Merge pull request #76 from bengler/fbv2

Facebook Graph 2.0 login + better strategy error handling
bengler · Jan 6, 2015 · 930bdd4 · 930bdd4
2 parents c15e5f8 + 5e3e080
commit 930bdd4
Show file tree

Hide file tree

Showing 4 changed files with 28 additions and 8 deletions.
diff --git a/Gemfile b/Gemfile
@@ -14,7 +14,7 @@ gem 'rails-observers', '~> 0.1', require: false
 gem 'pg', '~> 0.17'
 gem 'omniauth', '~> 1.1.4'
 gem 'omniauth-twitter', :git => 'git://github.com/arunagw/omniauth-twitter.git'
-gem 'omniauth-facebook', '~> 1.4.1'
+gem 'omniauth-facebook', '~> 1.6'
 gem 'omniauth-contrib', '~> 1.0.0', :git => 'git://github.com/intridea/omniauth-contrib.git'
 gem 'omniauth-oauth', '~> 1.0.1', :git => 'git://github.com/intridea/omniauth-oauth.git'
 gem 'omniauth-oauth2', '~> 1.1.0', :git => 'git://github.com/intridea/omniauth-oauth2.git'

diff --git a/Gemfile.lock b/Gemfile.lock
@@ -139,8 +139,8 @@ GEM
       evernote-thrift
       multi_json (~> 1.0)
       omniauth-oauth (~> 1.0)
-    omniauth-facebook (1.4.1)
-      omniauth-oauth2 (~> 1.1.0)
+    omniauth-facebook (1.6.0)
+      omniauth-oauth2 (~> 1.1)
     omniauth-google-oauth2 (0.1.19)
       omniauth (~> 1.0)
       omniauth-oauth2
@@ -231,7 +231,7 @@ DEPENDENCIES
   omniauth (~> 1.1.4)
   omniauth-contrib (~> 1.0.0)!
   omniauth-evernote
-  omniauth-facebook (~> 1.4.1)
+  omniauth-facebook (~> 1.6)
   omniauth-google-oauth2 (~> 0.1.10)
   omniauth-oauth (~> 1.0.1)!
   omniauth-oauth2 (~> 1.1.0)!

diff --git a/api/v1/auth.rb b/api/v1/auth.rb
@@ -143,7 +143,14 @@ def url_for_failure(params = {})
     service_keys = current_realm.keys_for(params[:provider].to_sym)
 
     strategy.options[:force_dialog] = session[:force_dialog]
-    strategy.options[:display] = session[:display] if params[:provider] == 'facebook'
+    if params[:provider] ==  'facebook'
+      strategy.options[:display] = session[:display]
+      strategy.options[:client_options] ||= {}
+      strategy.options[:client_options] = strategy.options[:client_options].merge({
+        :site => 'https://graph.facebook.com/v2.0',
+        :authorize_url => "https://www.facebook.com/v2.0/dialog/oauth"
+      })
+    end
     strategy.options[:target_url] = session[:redirect_to]
 
     if strategy.options.respond_to?(:consumer_key)
@@ -188,7 +195,8 @@ def url_for_failure(params = {})
   end
 
   get '/auth/failure' do
-    redirect url_for_failure(:message => params[:message] || 'unknown')
+    params[:message] ||= 'unknown'
+    redirect url_for_failure(params)
   end
 
   # FIXME: Should not offer this as GET.

diff --git a/config.ru b/config.ru
@@ -22,8 +22,20 @@ map "/api/checkpoint/v1" do
     provider :evernote, nil, nil, :setup => true
 
     on_failure do |env|
-      message_key = env['omniauth.error.type']
-      new_path = "/api/checkpoint/v1/auth/failure?message=#{message_key}"
+      message_key = env['omniauth.error.type'] # Generic omniauth error, i.e. 'invalid_credentials'
+
+      # Pass through the original strategy callback error for easier debugging and error handling
+      query_hash = env['rack.request.query_hash']
+      strategy_error = nil
+      if query_hash and query_hash['error']
+        error_hash = {
+          'error' => query_hash['error'],
+          'error_reason' => query_hash['error_reason'],
+          'error_description' => query_hash['error_description']
+        }
+        strategy_error = "&#{error_hash.to_param}"
+      end
+      new_path = "/api/checkpoint/v1/auth/failure?message=#{message_key}#{strategy_error}"
       [302, {'Location' => new_path, 'Content-Type'=> 'text/html'}, []]
     end
   end