image_url results in `API calls from the server require an appsecret_proof argument` error

[prognostikos]

We just upgraded to version 8.0.0 which added the access_token parameter to the image url. Now we're getting an error when trying to download an image:

{
   "error": {
      "message": "API calls from the server require an appsecret_proof argument",
      "type": "GraphMethodException",
      "code": 100,
      "fbtrace_id": "REDACTED"
   }
}

It looks to me like the image url also needs to include the appsecret_proof parameter as well. Would a PR to add this be accepted?

[simi]

@anklos @olivierjm @tupakapoor any idea? Isn't that related to some app specific setting?

[tupakapoor]

I’m not certain - I don’t recall seeing that in the docs nor did I receive that issue when pulling a profile picture. Will dig a little today and see if I can find anything/reproduce.

[simi]

@prognostikos is your problem gone when providing appsecret_proof?

[OlivierJM]

@anklos @OlivierJM @tupakapoor any idea? Isn't that related to some app specific setting?

We also upgraded to v8.0 and it works fine with the access_token, The case might for appsecret_proof might be specific for some apps. @tupakapoor let us know what you find.

[anklos]

@prognostikos can you please check if you have this setting turned on

[prognostikos]

@prognostikos is your problem gone when providing appsecret_proof?

Yes, it works if I include appsecret_proof in the image url.

[prognostikos]

@prognostikos can you please check if you have this setting turned on

We do have this setting on. So I guess this should be a configuration option if you folks want to include it. Let me know and I'll submit a PR.

[github-actions[bot]]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

[jamesbebbington]

Hey @prognostikos we also have the appsecret_proof option turned on, so would be very grateful to see a PR for support for it submitted.