why OmniAuth::Strategies::Facebook::NoAuthorizationCodeError is not handled in omniauth on_failure callback?

https://stackoverflow.com/questions/11120051

15-06-2021
|

Question

I am using Omniauth for Rails 3.2.3 application.

I have configured the on_failure callback as show below.

OmniAuth.config.on_failure = Proc.new do |env|
  UsersController.action(:omniauth_failure).call(env)
end

This handles the error "OmniAuth::Strategies::CallbackError" but not "OmniAuth::Strategies::Facebook::NoAuthorizationCodeError".

How to handle this error?.Surly I can not use rescue_from as the error happens in Rack level.

Any ideas?

Thank you

No correct solution

OTHER TIPS

Ensure that your Facebook Application is not running in "Sandbox Mode"

I've run into the same issue.

By my humble investigation it seems to be a bug in the strategy implemented in the omniauth-facebook gem (and, at a quick glance in several others). This is a nice write-up on exception handling in omniauth. It says that

... OmniAuth strategies [...], if they encounter a problem, call the method fail! and pass in a symbol describing the problem like :invalid_credentials and the exception they encountered. The fail! method ends up calling OmniAuth.config.on_failure and passing in the Rack environment (after doing a few other things like sticking the exception into the environment...

The same can be inferred from an example the original authors kindly provided. In the source it's not emphasized and I haven't found it in the wiki docs, either (but I may have overlooked).

Many strategies, including omniauth-facebook, currently raises the exception which we cannot catch at app level anymore.

@soundar: I wish that it worked this way, as advertised.

@fastcatch: As you pointed out, the strategies are not handling these failure cases correctly.

@Jon Day: I had to patch the Rack App for 'omniauth-facebook' (1.4.0) in order to get the reporting that I needed:

require 'newrelic_rpm'

module OmniAuth
  class Builder < ::Rack::Builder

    def call_with_error_handling(env)
      begin
        call_without_error_handling(env)
      rescue OmniAuth::Strategies::Facebook::NoAuthorizationCodeError => error
        # Do whatever you'd like when rescuing.. I wanted to report to NewRelic.
        NewRelic::Agent.notice_error(error, env)
        env
      end
    end

    alias_method_chain :call, :error_handling

  end
end

I'm not proud of this code, but it is one way to gain control over that exception ;).

Licensed under: CC-BY-SA with attribution

Not affiliated with StackOverflow