search

jnorthr / socialauth

Automatically exported from code.google.com/p/socialauth
0 stars 0 forks source link

Provider.verifyResponse() fails with Facebook (Facebook changes) #244

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago 
What steps will reproduce the problem?

                    Map<String, String> singleInstanceParams = org.brickred.socialauth.util.SocialAuthUtil.getRequestParametersMap(request)

                    AuthProvider provider = manager.connect(singleInstanceParams)
                    log.info "AuthProvider returned after connecting: ${provider.dump()}, tracking# =[$signup.tracking]"
                    Profile profile = null
                    try {
                        profile = provider.verifyResponse(singleInstanceParams)
                    }
                    catch(Exception ex2) {
                        log.error "Exception in SSO Provider callback while verifying response: $ex2", GrailsUtil.deepSanitize(ex2)
                    }

What is the expected output? What do you see instead?

Facebook returns this with a HTTP 400:

{
   "error": {
      "message": "This authorization code has been used.",
      "type": "OAuthException",
      "code": 100
   }
}

What version of the product are you using? On what operating system?
current SocialAuth version, JDK 1.6, CentOS 5.2

Please provide any additional information below.

On debugging the HTTPS data, Manager.connect() is already making the call to 
Facebook, so when provider.verifyResponse() is called with the same token, 
Facebook rejects it. This code used to work fine in December 2012, so it's 
reasonable to assume that FB is now more stringent in their checks. It's a 
simple fix to make in SocialAuth to prevent the 2nd check if it;s already done.

Original issue reported on code.google.com by supp...@blusynergy.com on 15 Jan 2013 at 5:58

GoogleCodeExporter commented 8 years ago 
I didn't get your point. 
Manager.connect() does nothing but call to provider.verifyResponse()

and I am not facing any issue running this.

Can you please elaborate the use case for this.

Regards
Tarun

Original comment by tarun.na...@3pillarglobal.com on 16 Jan 2013 at 3:21

GoogleCodeExporter commented 8 years ago 
Please let me know if you are still facing the same issue.

Regards
Tarun

Original comment by tarun.na...@3pillarglobal.com on 25 Jan 2013 at 11:30