I am working on an application using facebook and oauth. The application is inside the facebook canvas, and authentication is done on the server side. The application is executed with Ruby on Rails 3.2, using Koala to work with api (and mongodb as a backend, for what it's worth) and placed on the hero.
So, I am providing the heroku url as redirect_url for the callback. Because of what, the user exits the canvas after authentication, and I want him to stay inside. I read several topics about this that suggested that I redirect the url of the canvas using js after authentication is complete. I did this, but now it seems that my session token has never been set, and the user goes through the auth stream every time he tries to see a non-public page (which means that he loops on the welcome page, having an “invisible” exchange with facebook every time).
I really don't understand what I'm doing wrong here, so any help is appreciated. If you need more information, just ask.
Thank you for your time!
source
share