Login/Register
Ruby on Rails Omniauth facebook doesn't return email
Asked Answered
Solved ruby-on-railsfacebookdeviseomniauth-facebook
A

5

7

I have been trying for days to setup my Omniauth for facebook I don't know what am I doing wrong.

I am not able to get the email of the user. The returned hash only contains the "name" and the "uid" not even "first_name" and "last_name"

devise.rb:

  config.omniauth :facebook, "KEY", "SECRET"

omniauth_callbacks_controller.rb:

class OmniauthCallbacksController < Devise::OmniauthCallbacksController
  def facebook
    logger.info request.env["omniauth.auth"]
    @user = User.from_omniauth(request.env["omniauth.auth"])
    sign_in_and_redirect @user
  end
end

user.rb:

class User < ActiveRecord::Base
# Include default devise modules. Others available are:
# :confirmable, :lockable, :timeoutable and :omniauthable
devise :database_authenticatable, :registerable,
       :recoverable, :rememberable, :trackable, :validatable,
       :omniauthable, :omniauth_providers => [:facebook]

has_many :authentications

def self.from_omniauth(auth)
  logger.info auth
  user = where(email: auth.info.email).first
  if(user != nil)
    user.authentications.where(provider: auth.provider, uid: auth.uid).first_or_create do |l|
      user.authentications.create!(user_id: user.id,
                                  provider: auth.provider,
                                  uid: auth.uid)
    end
  else
    user = User.create!(email: auth.info.email,
                       password: Devise.friendly_token[0,20],
                       first_name: auth.info.first_name,
                       last_name: auth.info.last_name)
    user.authentications.create!(user_id: user.id,
                                provider: auth.provider,
                                uid: auth.uid)
  end
  user
end
end

registrations_controller.rb:

class RegistrationsController < Devise::RegistrationsController

  private

  def sign_up_params
    params.require(:user).permit(:first_name, :last_name, :email, :password, :password_confirmation)
  end

  def account_update_params
    params.require(:user).permit(:first_name, :last_name, :email, :password, :password_confirmation, :current_password)
  end
end

routes.rb:

  devise_for :users, :controllers => { registrations: 'registrations', omniauth_callbacks: 'omniauth_callbacks' }

Returned hash:

#<OmniAuth::AuthHash credentials=#<OmniAuth::AuthHash expires=true expires_at=1444504014 token="TOKEN">
extra=#<OmniAuth::AuthHash raw_info=#<OmniAuth::AuthHash id="1506781179612589" name="Ayman Salah">> info=#
<OmniAuth::AuthHash::InfoHash image="http://graph.facebook.com/1506781179612589/picture" name="Ayman Salah"> provider="facebook" uid="1506781179612589">
Ambrogio answered 12/8, 2015 at 1:19 Comment(0)
A
7

I only got to retrieve the email by adding this in devise.rb:

  config.omniauth :facebook, "KEY", "SECRET", scope: 'email', info_fields: 'email, name'
Ambrogio answered 12/8, 2015 at 20:12 Comment(1)
Facebook now allows users to not share their email address when using oauth login. This will create an exception because Devise requires email address in the user model.Boren
S
10

Make sure you don't put spaces in the info-field request (another answer probably typo'ed this).

You need to specifically ask for email to be returned from the info field hash as it isn't by default.

If you're using Omniauth-Facebook without Devise, set this up in your config/initializers/omniauth.rb file like so: 

Rails.application.config.middleware.use OmniAuth::Builder do
  provider :facebook, Rails.application.secrets.omniauth_provider_key, Rails.application.secrets.omniauth_provider_secret,
  :scope => 'email', :display => 'popup', :info_fields => 'name,email'
end

This info is kind of hidden at the very end of the Configuring section on the omniauth-facebook gem's GitHub readme.

With Devise plus Omniauth, however, you set it in config/initializers/devise.rb like so (no spaces in the string!):

config.omniauth :facebook, 'app_id', 'app_secret',  scope: 'email', info_fields: 'name,email'
Strohbehn answered 21/9, 2015 at 23:43 Comment(2)
Thanks a lot for your answer. But I want to let you know that I have it with spaces as in my answer and it is working fine.Ambrogio
That's great to know!Strohbehn
A
7

I only got to retrieve the email by adding this in devise.rb:

  config.omniauth :facebook, "KEY", "SECRET", scope: 'email', info_fields: 'email, name'
Ambrogio answered 12/8, 2015 at 20:12 Comment(1)
Facebook now allows users to not share their email address when using oauth login. This will create an exception because Devise requires email address in the user model.Boren
E
5

I had the same problem. I made it work updating omniauth and omniauth-facebook gems.

Envenom answered 6/10, 2015 at 13:44 Comment(0)
P
2

You need to request the permissions. For example, to request email, user_birthday and read_stream permissions and display the authentication page in a popup window:

Rails.application.config.middleware.use OmniAuth::Builder do
  provider :facebook, ENV['FACEBOOK_KEY'], ENV['FACEBOOK_SECRET'],
       :scope => 'email,user_birthday,read_stream', :display => 'popup'
end

Please check this Omniauth-facebook if you have any doubts.

Pocahontas answered 12/8, 2015 at 5:0 Comment(5)
Where should that be? I have tried adding , :scope { "email" } in devise.rb but it had absolutely no effect.Ambrogio
I have just checked the link. I don't know if I have that file. I will check it out as soon as I reach my pc and I'll let you know if I had any success. Thanks.Ambrogio
I am getting this error now "Could not authenticate you from Facebook because "Csrf detected"." after adding the initializers/omniauth.rb with the scope of email onlyAmbrogio
Okay I removed the omniauth part from devise.rb and now It's the same result my hash looks the same and doesn't have the emailAmbrogio
Please read through this blog. Please do as it says, it should solve your problem.Pocahontas
D
1

I had the same problem but it turns out it was a different issue, if you use a client side flow make sure to request the scopes you need on your client:

FB.login(function(response) {
  // hit API callback endpoint
}, {scope: 'email'});
Deplorable answered 9/5, 2017 at 21:19 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.