Skip to content


Subversion checkout URL

You can clone with
Download ZIP


Doesn't support login via the js sdk #120

BrianTheCoder opened this Issue · 18 comments

6 participants


So this is more of an issue I wanted to bring up. I can create a patch for it but wanted to get feedback first. If you use the js sdk(which is a better user experience IMHO) it tries to get the values the normal way when in should deserialize the session. I've created a work around for it, but wanted to discuss and figure out the best way to implement it in the gem.


I assume we're talking Facebook here? I'm not too familiar with the Javascript SDK, can you walk me through the changes you'd need to make and we can go from there?


Yeah, sorry I though I put facebook in the issue title, my bad. Basically to get the user info after a redirect, you have to deserialize the session. Here's the code snippet I use

def facebook_session
  return @fb_session if @fb_session
  fb_cookies = request.cookies["fbs_#{SiteConfig[:facebook][:app_id]}"].to_s
  @fb_session = fb_cookies.gsub('"', '').split('&').inject({}) do |hash, k_v|
    k, v = k_v.split('=')
    hash[k.to_sym] = v

Here's the partial I use to add the fb js(haml)
window.fbAsyncInit = function() {
appId : #{SiteConfig[:facebook][:app_id]},
status : true,
cookie : true,
logging: true

  (function() {
    var e = document.createElement('script');
    e.src = document.location.protocol + '//';
    e.async = true;

And here's the js needed to perform the login(jQuery)
if(response.session) window.location = '/auth/facebook/callback';
}, {perms:'email,offline_access'});

I'll be on chat and irc if you wanna talk some more about it.


Oh and the SiteConfig stuff is just a little library I wrote to help me manage all the keys I have for various services. I think its intention is pretty clear and can be easily ripped out for a more omniauth-ish approach


Hmm...can you write this up in a patch basically so that the callback_phase of the Facebook strategy will detect and deserialize the cookies if they're present and otherwise do what it does now? I'm not willing to include any kind of Javascript injection in OmniAuth at this moment, but if adding cookie deserialization makes it easy to work with the JS SDK, I'd take it.


yeah, I'll try and get it written up this week


Any update on this? I'd like to get it in before 0.2.0 if I can.


I have some code in my fork, need to figure out how to write tests for it. I'm using it in a few apps right now and haven't had any problems. Take a look and let me know what you think. Not much to it.


I just pushed some code, can you take a look and see if this properly handles the JS login flow?


I just switched over from my branch to 0.2.0 and it worked seamlessly. Kudos! :D


I see that this has been implemented, but i couldnt find any documentation as to how to implement it. Any pointers would be much appreciated.
Also, what version of OmniAuth would i have to be using for this to work?


I've had a few people ask me this. I'm going to do a write on my blog and post some sample code. I'll put a link up when it's done (should be this weekend)




Hi, can you let me know where to find the documentation on this? Thanks!


Hi, Brian!

Do you have any update on this?


Hey Brian,

Whoa. Thanks for the quick reply!!! I didn't think you would write back so quickly. I understand your situation. Thanks for your contribution!!!


I'm trying to get this to work with devise, but I'm running into a runtime error. I'm assuming the session deserialization needs to happen in the omniauth callbacks controller?

Error below:

RuntimeError (#<OAuth2::Response:0x007fc32f8af8c8 @response=#<Faraday::Response:0x007fc32f8af940 @env={:method=>:post, :body=>"{\"error\":{\"message\":\"An unknown error has occurred.\",\"type\":\"OAuthException\"}}", :url=>#<Addressable::URI:0x3fe197c4f8c0 URI:>, :request_headers=>{"Content-Type"=>"application/x-www-form-urlencoded"}, :parallel_manager=>nil, :request=>{:proxy=>nil}, :ssl=>{}, :status=>500, :response_headers=>{"access-control-allow-origin"=>"*", "cache-control"=>"no-store", "content-type"=>"text/javascript; charset=UTF-8", "expires"=>"Sat, 01 Jan 2000 00:00:00 GMT", "pragma"=>"no-cache", "www-authenticate"=>"OAuth \"Facebook Platform\" \"unknown_error\" \"An unknown error has occurred.\"", "x-fb-rev"=>"462405", "x-fb-server"=>"", "connection"=>"close", "date"=>"Tue, 25 Oct 2011 18:34:49 GMT", "content-length"=>"78"}, :response=>#<Faraday::Response:0x007fc32f8af940 ...>}, @on_complete_callbacks=[]>, @options={:parse=>:query}, @parsed={"{\"error\":{\"message\":\"An unknown error has occurred.\",\"type\":\"OAuthException\"}}"=>nil}, @error=#<OAuth2::Error: OAuth2::Error>>):
This issue was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.