使用RoR在Facebook上不再使用offline_access [英] Deprecated offline_access on facebook with RoR
问题描述
我们的RoR应用程序有问题。我们正在使用omniauth的Facebook身份验证,并用Koala搜索用户的朋友。但是最近,当我们尝试显示一个朋友照片时,我们收到了这个错误:
We have a problem in our RoR app. We are using a facebook authentication with omniauth, and searching the user friends with Koala. But lately, when we try to show a friend photo, we got this error:
Koala::Facebook::APIError in Homes#show
Showing /home/daniel/Homes/app/views/shared/_event.html.erb where line #19 raised:
OAuthException: Error validating access token: Session has expired at unix time 1328727600. The current unix time is 1328802133.
Extracted source (around line #19):
16: <img src="../assets/friends-icon.png" alt="User profile apicture" height="33" width="43">
17: <% if current_user %>
18: <% event.friends_in_event(@person).each do |f| %>
19: <%= link_to(image_tag(f.fb_picture, :size => "43x33"), person_path(f.id)) %>
20: <% end %>
21: <% end %>
22: </div>
身份验证功能很好,但Facebook已经不赞成使用offline_access选项,这是非常有用的,但现在我们有这个问题。
是扩展access_token吗?还是有其他解决方案?
The authentication works good, but facebook has already deprecated the offline_access option, that was working good, but now, we have this issue. is It any way to extends the access_token?, or are there another solution?.
这是我们的omniauth.rb
This is our omniauth.rb
Rails.application.config.middleware.use OmniAuth::Builder do
provider :facebook, ENV['FB_KEY'], ENV['FB_SECRET'],
{ :scope => 'email,offline_access,user_photos,publish_stream',
:client_options => { :ssl => { :ca_path => "/etc/ssl/certs" } } }
end
我们的koala.rb
And our koala.rb
Koala.http_service.http_options = {
:ssl => { :ca_path => "/etc/ssl/certs" }
}
提前感谢。
推荐答案
有两种解决方案:
- 扩展用户的访问令牌:
- 根据本文中的Facebook文档,您可以要求为用户的访问令牌提供60天的扩展名。但是,如果用户在该时间段内没有返回,此方法将无法帮助您。
- 您可以找到一个PHP代码片段来执行此操作这个StackOverflow问题。
- Extend the user's access token:
- As per this article on the Facebook docs, you may request a 60-day extension on a user's access token. However, if the user does not return within that period, this method won't help you.
- You can find a PHP code snippet to do this at this StackOverflow question.
- 要做到这一点,发送到这个API端点:
https://graph.facebook.com/oauth/access_token? client_id = APP_ID& client_secret = APP_SECRET& grant_type = fb_exchange_token& fb_exchange_token = EXISTING_ACCESS_TOKEN
- To do this, send a post to this API endpoint:
https://graph.facebook.com/oauth/access_token?client_id=APP_ID&client_secret=APP_SECRET&grant_type=fb_exchange_token&fb_exchange_token=EXISTING_ACCESS_TOKEN
- 捕获
OAuthException
并请求新的访问令牌:
- Facebook提供了一个概述此解决方案的PHP代码段在他们的开发博客。
- 基本上,你按照以下步骤:
- Catch the
OAuthException
and request a new access token:- Facebook provides a PHP code snippet outlining this solution on their dev blog.
- Basically, you follow these steps:
- 使用用户当前的
access_token
拨打图表。 - 如果呼叫成功,
access_token
就可以了。如果它抛出一个OAuthException
,将用户重定向到https://www.facebook.com/dialog/oauth?client_id=APP_ID&redirect_uri=CALLBACK_URL
- 该用户将被发送到该URL,然后重定向到您的
CALLBACK_URL
与代码
在参数中。 - 发送一条帖子到以下URL,使用
代码
获取新的access_token
:https://graph.facebook.com/oauth/access_token?client_id=APP_ID&redirect_uri=CALLBACK_URL&client_secret=APP_SECRET& code = CODE& display = popup
- Make a call to the graph with the user's current
access_token
. - If the call succeeds, the
access_token
is fine. If it throws anOAuthException
, redirect the user tohttps://www.facebook.com/dialog/oauth?client_id=APP_ID&redirect_uri=CALLBACK_URL
- The user will be sent to that URL and then redirected to your
CALLBACK_URL
with acode
in the parameters. - Send a post to the following URL with the
code
to obtain a newaccess_token
:https://graph.facebook.com/oauth/access_token?client_id=APP_ID&redirect_uri=CALLBACK_URL&client_secret=APP_SECRET&code=CODE&display=popup
在他们的开发博客上阅读更多信息。
Read the post on their dev blog for more information.
编辑(添加Ruby on Rails代码示例):
Edit (adding example Ruby on Rails code):
将以下内容添加到 ApplicationController
的顶部:
Add the following to the top of your ApplicationController
:
rescue_from Koala::Facebook::APIError, :with => :handle_fb_exception
将以下保护的
方法添加到您的 ApplicationController
:
Add the following protected
method to your ApplicationController
:
def handle_fb_exception exception
if exception.fb_error_type.eql? 'OAuthException'
logger.debug "[OAuthException] Either the user's access token has expired, they've logged out of Facebook, deauthorized the app, or changed their password"
oauth = Koala::Facebook::OAuth.new
# If there is a code in the url, attempt to request a new access token with it
if params.has_key? 'code'
code = params['code']
logger.debug "We have the following code in the url: #{code}"
logger.debug "Attempting to fetch a new access token..."
token_hash = oauth.get_access_token_info code
logger.debug "Obtained the following hash for the new access token:"
logger.debug token_hash.to_yaml
redirect_to root_path
else # Since there is no code in the url, redirect the user to the Facebook auth page for the app
oauth_url = oauth.url_for_oauth_code :permissions => 'email'
logger.debug "No code was present; redirecting to the following url to obtain one: #{oauth_url}"
redirect_to oauth_url
end
else
logger.debug "Since the error type is not an 'OAuthException', this is likely a bug in the Koala gem; reraising the exception..."
raise exception
end
end
考拉电话都是从以下2个教程中获取的:
The Koala calls were all taken from the following 2 tutorials:
- https://github.com/arsduo/koala/wiki/OAuth
- https://github.com/arsduo/koala/wiki/Koala-on-Rails
这篇关于使用RoR在Facebook上不再使用offline_access的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!