Last active
February 24, 2022 18:08
-
-
Save a14m/a60714f968e1178f0717 to your computer and use it in GitHub Desktop.
Gist for manually OAuth2 facebook for Rails APIs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # lib/omniauth/facebook.rb | |
| require 'httparty' | |
| module Omniauth | |
| class Facebook | |
| include HTTParty | |
| # The base uri for facebook graph API | |
| base_uri 'https://graph.facebook.com/v2.3' | |
| # Used to authenticate app with facebook user | |
| # Usage | |
| # Omniauth::Facebook.authenticate('authorization_code') | |
| # Flow | |
| # Retrieve access_token from authorization_code | |
| # Retrieve User_Info hash from access_token | |
| def self.authenticate(code) | |
| provider = self.new | |
| access_token = provider.get_access_token(code) | |
| user_info = provider.get_user_profile(access_token) | |
| return user_info, access_token | |
| end | |
| # Used to revoke the application permissions and login if a user | |
| # revoked some of the mandatory permissions required by the application | |
| # like the email | |
| # Usage | |
| # Omniauth::Facebook.deauthorize('user_id') | |
| # Flow | |
| # Send DELETE /me/permissions?access_token=XXX | |
| def self.deauthorize(access_token) | |
| options = { query: { access_token: access_token } } | |
| response = self.delete('/me/permissions', options) | |
| # Something went wrong most propably beacuse of the connection. | |
| unless response.success? | |
| Rails.logger.error 'Omniauth::Facebook.deauthorize Failed' | |
| fail Omniauth::ResponseError, 'errors.auth.facebook.deauthorization' | |
| end | |
| response.parsed_response | |
| end | |
| def get_access_token(code) | |
| response = self.class.get('/oauth/access_token', query(code)) | |
| # Something went wrong either wrong configuration or connection | |
| unless response.success? | |
| Rails.logger.error 'Omniauth::Facebook.get_access_token Failed' | |
| fail Omniauth::ResponseError, 'errors.auth.facebook.access_token' | |
| end | |
| response.parsed_response['access_token'] | |
| end | |
| def get_user_profile(access_token) | |
| options = { query: { access_token: access_token } } | |
| response = self.class.get('/me', options) | |
| # Something went wrong most propably beacuse of the connection. | |
| unless response.success? | |
| Rails.logger.error 'Omniauth::Facebook.get_user_profile Failed' | |
| fail Omniauth::ResponseError, 'errors.auth.facebook.user_profile' | |
| end | |
| response.parsed_response | |
| end | |
| private | |
| # access_token required params | |
| # https://developers.facebook.com/docs/facebook-login/manually-build-a-login-flow/v2.3#confirm | |
| def query(code) | |
| { | |
| query: { | |
| code: code, | |
| redirect_uri: "http://localhost:9000/", | |
| client_id: ENV['FB_APP_ID'], | |
| client_secret: ENV['FB_APP_SECRET'] | |
| } | |
| } | |
| end | |
| end | |
| end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # lib/omniauth/permission_error.rb | |
| module Omniauth | |
| class PermissionError < StandardError | |
| end | |
| end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # lib/omniauth/response_error.rb | |
| module Omniauth | |
| class ResponseError < StandardError | |
| end | |
| end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
https://stackoverflow.com/questions/19989391/authenticate-user-using-omniauth-and-facebook-for-a-rails-api