userAccessTokenParser: failed to parse

[tungd]

Hi, I bump into this issue trying authenticate using server-side login flow. Apparently my token only have "access_token" and "token_type", but now "expires_in". I also find an old issue here that's might be relevant: https://github.com/prowdsponsor/yesod-auth-fb/issues/5.

[psibi]

@tungd Can you give a sample reproducible code (preferable using Stack interpreter script) ?

[psibi]

Also what version of fb library are you using ?

[tungd]

Here you go (You will need app ID and secret though): https://gist.github.com/tungd/c3acfbd10e543a872c3caabe37245f3f

I'm using fb version 1.1.1, Stack resolver is lts-8.13

[psibi]

@tungd That code works for me. My guess is that you are using an old version of fb package. Can you change the second line of your program to this:

-- stack --resolver lts-8.13 --install-ghc runghc --package scotty --package fb-1.1.1

By the way, your program goes into infinite redirect loop. So I adjusted the code slightly (and also my callback urls are different):

#!/usr/bin/env stack
-- stack --resolver lts-8.13 --install-ghc runghc --package scotty --package fb-1.1.1
-- --package text --package http-client --package http-client-tls

{-# LANGUAGE OverloadedStrings #-}

import Control.Monad.Trans (lift)
import Control.Monad.Trans.Resource
import qualified Data.Text.Lazy as T
import Facebook
import Network.HTTP.Client
import Network.HTTP.Client.TLS
import Web.Scotty

main :: IO ()
main = do
  mgr <- newManager tlsManagerSettings

  scotty 3000 $ do
    get "/" $ do
      url <- runResourceT $ runFacebookT credentials mgr $ do
        getUserAccessTokenStep1 callbackUrl scopes
      redirect $ T.fromStrict url

    get "/auth/page/fb/proceed" $ do
      code <- param "code"
      lift $ print code
      token <- lift $ runResourceT $ runFacebookT credentials mgr $ do
        getUserAccessTokenStep2 callbackUrl [("code", code)]
      redirect "/home"

    get "/home" $ do
      html $ mconcat ["<h1>hello world </h1>"]

callbackUrl = "http://localhost:3000/auth/page/fb/proceed"

credentials = Credentials
  { appName = "xxx"
  , appId = "xxx"
  , appSecret = "xxx" }

scopes =
  [ "public_profile"
  , "email"
  , "manage_pages"
  ]

[tungd]

I'm using 1.1.1 already. The problem turns out to be app-specific, after I revoke the token and messing around with the app settings it now response with "expires_in" field. Here's two consecutive requests, one failed and the other success:

[psibi]

@tungd Thanks for digging in. It will take two or three days for me to come back to this issue. I would be willing to accept a PR, if possible. :)

[psibi]

@tungd Can i know how are you revoking the token ?

[tungd]

I revoke the token by going to "Settings -> Apps" and remove the app from "Logged in with Facebook", or you can use the logout link from API.

[psibi]

@tungd I need a more clear way of reproducing it (with each and explicit step, however trivial it may be). Righ now, if I revoke the token, all I get is this exception:

FacebookException {fbeType = "invalid_code", fbeMessage = "Code was invalid or expired. "}

[ptkato]

I'm also having this issue, however, revoking the token didn't work. Note that the token comes with a expires_in field:

userAccessTokenParser: failed to parse "{\"access_token\":\"EAAWWvaV5DiEBADZBeiq7k5OITDWVGsoyQ9lKjmMsmu8EkrbNag0qSZBBglpAZADOUhtBZBdhqrIC7zppXCTkOPtDhyG49IleXZC5K8MAdaPLb81ScVDVTs81HxJrT6VmuLD6aVhq4XjtOP4GCBL8zEbu5wj8zSbYZD\",\"token_type\":\"bearer\",\"expires_in\":5184000}"

[psibi]

If you can say the exact steps for me to reproduce, I will try fixing it once I get some time. Patches are also welcome!

On Sat, Jun 3, 2017, 9:41 AM Patrick Augusto notifications@github.com wrote:

I'm also having this issue, however, revoking the token didn't work. Note that the token comes with a expires_in field:

userAccessTokenParser: failed to parse "{\"access_token\":\"EAAWWvaV5DiEBADZBeiq7k5OITDWVGsoyQ9lKjmMsmu8EkrbNag0qSZBBglpAZADOUhtBZBdhqrIC7zppXCTkOPtDhyG49IleXZC5K8MAdaPLb81ScVDVTs81HxJrT6VmuLD6aVhq4XjtOP4GCBL8zEbu5wj8zSbYZD\",\"token_type\":\"bearer\",\"expires_in\":5184000}"

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/psibi/fb/issues/2#issuecomment-305947984, or mute the thread https://github.com/notifications/unsubscribe-auth/AAtAxWIGDFaEhnxG5i2VGp0lrABmdy-nks5sANQygaJpZM4NaCJj .

[ptkato]

@psibi, I was using fb-1.0.13 from LTS-6.26, updating to fb-1.1.1 seems to have solved the problem.

[mschristiansen]

Had same parse exception as @tungd (see below) and resolved it as suggested by revoking the app token under "Settings > Apps". Seems like FB doesn't send or set an "expires_in" for first time app authentication.

Could this possibly be resolved using a Maybe value? (Token is valid if Nothing or not expired.)

*** Exception: userAccessTokenParser: failed to parse Object (fromList [("access_token",String "EAAK973h7rloBAHzEIA4jPJhaouVwevQznWfHJxDjsCZBRSTYlzLG5Kp9p7SYP2yGMMdgXMNTTLNyjZCogiZAHiIOMHWagWwDobwkpWLw1kjqZAZB8T03SUdVsONBgxHDThZAPs69qTzcjmJUwPSWL9JnyRkcxz7anZAXipHDtRcKDwZDZD"),("token_type",String "bearer")])
CallStack (from HasCallStack):
  error, called at src/Facebook/Auth.hs:174:10 in fb-1.1.1-7ej63lhTaT1AEhB70lwQMP:Facebook.Auth

[mschristiansen]

Just created a new "Test" app from my existing app thinking I could reproduce the exception, but even though it is a "new" application it sends the expires_in field.

[psibi]

@mschristiansen Just to be sure, what fb version are you using ? Also can you give me the exact reproducible details for the issue.

[mschristiansen]

fb-1.1.1 as shown in exception above. It happens when following your example from the README and also using your code above.

I think it only happens when the Facebook app is new, which seems to fit with the other reports of this error, but I haven't been able to otherwise confirm it -- it didn't happen when I created a new "test" app.

[psibi]

@mschristiansen

I think it only happens when the Facebook app is new, which seems to fit with the other reports of this error,

Do you mean if I try creating a new app and then revoke the token and then try running the example code - I will be able to reproduce the bug ?

[mschristiansen]

Just tried with a new app and the bug didn't manifest. Can't say how to reproduce and no longer experiencing it. Will post again if I do.