Codebase list ruby-omniauth-facebook / abd3f72
update docs and example app for client-side flow Mark Dodwell 12 years ago
2 changed file(s) with 73 addition(s) and 2 deletion(s). Raw diff Collapse all Expand all
+9
-1
README.md less more
11
22 This gem contains the Facebook strategy for OmniAuth 1.0.
33
4 Supports the OAuth 2.0 server-side flow. Read the Facebook docs for more details: http://developers.facebook.com/docs/authentication
4 Supports the OAuth 2.0 server-side and client-side flows. Read the Facebook docs for more details: http://developers.facebook.com/docs/authentication
55
66 ## Installing
77
2424 provider :facebook, ENV['FACEBOOK_KEY'], ENV['FACEBOOK_SECRET']
2525 end
2626 ```
27
28 See a full example of both server and client-side flows in the example Sinatra app in the `example/` folder above.
2729
2830 ## Configuring
2931
8789
8890 The precise information available may depend on the permissions which you request.
8991
92 ## Client-side Flow
93
94 The client-side flow supports parsing the authorization code from the signed request which Facebook puts into a cookie. This means you can to use the Facebook Javascript SDK as you would normally, and you just hit the callback endpoint (`/auth/facebook/callback` by default) once the user has authenticated in the `FB.login` success callback.
95
96 See the example Sinatra app under `example/` for more details.
97
9098 ## Supported Rubies
9199
92100 Actively tested with the following Ruby versions:
+64
-1
example/config.ru less more
11 require 'sinatra/base'
22 require 'omniauth-facebook'
33
4 SCOPE = 'email,read_stream'
5
46 class App < Sinatra::Base
7 # server-side flow
58 get '/' do
9 # NOTE: you would just hit this endpoint directly from the browser
10 # in a real app. the redirect is just here to setup the root
11 # path in this example sinatra app.
612 redirect '/auth/facebook'
13 end
14
15 # client-side flow
16 get '/client-side' do
17 content_type 'text/html'
18 # NOTE: when you enable cookie below in the FB.init call
19 # the GET request in the FB.login callback will send
20 # a signed request in a cookie back the OmniAuth callback
21 # which will parse out the authorization code and obtain
22 # the access_token. This will be the exact same access_token
23 # returned to the client in response.authResponse.accessToken.
24 <<-END
25 <html>
26 <head>
27 <title>Client-side Flow Example</title>
28 <script src="https://ajax.googleapis.com/ajax/libs/jquery/1.7.0/jquery.min.js" type="text/javascript"></script>
29 </head>
30 <body>
31 <div id="fb-root"></div>
32
33 <script type="text/javascript">
34 window.fbAsyncInit = function() {
35 FB.init({
36 appId : '#{ENV['APP_ID']}',
37 status : true, // check login status
38 cookie : true, // enable cookies to allow the server to access the session
39 oauth : true, // enable OAuth 2.0
40 xfbml : true // parse XFBML
41 });
42 };
43
44 (function(d) {
45 var js, id = 'facebook-jssdk'; if (d.getElementById(id)) {return;}
46 js = d.createElement('script'); js.id = id; js.async = true;
47 js.src = "//connect.facebook.net/en_US/all.js";
48 d.getElementsByTagName('head')[0].appendChild(js);
49 }(document));
50
51 $(function() {
52 $('a').click(function(e) {
53 e.preventDefault();
54
55 FB.login(function(response) {
56 if (response.authResponse) {
57 $.get('/auth/facebook/callback');
58 }
59 }, { scope: '#{SCOPE}' });
60 });
61 });
62 </script>
63
64 <p>
65 <a href="#">Connect to FB</a>
66 </p>
67 </body>
68 </html>
69 END
770 end
871
972 get '/auth/:provider/callback' do
2083 use Rack::Session::Cookie
2184
2285 use OmniAuth::Builder do
23 provider :facebook, ENV['APP_ID'], ENV['APP_SECRET'], :scope => 'email,read_stream', :display => 'popup'
86 provider :facebook, ENV['APP_ID'], ENV['APP_SECRET'], :scope => SCOPE
2487 end
2588
2689 run App.new