1

I have a very strange problem, but only at production server.

I was using this Gem in my Gemfile.

gem "omniauth-facebook", "~> 1.4.1"

But suddenly started getting the following error on production, works fine at local.

heroku[router]: at=info method=GET path=/auth/failure?message=invalid_credentials&strategy=facebook host=www.myapp.com fwd="182.189.55.111" dyno=web.1 queue=0 wait=0ms connect=1ms service=90ms status=302 bytes=95

Searched around different forums and people says, a temporary solution is just to revert back to 1.4.0 version i.e.

gem "omniauth-facebook", "1.4.0"

It also works fine at local but started getting another error message at production.

OmniAuth::Strategies::Facebook::NoAuthorizationCodeError (must pass either a `code` parameter or a signed request (via `signed_request` parameter or a `fbsr_XXX` cookie)):

this link says to upgrade again to this version 1.4.1

Seems to a be deadlock/looping situation here. Can anybody faced/fixed this issue?

Thanks in advance.

Community
  • 1
  • 1
Nadeem Yasin
  • 4,493
  • 3
  • 32
  • 41

1 Answers1

1

I assume you are using the JS SDK to login? Maybe your code looks something like:

if (response.authResponse) {
  var url = "/auth/facebook/callback";
  window.location = url;
}

I'm not sure why the signed request isn't being passed along automatically, but I've found this workaround to work fine:

if (response.authResponse) {
  var url = "/auth/facebook/callback";
  url += '&' + $.param({ signed_request: response.authResponse.signedRequest });
  window.location = url;
}
JZC
  • 470
  • 5
  • 12