-
Notifications
You must be signed in to change notification settings - Fork 421
Facebook oAuth not working properly and causing crash #22
Comments
Have confirmed issue triggered by email address not being returned by Facebook API. They seem to have form for changing this and not following SEMVER for API changes. Am working on tweak to use placeholder email address value (as with Twitter). Also adding defensive coding to passport-strategies.js as the following line (142) was causing the subsequent crash due to user.email being null:
|
Good news:
Bad news: I don't know why the Facebook API is no longer returning an email address, even though we already explicitly ask for that field. I don't know if this something specific to privacy settings on my account, or a result in the change on the API. Either way, Facebook oAuth works again, we just aren't able to grab the email address the user has given to Facebook (and we now just handle that gracefully). It's worth noting the reason we bother with a temporary email address at all is because it makes it easier to also support email based sign in at the same time as supporting oAuth (if we only did oAuth then we wouldn't have to care about an email address field). This update will be landing as v2.10.0 shortly. |
Hey! You just have to add a profileFields property in strategyOptions to make Facebook return emails again, like this: |
@juanmiret Thanks Juan! So I thought 'scope' was actually mapped to 'profileFields' in the Facebook Passport app and didn't understand them to be separate fields (I came across it while trying to debug the problem but gave up trying to figure out why it wasn't working once I'd refactored to make it not required). I think I might not be passing in the profileFields option in Passport auth so might need to refactor the code, but will definitely give this a go! |
A previous fix for #22 was rolled to accomodate Facebook API change which meant it no longer returned email addresses when signing in. The fix rolled out simply had the system handle not getting an email address from a provider more gracefully (i.e. not bombing out). @juanmiret suggest a fix to the passport-facebook strategy which should resolve the issue. This further enhancement should restore the previously lost functionality - so that logging in with a Facebook account now provides the email address once again - while preserving the improving the handling for oAuth providers that don’t return an email addresses.
The fix I rolled out didn't work (Facebook oAuth is unique in that it can't be tested against localhost auth it seems), but I see what was doing differently and why it didn't work before either - see issue #30 for future updates to this. |
Somehow the oauth login is not working properly on live anymore with Facebook.
This is a relatively new issue, previously working behaviour and may be as a result of a Facebook change or a bug introduced by refactoring.
The text was updated successfully, but these errors were encountered: