On our server-side authentication with Facebook we get a random and weird issue. Facebook calls the call back URL two times with the same code. This is only happening for some users and not on every login.
This is the flow we have implemented on our side: https://developers.facebook.com/…/manually-build-a-login-fl… . We have been using it since the beginning of 2013 and we haven't noticed any issues so far.
And this is the error we get when we are exchanging the code for an access token the second time.
{"error":{"message":"This authorization code has been used.","type":"OAuthException","code":100,"fbtrace_id":"traceID"}}
We tried to log this issue as a bug on https://developers.facebook.com/bugs but unfortunately it doesn't work.
It keeps showing unexpected error. Not to mention that i was unable to find the correct bug category.
Any idea on how we can fix this?
Thanks!
Could it be that users are clicking twice to process auth service? Try disabling the button before calling Facebook auth service
What language are you using?
I just had this problem in Ruby using Devise for Rails. I had created an omniauth.rb initializer file, and added a config line item in the devise.rb initializer file.
If you did this too, you can remove the omniauth.rb initializer file and you should be good to go!
Related
Trying to retrofit an old webforms application.
Got my configuration working so that it's prompting for login and successfully redirecting back to the application. The folks that manage the IP can see the response is generated.
However in the callback to my application the User is null. I'm told if it's configured correctly it should be populated.
We have a custom IHttpModule and that is where I can see getting hit with the call to /Saml2/Acs with the User not populated. I think this may be expected as the handler for that is supposed to populate the User, I think? However the following call (the returnUrl configured in sustainsys.Saml2) still has no User and I don't see any sort of error or anything.
Anyone with experience have an idea how to debug this?
The call to /Saml2/Acs should be taken care of by the Sustainsys.Saml2.HttpModule. It will process the response and then call the SessionAuthenticationModule to set a cookie that preservers the User across calls.
To get some more information about what's happening in the library, you can assign an implementation of ILoggerAdapter to Sustainsys.Saml2.Configuration.Options.FromConfiguration.SPOPtions.Logger to get some logging output from the library.
My issue turned out to be that I had another authentication module loaded before SessionAuthenticationModule and Saml2AuthenticationModule in the web config.
The comment in the example was
Add these modules below any existing. The SessionAuthenticatioModule
must be loaded before the Saml2AuthenticationModule
However in my case with I had another authentication module involved that needed to go last.
I'm trying to use my generated App Access Token with requests to the Graph API, but for some unknown reason it simply will not work. I always get the dreaded Invalid OAuth access token signature error.
Now, let me clarify: I'm pretty sure I know what I'm doing. I did get it to work with a different FB app. I used the /oauth/access_token call to generate the App Access Token, and I can use that Token successfully in further graph calls for that FB app.
But when I try it for my new FB application, it fails. This is the Rails snippet:
app_access_token = URI.escape(ENV["FACEBOOK_APP_ACCESS_TOKEN"])
url = "https://graph.facebook.com/debug_token?input_token=#{user_access_token}&access_token=#{app_access_token}"
response = HTTParty.get(url)
I've also tried not-encoding the token; as expected, it doesn't work (and shouldn't).
I've double- and triple-checked my App ID and App Secret, and re-ran the generation (via curl), and I think it's all correct and copy/pasted without error. The only possibly-notable difference between the generated token of my old app and that of my new one is that the latter has a hyphen in it. Is that relevant?
I am currently working around this by using <App ID>|<App Secret> in place of the generated token, but I'd really like to get back to doing it the right way.
Argh! It turns out that I had a few extra characters that somehow got attached to the end of my generated token!
I don't know how those got there, but that was the problem. Just dumb old human error.
EDIT: Oh my god, every Facebook developer should know this page:
https://developers.facebook.com/tools/accesstoken/
Why isn't that linked from the docs about the access token? It would have saved me so much time and probably prevented my mistake!
I am trying to access Soundcloud from a local HTML page on my laptop. I am stuck at the part of hosting "callback.html" as a redirect_uri. The script I am trying to run is the basic Authenication JavaScript from the Soundcloud documentation page:
<script src="http://connect.soundcloud.com/sdk.js"></script>
<script>
// initialize client with app credentials
SC.initialize({
client_id: 'my_client_id',
redirect_uri: 'http://127.0.0.1/Users/Maria/Documents/SoundcloudClient/callback.html'
});
// initiate auth popup
SC.connect(function() {
SC.get('/me', function(me) {
alert('Hello, ' + me.username);
});
});
</script>
This script gets me to the connect pop-up when I launch the page in Chrome and Firefox.
But, once I have logged in as a Soundcloud user, I get the following error:
Oops! Google Chrome could not connect to 127.0.0.1
If I change my redirect_uri to localhost I get the same error.
