Omniauth Facebook Expired Token Error

OmniAuth Facebook expired token error

You can simply update the token when you create the session.

class SessionsController < ApplicationController  
def create  
  auth = request.env["omniauth.auth"]  
  user = User.find_by_provider_and_uid(auth["provider"], auth["uid"]).tap do |u|
           u.update_attributes(:token => auth["credentials"]["token"]) if u
         end || User.create_with_omniauth(auth)
  session[:user_id] = user.id  
  redirect_to root_url, :notice => "Signed in!"  
end

Facebook token expiration and renewal, with Koala and omniauth-facebook

What I have is a before_filter that is triggered on every page that requires an active Facebook session. Something like this should work:

  before_filter :reconnect_with_facebook
  def reconnect_with_facebook
    if current_account && current_account.token_expired?(session[:fb]["expires"])

    # re-request a token from facebook. Assume that we got a new token so
    # update it anyhow...
    session[:return_to] = request.env["REQUEST_URI"] unless request.env["REQUEST_URI"] == facebook_request_path
    redirect_to(with_canvas(facebook_request_path)) and return false
  end
end

The token_expired? method looks like this:

def token_expired?(new_time = nil)
  expiry = (new_time.nil? ? token_expires_at : Time.at(new_time))
  return true if expiry < Time.now ## expired token, so we should quickly return
  token_expires_at = expiry
  save if changed?
  false # token not expired. :D
end

Rails - Facebook with Omniauth and Koala: How to renew an expired token

The simple case is that you re-auth the user with FB, exactly as you authorized them in the first place. To get the token in the first place, i'm assuming you're using omniauth (and onmiauth-facebook) to authenticate against FB. That means you've got a route and a controller action to handle the auth callback, and a function that inserts the token into the db.

The access token you originally got with omniauth can become invalid for various reasons - expiry, or because the user changed their FB password, and possibly others. In those cases, another OAuth call will return a valid token. Just call again (as you did when you first authorized the user) and replace the invalid token with the new one, in your DB, and you're good.

This gist (my own answer to a related question i asked here) has some code covering that, but it sounds like you've already got this covered. Save enough state to then re-attempt whatever triggered the exception and you're good.

It's also possible that the token is now invalid because the user has changed their FB app settings to de-authorize your app. In that case, the user will see the FB permissions dialog as if they were a new user authenticating against FB for the first time. (FB)

Does that make sense?

Omniauth with facebook tokken

For now you'll be fine, but after July 5 you'll have to deal with expiring tokens. This probably means dealing with the expired token error FB sends back, and interrupting the user experience on your site to get their re-approval for a new token.

Rails, Koala: facebook access token expires very soon, how to make it longer

Get your app_id, your secret and your current access token, you can see the current access token going to https://developers.facebook.com/tools/access_token

and copy the current access token of the app you want to extend it

then compose this url

https://graph.facebook.com/oauth/access_token?grant_type=fb_exchange_token&client_id=APP_ID&client_secret=APP_SECRET&fb_exchange_token=CURRENT_ACCESS_TOKEN

now replace the capitalized words with your values, then copy and paste the url in the browser, and whoala! you have an access token that will be available during 2 months

by the way, you will get something like this
access_token=ACCESS_TOKEN&expires=5182578

only copy the ACCESS_TOKEN in your application, do not copy the '&expires' part.

For check that everything is ok go to the Debugger and paste your access token, it should show you that will expire in 2 months, if you still see 60 minutes check the steps again.

For some weird reason (we still do not know why), our access token remains active after the 2 months, it seems that if your app is active it gets renewed automatically.

Access token from devise+omniauth-facebook authentication for using in fb-graph

You can do this:

User.create!(:email => data.email, :password => Devise.friendly_token[0,20], :authentication_token => access_token.credentials.token)

You will also need to add :authentication_token or whatever you named it to the attr_accessible


Related Topics

A Selenium Webdriver Exception

How to Write a Rails Mixin That Spans Across Model, Controller, and View

Regex to Match Hashtags in a Sentence Using Ruby

Running Parallel Selenium Tests with Capybara

Refactoring Activerecord Models with a Base Class Versus a Base Module

Built in Way to List Directories in a Directory in Ruby

Simple Regex -- Replace Underscore with a Space

Activerecord Association Select Counts for Included Records

Vagrant Install Plugin from Github

How to Sort a Ruby Array of Strings by Length

Ruby: Divisible by 4

Rails: Path of File

Ruby Gems in Stand-Alone Ruby Scripts

Can't Add Sources with Gem

How to Find Best Matching Element in Array of Numbers

Ruby on Rails 4 - What Authentication Gem to Use

How to Dynamically Call Accessor Methods in Ruby

Custom Rails Configuration Section


Leave a reply



Submit