I'm building a Rails API and have successfully built a way for a user to authenticate using Omniauth Identity.
We simply post to auth/identity/callback from the client, passing in an auth_key and password.
The server then returns a doorkeeper token that the users then uses from then on to access the app and identify themselves.
This diagram illustrates this:
We'd now like to implement a Facebook login from the client, but are having trouble making it work, both theoretically and practically.
On a simple Rails App with Omniauth Identity, you'd simply call auth/facebook, but if we put a link from this in the client, it calls the server and the server then logs:
INFO -- omniauth: (facebook) Request phase initiated.
The app is set up correctly in Facebook with an ID and Secret, so perhaps the log-in prompt is getting returned to the server?
I'm getting confused though chaining the authentication. Any help gratefully appreciated!