Facebook canvas app automatic login once authorized

Question

I'm using Rails 3.2 with the omniauth-facebook and koala gems to interact with facebook. Everything works smoothly as a standalone web page, but I have an issue with canvas.

When a user has already authorized the application and then visits or refreshes the canvas page (https://apps.facebook.com/my_app), they should be logged into my app automatically if they're logged into facebook. This is not happening, and they have to click the login button again.

I don't receive request.env['facebook.params'] or request.env['facebook.signed_request'] anywhere.

Where can I find the facebook.params or facebook.signed_request information, or how can I get info on which user is viewing the canvas app?

Answer 1

The solution was to include the JS SDK and then get the access_token with

@oauth = Koala::Facebook::OAuth.new(ENV["FACEBOOK_APP_ID"], ENV["FACEBOOK_APP_SECRET"], canvas_path)
@oauth.get_user_info_from_cookies(cookies)

As per https://github.com/arsduo/koala/blob/10595edae78d75f1e34b58cc7da16f0475f65a3e/readme.md

I included Facebook's javascript SDK in a coffeescript file:

# facebook.js.coffee.erb

jQuery ->
  $('body').prepend('<div id="fb-root"></div>')

  $.ajax
    url: "#{window.location.protocol}//connect.facebook.net/en_US/all.js"
    dataType: 'script'
    cache: true


window.fbAsyncInit = ->
  FB.init(appId: '<%= ENV["FACEBOOK_APP_ID"] %>', cookie: true)

  $('#fb-login').click (e) ->
    e.preventDefault()
    FB.login (response) ->
      window.location = '/auth/facebook/callback' if response.authResponse
    , scope: "email, publish_actions"

  $('#sign_out').click (e) ->
    FB.getLoginStatus (response) ->
      FB.logout() if response.authResponse
    true