search

jaredhanson / passport-facebook

Facebook authentication strategy for Passport and Node.js.
https://www.passportjs.org/packages/passport-facebook/?utm_source=github&utm_medium=referral&utm_campaign=passport-facebook&utm_content=about
MIT License
1.3k stars 446 forks source link

Enabling "require app secret/app secret proof" breaks passport-facebook strategy #223

Closed tetreault closed 7 years ago

tetreault commented 7 years ago

Using this: 

// fb 
    passport.use(new FacebookStrategy({
      clientID: config.facebook.app_id, 
      clientSecret: config.facebook.app_secret,
      callbackURL: config.facebook.callback_url.dev
    }, (token, refreshToken, profile, done) => {
      process.nextTick(() => {
        return done(null, profile);
      });
    }));

Can confirm the strategy works as expected w/o requiring app secret or app secret proof for api calls. When I enable that in the facebook app dashboard, however, the passport strategy throws a generic error. Facebook doc reference

Any insights on this?