'RuntimeError in DeviseTokenAuth::OmniauthCallbacksController#omniauth_success' with omniauth-facebook

[ohayou-ikechan]

rails 5.0.3

gem 'devise'
gem 'devise_token_auth', :git => 'git://github.com/lynndylanhurley/devise_token_auth.git'
gem 'omniauth'
gem 'omniauth-facebook'

When I did "facebook login" with JS SDK(Client side flow), did callback below in "FB.login"

$.getJSON('/api/v1/auth/facebook/callback', function(json) {
console.log(json);
});

then I got below

'RuntimeError in DeviseTokenAuth::OmniauthCallbacksController#omniauth_success'

raised 'No resource_class found'

/devise_token_auth/omniauth_callbacks_controller.rb:109:in `resource_class'

Parameters:

{"provider"=>"facebook"}

Toggle session dump

_csrf_token: "B5dLxdaxxxxxxxxxxxxxxxxxxxxUkwxsdbV5ffLKUE2/9zStM="
flash: {"discard"=>[], "flashes"=>{"notice"=>"Signed in successfully."}}
omniauth.params: {"resource_class"=>"User"}
omniauth.state: "8ce127b72794xxxxxxxxxxxxxxxxxxxxec38501ed5d11baf"
session_id: "ca70xxxxxxxxxxxxxxxxxxxx0707d053"
warden.user.user.key: [[1], "$2a$11$fTN9xxxxxxxxxxxxxxQile"]

Toggle env dump

GATEWAY_INTERFACE: "CGI/1.1"
HTTP_ACCEPT: "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/;q=0.8"
HTTP_ACCEPT_ENCODING: "gzip, deflate, sdch, br"
HTTP_ACCEPT_LANGUAGE: "ja,en-US;q=0.8,en;q=0.6"
HTTP_CACHE_CONTROL: "max-age=0"
HTTP_VERSION: "HTTP/1.1"
ORIGINAL_SCRIPT_NAME: ""
REMOTE_ADDR: "::1"
REMOTE_HOST: "::1"
SERVER_NAME: "localhost"
SERVER_PROTOCOL: "HTTP/1.1"

[spemmons]

i get the same error occasionally... so far, i can't find any clues about how/why requests fail... 1 time in thousands fails... very odd

[yortz]

the same thing happens to me with a custom omniauth strategy (oauth2) and https://github.com/zquestz/omniauth-google-oauth2 actually not able to understand what is going on and why it is failing, not currently able to successfully get back to my API that is using devise_token_auth since it always complains about No resource_class found could be this related to oauth2 only strategies at this point? Any support on this would be highly appreciated... also I want to specify that I got a constant failure on my side instead of what is happening to @spemmons

[zachfeldman]

@yortz are you overriding the controllers? If so you may be able to see why no resource class is being found?

[yortz]

@zachfeldman thx for your quick reply, actually that is not the problem, I was trying with or without the override, but it looks like each and every time I got back to my api domain/api/auth/google/callback?params omniauth_params is an empty hash??? it looks like the resource_class is present in the session since I am able to debug via interactive console and check what is there e.g.

session["omniauth.params"]
=> {"namespace_name"=>"api", "resource_class"=>"User"}

so this is breaking the get_resource_from_auth_hash method that is setting the params from the request

    def omniauth_params
      if !defined?(@_omniauth_params)
        if request.env['omniauth.params'] && request.env['omniauth.params'].any?
          @_omniauth_params = request.env['omniauth.params']
        elsif session['dta.omniauth.params'] && session['dta.omniauth.params'].any?
          @_omniauth_params ||= session.delete('dta.omniauth.params')
          @_omniauth_params
        elsif params['omniauth_window_type']
          @_omniauth_params = params.slice('omniauth_window_type', 'auth_origin_url', 'resource_class', 'origin')
        else
          @_omniauth_params = {}
        end
      end
      @_omniauth_params

    end

since those are no matter what always nil ????

>> request.env['omniauth.params']
=> nil

Really not sure why...

[yortz]

Quick update, hoping that this could save some other people time, for me with a custom oauth2 provider the workaround to fix this error was to define the redirect_uri for my provider as the default omniauth one e.g. redirect_uri: '#{ENV["REQUEST_DOMAIN"]}/omniauth/idplus/callback'