Doesn't support login via the js sdk #120

BrianTheCoder opened this Issue Dec 8, 2010 · 18 comments


None yet
6 participants

BrianTheCoder commented Dec 8, 2010

So this is more of an issue I wanted to bring up. I can create a patch for it but wanted to get feedback first. If you use the js sdk(which is a better user experience IMHO) it tries to get the values the normal way when in should deserialize the session. I've created a work around for it, but wanted to discuss and figure out the best way to implement it in the gem.


mbleigh commented Dec 9, 2010

I assume we're talking Facebook here? I'm not too familiar with the Javascript SDK, can you walk me through the changes you'd need to make and we can go from there?


BrianTheCoder commented Dec 9, 2010

Yeah, sorry I though I put facebook in the issue title, my bad. Basically to get the user info after a redirect, you have to deserialize the session. Here's the code snippet I use

def facebook_session
  return @fb_session if @fb_session
  fb_cookies = request.cookies["fbs_#{SiteConfig[:facebook][:app_id]}"].to_s
  @fb_session = fb_cookies.gsub('"', '').split('&').inject({}) do |hash, k_v|
    k, v = k_v.split('=')
    hash[k.to_sym] = v

Here's the partial I use to add the fb js(haml)
window.fbAsyncInit = function() {
appId : #{SiteConfig[:facebook][:app_id]},
status : true,
cookie : true,
logging: true

  (function() {
    var e = document.createElement('script');
    e.src = document.location.protocol + '//';
    e.async = true;

And here's the js needed to perform the login(jQuery)
if(response.session) window.location = '/auth/facebook/callback';
}, {perms:'email,offline_access'});

I'll be on chat and irc if you wanna talk some more about it.


BrianTheCoder commented Dec 9, 2010

Oh and the SiteConfig stuff is just a little library I wrote to help me manage all the keys I have for various services. I think its intention is pretty clear and can be easily ripped out for a more omniauth-ish approach


mbleigh commented Jan 12, 2011

Hmm...can you write this up in a patch basically so that the callback_phase of the Facebook strategy will detect and deserialize the cookies if they're present and otherwise do what it does now? I'm not willing to include any kind of Javascript injection in OmniAuth at this moment, but if adding cookie deserialization makes it easy to work with the JS SDK, I'd take it.


BrianTheCoder commented Jan 12, 2011

yeah, I'll try and get it written up this week


mbleigh commented Mar 3, 2011

Any update on this? I'd like to get it in before 0.2.0 if I can.


BrianTheCoder commented Mar 4, 2011

I have some code in my fork, need to figure out how to write tests for it. I'm using it in a few apps right now and haven't had any problems. Take a look and let me know what you think. Not much to it.


mbleigh commented Mar 11, 2011

I just pushed some code, can you take a look and see if this properly handles the JS login flow?


BrianTheCoder commented Mar 15, 2011

I just switched over from my branch to 0.2.0 and it worked seamlessly. Kudos! :D

azizmb commented Jun 30, 2011

I see that this has been implemented, but i couldnt find any documentation as to how to implement it. Any pointers would be much appreciated.
Also, what version of OmniAuth would i have to be using for this to work?


BrianTheCoder commented Jul 7, 2011

I've had a few people ask me this. I'm going to do a write on my blog and post some sample code. I'll put a link up when it's done (should be this weekend)

azizmb commented Jul 8, 2011

Awesome! Thanks for the response and all the work!

On Fri, Jul 8, 2011 at 1:52 AM, BrianTheCoder <>wrote:

I've had a few people ask me this. I'm going to do a write on my blog and
post some sample code. I'll put a link up when it's done (should be this

Reply to this email directly or view it on GitHub:
intridea#120 (comment)

  • Aziz M. Bookwala



ghost commented Aug 28, 2011

Hi, can you let me know where to find the documentation on this? Thanks!

Hi, Brian!

Do you have any update on this?


BrianTheCoder commented Sep 6, 2011

sorry I've been working two full time jobs while transitioning and got the flu a few weeks ago. I've been trying to find time to write. I should be ending on of the jobs this week and then wrapping up a project for the new job this week to. Thinks should slow down and give me a little more time. Right now pretty much all I do is work and sleep

Brian Smith
Sent with Sparrow (

On Tuesday, September 6, 2011 at 4:12 PM, yangtheman wrote:

Hi, Brian!

Do you have any update on this?

Reply to this email directly or view it on GitHub:
intridea#120 (comment)

Hey Brian,

Whoa. Thanks for the quick reply!!! I didn't think you would write back so quickly. I understand your situation. Thanks for your contribution!!!

I'm trying to get this to work with devise, but I'm running into a runtime error. I'm assuming the session deserialization needs to happen in the omniauth callbacks controller?

Error below:

RuntimeError (#<OAuth2::Response:0x007fc32f8af8c8 @response=#<Faraday::Response:0x007fc32f8af940 @env={:method=>:post, :body=>"{\"error\":{\"message\":\"An unknown error has occurred.\",\"type\":\"OAuthException\"}}", :url=>#<Addressable::URI:0x3fe197c4f8c0 URI:>, :request_headers=>{"Content-Type"=>"application/x-www-form-urlencoded"}, :parallel_manager=>nil, :request=>{:proxy=>nil}, :ssl=>{}, :status=>500, :response_headers=>{"access-control-allow-origin"=>"*", "cache-control"=>"no-store", "content-type"=>"text/javascript; charset=UTF-8", "expires"=>"Sat, 01 Jan 2000 00:00:00 GMT", "pragma"=>"no-cache", "www-authenticate"=>"OAuth \"Facebook Platform\" \"unknown_error\" \"An unknown error has occurred.\"", "x-fb-rev"=>"462405", "x-fb-server"=>"", "connection"=>"close", "date"=>"Tue, 25 Oct 2011 18:34:49 GMT", "content-length"=>"78"}, :response=>#<Faraday::Response:0x007fc32f8af940 ...>}, @on_complete_callbacks=[]>, @options={:parse=>:query}, @parsed={"{\"error\":{\"message\":\"An unknown error has occurred.\",\"type\":\"OAuthException\"}}"=>nil}, @error=#<OAuth2::Error: OAuth2::Error>>):

This issue was closed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment