Deprecated offline_access on facebook with RoR

后端 未结 2 1697
北恋
北恋 2021-02-10 04:18

We have a problem in our RoR app. We are using a facebook authentication with omniauth, and searching the user friends with Koala. But lately, when we try to show a friend photo

相关标签:
2条回答
  • 2021-02-10 05:14

    There are 2 solutions to this problem:

    • Extend the user's access token:
      • As per this article on the Facebook docs, you may request a 60-day extension on a user's access token. However, if the user does not return within that period, this method won't help you.
      • You can find a PHP code snippet to do this at this StackOverflow question.
        1. To do this, send a post to this API endpoint: https://graph.facebook.com/oauth/access_token?client_id=APP_ID&client_secret=APP_SECRET&grant_type=fb_exchange_token&fb_exchange_token=EXISTING_ACCESS_TOKEN

    • Catch the OAuthException and request a new access token:
      • Facebook provides a PHP code snippet outlining this solution on their dev blog.
      • Basically, you follow these steps:
        1. Make a call to the graph with the user's current access_token.
        2. If the call succeeds, the access_token is fine. If it throws an OAuthException, redirect the user to https://www.facebook.com/dialog/oauth?client_id=APP_ID&redirect_uri=CALLBACK_URL
        3. The user will be sent to that URL and then redirected to your CALLBACK_URL with a code in the parameters.
        4. Send a post to the following URL with the code to obtain a new access_token: https://graph.facebook.com/oauth/access_token?client_id=APP_ID&redirect_uri=CALLBACK_URL&client_secret=APP_SECRET&code=CODE&display=popup

    Read the post on their dev blog for more information.

    Edit (adding example Ruby on Rails code):

    Add the following to the top of your ApplicationController:

    rescue_from Koala::Facebook::APIError, :with => :handle_fb_exception
    

    Add the following protected method to your ApplicationController:

    def handle_fb_exception exception
      if exception.fb_error_type.eql? 'OAuthException'
        logger.debug "[OAuthException] Either the user's access token has expired, they've logged out of Facebook, deauthorized the app, or changed their password"
        oauth = Koala::Facebook::OAuth.new
    
        # If there is a code in the url, attempt to request a new access token with it
        if params.has_key? 'code'
          code = params['code']
          logger.debug "We have the following code in the url: #{code}"
          logger.debug "Attempting to fetch a new access token..."
          token_hash = oauth.get_access_token_info code
          logger.debug "Obtained the following hash for the new access token:"
          logger.debug token_hash.to_yaml
          redirect_to root_path
        else # Since there is no code in the url, redirect the user to the Facebook auth page for the app
          oauth_url = oauth.url_for_oauth_code :permissions => 'email'
          logger.debug "No code was present; redirecting to the following url to obtain one: #{oauth_url}"
          redirect_to oauth_url
        end
      else
        logger.debug "Since the error type is not an 'OAuthException', this is likely a bug in the Koala gem; reraising the exception..."
        raise exception
      end
    end
    

    The Koala calls were all taken from the following 2 tutorials:

    • https://github.com/arsduo/koala/wiki/OAuth
    • https://github.com/arsduo/koala/wiki/Koala-on-Rails
    0 讨论(0)
  • 2021-02-10 05:21

    For those of you who don't have time to make this change, I found that you can disable this migration in Settings -> Advanced. The name of the option is "Remove offline_access permission:"

    0 讨论(0)
提交回复
热议问题