If I try:
files:///C:/Users/Maria/Documents/SoundcloudThinClient/callback.html
I get a similar error.
I also tried:
ocalhost:3000
and:
localhost:8080
even though I'm not sure what would be listening on those ports.
So, basically, I'm asking what path do I put for callback.html in order for this to work?
I confess I don't know how the redirct_uri actually functions. I looked at the Oauth pages for it, but I don't understand them. I am beginning to think that I can't simply create an HTML page, paste the JavaScript, create a callback.html file and have this work, even though the SC documentation seems to say that this is possible. If so, what steps am I missing?
I am beginning to attempt this. I believe you have to go to the developer site and sign up as having an app. The redirect uri is asked for and the form gives you an API key you can use in your app.
I'm using drupal so, perhaps adding the oath module and using Php to add the api key might work well.
I had the same problem and I think I solved it.
Morning-after-edit: I posted this dead-tired after working towards a solution through the night. Now, the day after, I realize that you were speaking about the general problem, whereof I face a very particular instance. The following only applies directly to registering soundcloudlabs' soundcloud-group-recorder: https://github.com/soundcloudlabs/soundcloud-group-recorder. There is probably a more general principle lurking behind there, though:
First: yes, you do have to register the app as your own at Soundcloud. At least I presumed so. And doing that, you must register correctly where on your server you will place the callback.html file. Take the ClientID assigned to your app and use that in the API intialize procedure.
Now, I'm a novice and know very little coding. But I started looking around in the main file, application.js.
At the top of the file there are two instances of client_id and redirect_uri each. I'm not sure if that serves a purpose or if one is technically superfluous. Through trial and error I found out that replacing the second instance of each with my own data worked.
Then there is groupId and groupUrl, both of which should contain your info, within quotation marks.
After a lot of trial and error, still having trouble getting the thing to run, I looked around and saw that, whereas early in the file, client_id was hooked within SC.initialize, redirect_uri was not. Under the line:
client_id: CLIENT_ID
I added:
redirect_uri: REDIRECT_URI
– with a customary comma in between. And that's it. It runs.
I've create an facebook app and it run smoothly at
https://apps.facebook.com/icoloringstar/
But the problem is: when I search my app name "icoloring star" in facebook, it link to the app at url:
https://apps.facebook.com/icoloringstar/?fb_source=search&ref=ts
Then facebook said that:
App "iColoring Star" is unavailable
The app "iColoring Star" is temporarily unavailable due to an issue with its third-party developer. We are investigating the situation and apologize for any inconvenience.
We found that url part "ref=ts" cause above problem, but really do not know why?
Could you explain me why and how to resolve this problem?
Thank you very much.
It sounds like your code is failing when the ref parameter is supplied in the request path.
I was able to repro this with any arbitrary value in the ref parameter when accessing your app
Check your server logs and and see if you're returning a 500 error to facebook when the request comes in
See if you have any code that parses a ref parameter and check it's not throwing exceptions
Make sure your callback URL in the app settings doesn't also specify a ref parameter or your app may receive two values and/or fail entirely
It means 'Top Search'. User enter a query into the top of search.
There are some ref parameters.. ref=bookmarks for example. I dont know the full list.
Did you put your app on Facebook App Center?
Well i started of by following all the instructions here:
http://code.google.com/p/xmppframework/wiki/FacebookChatHowTo
I used the recommended fork of the facebook api and tried the latest from:
https://github.com/facebook/facebook-ios-sdk/
My problem starts with the following error:
< failure xmlns="urn:ietf:params:xml:ns:xmpp-sasl">< not-authorized/></failure>
The error is a reply from facebook to xmppframework s response to a authentication challenge. The response that is made by the iphone is base64 encoded msg when i decode it i find 2 of the values are null:
api_key=(null)
and the
session_key=(null)
This is obviously the reason facebook is returning that error. But the problem i have is i cant seem to find any where to set these values in the framework. Besides i think the session_key should be pulled in from facebook anyway.
I guess what i want to know is a couple of things.
Has any one got the xmppframework working with facebook on a iDevice?
If you have got it working did you have to stray from the path of the instructions on http://code.google.com/p/xmppframework/wiki/FacebookChatHowTo ?
do you know of any other method to get facebook chat working on the iphone?
Any suggestions or help for my current dilemma would be appreciated. Happy to share my code if you want.
cheers
I wrote the Facebook integration for XMPPFramework. The api_key and session_key, come from a call to auth.PromoteSession. Facebook is trying to deprecate that call, so to enable it, you must follow step 7, in the HowTo:
Under Migrations, change Disable Deprecated Auth Methods from Enabled to Disabled and Save Changes.