OmniAuth Strategies Facebook NoAuthorizationCodeError (must pass either a `code` parameter or a signed request (via `signed_request` parameter):

by

I recently encountered this error when also using the FB JS SDK with omniauth-facebook.
I fixed it by sending the signed_request parameter with the GET as shown below:

$(document).bind("fb.loaded", function() {
  FB.getLoginStatus(function(response) {

    console.log('FB STATUS: ' + response.status);
    if(response.status == "connected") {

      console.log("FB AUTHED");

      location.href="https://stackoverflow.com/auth/facebook/callback?" +
        $.param({ signed_request: response.authResponse.signedRequest })
      });

    }
  });
});

The scenario occurs when a user visits your site when already logged into FB but not your site. One often needs to sign the subsequent request to the omniauth callback:

Request URL:
http://localhost:3000/auth/facebook/callback?signed_request=QXZa2TPs8JiSgSAQkrS7Y7ObPZQDYLcU_JNvD6Wru_o.eyJhbGdvcml0aG0iOiJITUFDLVNIQTI1NiIsImNvZGUiOiJBUURjQXdZUdVOMEFmd1RCbjRDQWp4eHpKcWRoRllOS1owLVZpa2pKTUQxSU1UbHJzbmEyMVNUUUtOLWl6b1dJOXJVRWUyWTBNd3ViZ1JxcmZJQmVMRDNOREI2M1EwREtqVzJCeVxTU2ZMR1foWlVwOEVlX0dMVUtwYUlqcWlaQ2FSc1h5c0NBNHdyZDBxbk4taU1haWp2cVFIX19QdUhxaldFcUtYZDc1LS1oZmptcTg4QVVuemVJdDJ4S2VOd3VPZG9vOGtaQkZlZmctZ2FDMk9CNl8wZ24iLCJpc3N1ZWRfYXQiOjEzNTg5NzQ4NzMsInVzZXJfaWQiOiIxMDYwMTg4NyJ9`

If using AJAX, you would need something like this:

      $.get(
        '/auth/facebook/callback',
        { signed_request: response.authResponse.signedRequest },
        function(json) {
          alert("received logged in response");
      });

More Related Contents:

  1. OmniAuth & Facebook: certificate verify failed [duplicate]
  2. Turn omniauth facebook login into a popup
  3. Omniauth: callback not firing, returns failure with “invalid credentials”
  4. How to get rid of OpenSSL::SSL::SSLError
  5. OpenSSL::SSL::SSLError on Heroku [duplicate]
  6. Setting Environment Variables in Rails 3 (Devise + Omniauth)
  7. Refresh token using Omniauth-oauth2 in Rails application
  8. How to avoid NoMethodError for missing elements in nested hashes, without repeated nil checks?
  9. Singular or plural controller and helper names in Rails
  10. Rails: confused about syntax for passing locals to partials
  11. TZInfo::DataSourceNotFound error starting Rails v4.1.0 server on Windows
  12. Add Custom Field/Column to Devise with Rails 4
  13. Ruby on Rails: Submitting an array in a form
  14. How can I test the page title with Capybara 2.0?
  15. What does “WARN Could not determine content-length of response body.” mean and how to I get rid of it?
  16. Difference between string and text in rails?
  17. Rails new vs create
  18. Parse a string as if it were a querystring in Ruby on Rails
  19. Cannot install JSON gem in rails using windows
  20. Encoding Ruby on Rails code?
  21. Rails detect if request was AJAX
  22. Rails: PG::UndefinedTable: ERROR: relation “…” does not exist
  23. How Do I Use Factory Girl To Generate A Paperclip Attachment?
  24. Rails 3.1 limit user created objects
  25. ERROR: Error installing rmagick: in Windows with Ruby 2.2
  26. has_and_belongs_to_many, avoiding dupes in the join table
  27. Ruby: Reading PDF files
  28. How to fix “Your Ruby version is 2.3.0, but your Gemfile specified 2.2.5” while server starting
  29. Ruby on Rails: how do I sort with two columns using ActiveRecord?
  30. Rails: Order with nulls last

Leave a Comment