Updae Facebook provider because they now return JSON for the access_token

bbangert / velruse

Simplifying third-party authentication for web applications.

http://packages.python.org/velruse/index.html

MIT License

252 stars 86 forks source link

Updae Facebook provider because they now return JSON for the access_token #157

Open antoineleclair opened 7 years ago

antoineleclair commented 7 years ago

From their changelog:

[Oauth Access Token] Format - The response format of https://www.facebook.com/v2.3/oauth/access_token returned when you exchange a code for an access_token now return valid JSON instead of being URL encoded. The new format of this response is {"access_token": {TOKEN}, "token_type":{TYPE}, "expires_in":{TIME}}. We made this update to be compliant with section 5.1 of RFC 6749.

Otherwise the Facebook provider is now broken since they stopped supporting the old way.

jenstroeger commented 6 years ago

@antoineleclair Hello, it’s been a while!

The above fix today caused the following:

  File "/…/velruse/providers/facebook.py", line 121, in callback
    access_token = r.json()['access_token']
KeyError: 'access_token'

Looking at the response body though, r.json() gives me a dictionary of the following form:

{
    'access_token': 'EA…ZD',
    'token_type': 'bearer',
    'expires_in': 5180555
}

Should 'bearer' not be 'Bearer' though? When I use the following code, oddly enough it works:

rbody = r.json()
access_token = rbody['access_token']

jenstroeger commented 6 years ago

Also, FB URL has changed to https://www.facebook.com/v3.0/dialog/oauth. References see here and here.