT 1
2013-02-22T01:10:40+00:00 app[web.1]:    (0.8ms)  BEGIN
2013-02-22T01:10:40+00:00 app[web.1]:   User Exists (1.0ms)  SELECT 1 AS one FROM "users" WHERE ("users"."name" = 'MYNAME' AND "users"."id" != 3) LIMIT 1
2013-02-22T01:10:40+00:00 app[web.1]:    (0.9ms)  COMMIT
2013-02-22T01:10:40+00:00 app[web.1]: Redirected to http://MYAPP.COM
2013-02-22T01:10:40+00:00 app[web.1]: Completed 302 Found in 10ms (ActiveRecord: 4.2ms)

Again, in any other environment authorization works perfectly in all browsers. This problem only occurs when I try to log in within Facebook via Internet Explorer.

My Environment: omniauth-facebook 1.4.0, omniauth 1.1.1, oauth2 0.8.0, Rails 3.2.11

I intentionally downgraded omniauth-facebook from 1.4.1 to 1.4.0 because of the invalid credentials error in the latest version.

Answer 1

make use of omniauth (1.1.3), oauth2 (0.8.1) and omniauth-facebook (1.4.1).

You will not get any error with these