class OmniAuth::Strategies::Facebook

Constants

DEFAULT_SCOPE

OAuth client settings

Public Instance Methods

access_token_options() click to toggle source
# File lib/j1_app/omniauth/strategies/facebook.rb, line 116
def access_token_options
  options.access_token_options.inject({}) { |h,(k,v)| h[k.to_sym] = v; h }
end
authorize_params() click to toggle source

You can pass display, scope, or auth_type params to the auth request, if you need to set them dynamically. You can also set these options in the OmniAuth config :authorize_params option.

For example: /auth/facebook?display=popup

Calls superclass method
# File lib/j1_app/omniauth/strategies/facebook.rb, line 124
def authorize_params
  super.tap do |params|
    %w[display scope auth_type].each do |v|
      if request.params[v]
        params[v.to_sym] = request.params[v]
      end
    end

    params[:scope] ||= DEFAULT_SCOPE
  end
end
callback_phase() click to toggle source
Calls superclass method
# File lib/j1_app/omniauth/strategies/facebook.rb, line 94
def callback_phase
  with_authorization_code! do
    super
  end
rescue NoAuthorizationCodeError => e
  fail!(:no_authorization_code, e)
rescue OmniAuth::Facebook::SignedRequest::UnknownSignatureAlgorithmError => e
  fail!(:unknown_signature_algorithm, e)
end
callback_url() click to toggle source

NOTE If we're using code from the signed request then FB sets the redirect_uri to '' during the authorize

phase and it must match during the access_token phase:
https://github.com/facebook/facebook-php-sdk/blob/master/src/base_facebook.php#L477
# File lib/j1_app/omniauth/strategies/facebook.rb, line 107
def callback_url
  if @authorization_code_from_signed_request_in_cookie
    ''
  else
    # Fixes regression in omniauth-oauth2 v1.4.0 by https://github.com/intridea/omniauth-oauth2/commit/85fdbe117c2a4400d001a6368cc359d88f40abc7
    options[:callback_url] || (full_host + script_name + callback_path)
  end
end
info_options() click to toggle source
# File lib/j1_app/omniauth/strategies/facebook.rb, line 86
def info_options
  params = {appsecret_proof: appsecret_proof}
  params.merge!({fields: (options[:info_fields] || 'name,email')})
  params.merge!({locale: options[:locale]}) if options[:locale]

  { params: params }
end
raw_info() click to toggle source
# File lib/j1_app/omniauth/strategies/facebook.rb, line 82
def raw_info
  @raw_info ||= access_token.get('me', info_options).parsed || {}
end

Protected Instance Methods

build_access_token() click to toggle source
Calls superclass method
# File lib/j1_app/omniauth/strategies/facebook.rb, line 138
def build_access_token
  super.tap do |token|
    token.options.merge!(access_token_options)
  end
end

Private Instance Methods

appsecret_proof() click to toggle source
# File lib/j1_app/omniauth/strategies/facebook.rb, line 195
def appsecret_proof
  @appsecret_proof ||= OpenSSL::HMAC.hexdigest(OpenSSL::Digest::SHA256.new, client.secret, access_token.token)
end
image_url(uid, options) click to toggle source
# File lib/j1_app/omniauth/strategies/facebook.rb, line 180
def image_url(uid, options)
  uri_class = options[:secure_image_url] ? URI::HTTPS : URI::HTTP
  site_uri = URI.parse(client.site)
  url = uri_class.build({host: site_uri.host, path: "#{site_uri.path}/#{uid}/picture"})

  query = if options[:image_size].is_a?(String) || options[:image_size].is_a?(Symbol)
            { type: options[:image_size] }
          elsif options[:image_size].is_a?(Hash)
            options[:image_size]
          end
  url.query = Rack::Utils.build_query(query) if query

  url.to_s
end
prune!(hash) click to toggle source
# File lib/j1_app/omniauth/strategies/facebook.rb, line 199
def prune!(hash)
  hash.delete_if do |_, value|
    prune!(value) if value.is_a?(Hash)
    value.nil? || (value.respond_to?(:empty?) && value.empty?)
  end
end
skip_extra?() click to toggle source
# File lib/j1_app/omniauth/strategies/facebook.rb, line 206
def skip_extra?
  !!options[:skip_extra]
end
with_authorization_code!() { || ... } click to toggle source

Picks the authorization code in order, from:

  1. The request 'code' param (manual callback from standard server-side flow)

  2. A signed request from cookie (passed from the client during the client-side flow)

# File lib/j1_app/omniauth/strategies/facebook.rb, line 158
def with_authorization_code!
  if request.params.key?('code')
    yield
  elsif code_from_signed_request = signed_request_from_cookie && signed_request_from_cookie['code']
    request.params['code'] = code_from_signed_request
    @authorization_code_from_signed_request_in_cookie = true
    # NOTE The code from the signed fbsr_XXX cookie is set by the FB JS SDK will confirm that the identity of the
    #      user contained in the signed request matches the user loading the app.
    original_provider_ignores_state = options.provider_ignores_state
    options.provider_ignores_state = true
    begin
      yield
    ensure
      request.params.delete('code')
      @authorization_code_from_signed_request_in_cookie = false
      options.provider_ignores_state = original_provider_ignores_state
    end
  else
    raise NoAuthorizationCodeError, 'must pass either a `code` (via URL or by an `fbsr_XXX` signed request cookie)'
  end
end