search

ueberauth / ueberauth_facebook

Facebook OAuth2 Strategy for Überauth.
MIT License
77 stars 64 forks source link

API calls from the server require an appsecret_proof argument #15

Closed devilankur18 closed 7 years ago

devilankur18 commented 8 years ago

Error while using login. Seems need an extra token enforced by facebook graph apis

https://developers.facebook.com/docs/graph-api/securing-requests

[info] GET /auth/facebook/callback
[debug] Processing by SChat.AuthController.callback/2
  Parameters: %{"code" => "AQAxctwz8m9MPeMOYXzugx63Lcz_ow4VRrPztG3LpunvE5L0GRVfc-1BKJhyRPs3rSrsdFwegBRQSwJ4YiLLSvtyqW2mJLgZTtTGZticWfASqUVGXd6LFLdxAzuFuUiRXxgAZQiqZAaTW3Wcp6zPkBfPjKKCx9wzwsPKMiQbhLF1pshc6AqCGBvl-4kYHssWXGNjnIzwftfxnNGdvjJTRDWJ9gGtbpZpBWcJZ-HQwxzocHKrO-TahGapvJD54I4sJRhHdgt13mbLPT9a5sOu4ZPXk0ImFxccBfC_0mcdAK3NYQbKOoUImBDPsb_ebH4nzxV_siA4KfNLZw4qMauj-Q3R", "provider" => "facebook"}
  Pipelines: [:browser]
[info] Sent 500 in 1261ms
[error] #PID<0.621.0> running SChat.Endpoint terminated
Server: localhost:4000 (http)
Request: GET /auth/facebook/callback?code=AQAxctwz8m9MPeMOYXzugx63Lcz_ow4VRrPztG3LpunvE5L0GRVfc-1BKJhyRPs3rSrsdFwegBRQSwJ4YiLLSvtyqW2mJLgZTtTGZticWfASqUVGXd6LFLdxAzuFuUiRXxgAZQiqZAaTW3Wcp6zPkBfPjKKCx9wzwsPKMiQbhLF1pshc6AqCGBvl-4kYHssWXGNjnIzwftfxnNGdvjJTRDWJ9gGtbpZpBWcJZ-HQwxzocHKrO-TahGapvJD54I4sJRhHdgt13mbLPT9a5sOu4ZPXk0ImFxccBfC_0mcdAK3NYQbKOoUImBDPsb_ebH4nzxV_siA4KfNLZw4qMauj-Q3R
** (exit) an exception was raised:
    ** (CaseClauseError) no case clause matching: {:ok, %OAuth2.Response{body: %{"error" => %{"code" => 100, "fbtrace_id" => "DiYFdQdXoU/", "message" => "API calls from the server require an appsecret_proof argument", "type" => "GraphMethodException"}}, headers: [{"WWW-Authenticate", "OAuth \"Facebook Platform\" \"invalid_request\" \"API calls from the server require an appsecret_proof argument\""}, {"Access-Control-Allow-Origin", "*"}, {"Content-Type", "application/json"}, {"X-FB-Trace-ID", "DiYFdQdXoU/"}, {"X-FB-Rev", "2243920"}, {"Pragma", "no-cache"}, {"Cache-Control", "no-store"}, {"Expires", "Sat, 01 Jan 2000 00:00:00 GMT"}, {"X-FB-Debug", "XYGHwSYR8WhMN3De2MD74KDnfSTNXBrw4PxIm3zSJa/r/C0dAYqaj2Vv1sh3EDPHGsztlISlaxAg8eMqK5fPlQ=="}, {"Date", "Wed, 23 Mar 2016 11:52:20 GMT"}, {"Connection", "keep-alive"}, {"Content-Length", "154"}], status_code: 400}}
        (ueberauth_facebook) lib/ueberauth/strategy/facebook.ex:137: Ueberauth.Strategy.Facebook.fetch_user/2
        (ueberauth) lib/ueberauth/strategy.ex:299: Ueberauth.Strategy.run_callback/2
        (s_chat) web/controllers/auth_controller.ex:1: SChat.AuthController.phoenix_controller_pipeline/2
        (s_chat) lib/phoenix/router.ex:261: SChat.Router.dispatch/2
        (s_chat) web/router.ex:1: SChat.Router.do_call/2
        (s_chat) lib/s_chat/endpoint.ex:1: SChat.Endpoint.phoenix_pipeline/1
        (s_chat) lib/plug/debugger.ex:93: SChat.Endpoint."call (overridable 3)"/2
        (s_chat) lib/phoenix/endpoint/render_errors.ex:34: SChat.Endpoint.call/2
        (plug) lib/plug/adapters/cowboy/handler.ex:15: Plug.Adapters.Cowboy.Handler.upgrade/4
        (cowboy) src/cowboy_protocol.erl:442: :cowboy_protocol.execute/4
devilankur18 commented 8 years ago

Temporary Solution: Turn off Require App Secret in facebook app advance settings.

doomspork commented 8 years ago

@devilankur18 PRs are welcomed. If you want to add support for this, please do 👍

aphillipo commented 7 years ago

It looks as though this can be closed if you guys do a release from master? 0.7?

doomspork commented 7 years ago

Thanks @aphillipo! I'm planning to do a release today or tomorrow, busy with work ☹️

willykaram commented 7 years ago

@aphillipo thanks for making that release suggestion.

@doomspork thanks for doing the 0.7.0 release. I just wanted to confirm that the issue is resolved with the 0.7.0 release. I'm writing and updated authentical guide for Phx 1.3, and test this to see that it's working. I think this issue could be closed.

doomspork commented 7 years ago

@willykaram thanks! 👍