After going back and forth a bit with the developer and a user of Omniauth-Facebook I’ve narrowed down that the issue seems to start with Hotwire-Turbo doing something with the POST to the server as outlined here: CORS error on redirect? · Issue #356 · simi/omniauth-facebook · GitHub.
I just tried making a
data-turbo="false" div around the logic creating the post link, or the button that triggers the Facebook login. Once I comment out the hotwire-turbo JS package in application.js. Has anyone gotten OmniAuth, specifically Facebook login, to work? This was a proof of concept to test if I could use Rails for my use case. Turbo seems like it would allow it, but this is pretty breaking for me and I’m not sure how, or if there even is, a fix for this sadly.
My example repo: GitHub - firrae/devise-omniauth-facebook-CORS-error-example
To fully test that you would need a Facebook app with FB Auth turned on though.