Omniauth-Facebook:重新询问拒绝的权限

时间:2015-01-09 18:30:22

标签: facebook-graph-api omniauth omniauth-facebook

在Facebook登录视图中,用户可以拒绝权限。也许被拒绝的权限会影响应用程序功能(您可以使用此应用程序执行更少的操作,因为某些数据无法访问)

我想警告用户并再次重新询问权限。但我不知道Omniauth-Facebook的方式是什么。在Facebook documentation中显示了实现此目的的方法是在请求登录名中添加一个参数:auth_type=rerequest 

https://www.facebook.com/dialog/oauth?
    client_id={app-id}&
    redirect_uri={redirect-uri}&
    auth_type=rerequest&
    scope=email

我还没有看到直接用Omniauth这样做的方法我试图从' auth / facebook / callback'中调用这个网址。在我自己检查权限后,但当用户重新接受新登录中的权限时,我收到以下错误:

 ERROR -- omniauth: (facebook) Authentication failure! invalid_credentials: OmniAuth::Strategies::OAuth2::CallbackError, csrf_detected | CSRF detected
OmniAuth::Strategies::OAuth2::CallbackError: csrf_detected | CSRF detected
    /home/ciro/.rvm/gems/ruby-2.1.3/gems/omniauth-1.2.2/lib/omniauth/failure_endpoint.rb:25:in `raise_out!'
    /home/ciro/.rvm/gems/ruby-2.1.3/gems/omniauth-1.2.2/lib/omniauth/failure_endpoint.rb:20:in `call'
    /home/ciro/.rvm/gems/ruby-2.1.3/gems/omniauth-1.2.2/lib/omniauth/failure_endpoint.rb:12:in `call'
    /home/ciro/.rvm/gems/ruby-2.1.3/gems/omniauth-1.2.2/lib/omniauth/strategy.rb:475:in `fail!'
    /home/ciro/.rvm/gems/ruby-2.1.3/gems/omniauth-oauth2-1.2.0/lib/omniauth/strategies/oauth2.rb:73:in `callback_phase'
    /home/ciro/.rvm/gems/ruby-2.1.3/gems/omniauth-facebook-1.6.0/lib/omniauth/strategies/facebook.rb:71:in `callback_phase'
    /home/ciro/.rvm/gems/ruby-2.1.3/gems/omniauth-1.2.2/lib/omniauth/strategy.rb:227:in `callback_call'
    /home/ciro/.rvm/gems/ruby-2.1.3/gems/omniauth-1.2.2/lib/omniauth/strategy.rb:184:in `call!'
    /home/ciro/.rvm/gems/ruby-2.1.3/gems/omniauth-1.2.2/lib/omniauth/strategy.rb:164:in `call'
    /home/ciro/.rvm/gems/ruby-2.1.3/gems/omniauth-1.2.2/lib/omniauth/builder.rb:59:in `call'

这是我的' auth / facebook / callback' 

on get do
  on 'auth/facebook/callback' do
    on param(:code) do |code| 
      email = req.env['omniauth.auth']['info']['email'] 

      if email.nil? or email.empty?
        res.redirect "https://www.facebook.com/dialog/oauth?client_id=#{ENV['APP_ID']}&redirect_uri=http://localhost:9292/auth/facebook/callback&auth_type=rerequest&scope=email"
      end
    end
  end
end

1 个答案:

答案 0 :(得分:1)

解决方案是传递OmniAuth请求中的参数:

if email.nil? or email.empty?
    res.redirect "/auth/facebook?scope=email"
end
相关问题
最新问题