Omniauth-facebook不断报告invalid_credentials [英] Omniauth-facebook keeps reporting invalid_credentials
问题描述
我正在按照Railscast#360所述的方式实施omniauth-facebook,并且遇到了一个障碍。当我点击登录链接,我得到所需的弹出窗口要求我输入我的Facebook凭据,但是当我提交,我得到一个OmniAuth :: Strategies :: OAuth2 :: CallbackError错误。在apache日志中,打印:(facebook)认证失败! invalid_credentials:OmniAuth :: Strategies :: OAuth2 :: CallbackError,OmniAuth :: Strategies :: OAuth2 :: CallbackError
这里是相关代码:
omniauth.rb
OmniAuth.config.logger = Rails .logger
Rails.application.config.middleware.use OmniAuth :: Builder do
提供者:facebook,ENV ['FACEBOOK_APP_ID'],ENV ['FACEBOOK_SECRET']
end
sessions_controller.rb
class SessionsController< ApplicationController
def create
user = User.from_omniauth(env [omniauth.auth])
会话[:user_id] = user.id
redirect_to root_url
end
def destroy
session [:user_id] = nil
redirect_to root_url
end
end
application.html.erb
< div id =fb-root>< / div>
< script>
window.fbAsyncInit = function(){
FB.init({
appId:'(** my app id **)',// App ID
status:true ,//检查登录状态
cookie:true //启用Cookie以允许服务器访问会话
});
$('#sign_in')。click(function(e){
e.preventDefault();
return FB.login(function(response){
if(response.authResponse){
return window.location ='/ auth / facebook / callback';
}
});
});
return $('#sign_out')。click(function(e){
FB.getLoginStatus(function(response){
if(response.authResponse){
return FB.logout();
}
});
return true;
});
};
< / script>
我错过了一些简单的东西吗?我一直在寻找最近几天的解决方案。
似乎omniauth-facebook v1.4.1引入了问题与CSRF。临时解决方案是回滚到v1.4.0。在您的Gemfile中,将omniauth-facebook行更改为:
gem'omniauth-facebook','1.4.0'$ b我已经报告了这个问题: https://github.com/mkdynamic/omniauth-facebook/issues/73
I am trying to implement omniauth-facebook as described in Railscast #360 and have run into quite a roadblock. When I click on the signin link, I get the desired popup asking me to input my facebook credentials, but when I submit, I get an OmniAuth::Strategies::OAuth2::CallbackError error. In the apache logs, this is printed: (facebook) Authentication failure! invalid_credentials: OmniAuth::Strategies::OAuth2::CallbackError, OmniAuth::Strategies::OAuth2::CallbackError
here is the relevant code:
omniauth.rb
OmniAuth.config.logger = Rails.logger
Rails.application.config.middleware.use OmniAuth::Builder do
provider :facebook, ENV['FACEBOOK_APP_ID'], ENV['FACEBOOK_SECRET']
end
sessions_controller.rb
class SessionsController < ApplicationController
def create
user = User.from_omniauth(env["omniauth.auth"])
session[:user_id] = user.id
redirect_to root_url
end
def destroy
session[:user_id] = nil
redirect_to root_url
end
end
application.html.erb
<div id="fb-root"></div>
<script>
window.fbAsyncInit = function() {
FB.init({
appId : '(**my app id**)', // App ID
status : true, // check login status
cookie : true // enable cookies to allow the server to access the session
});
$('#sign_in').click(function(e) {
e.preventDefault();
return FB.login(function(response) {
if (response.authResponse) {
return window.location = '/auth/facebook/callback';
}
});
});
return $('#sign_out').click(function(e) {
FB.getLoginStatus(function(response) {
if (response.authResponse) {
return FB.logout();
}
});
return true;
});
};
</script>
Am I missing something simple? I've been searching for a solution for the last few days.
解决方案 It seems like omniauth-facebook v1.4.1 introduced an issue with CSRF. A temporary fix is to just roll back to v1.4.0. In your Gemfile, change the omniauth-facebook line to:
gem 'omniauth-facebook', '1.4.0'
I've reported the issue: https://github.com/mkdynamic/omniauth-facebook/issues/73
这篇关于Omniauth-facebook不断报告invalid_credentials的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
