Closed tt closed 7 years ago
Facebook allows a mean of securing Graph API requests by providing the appsecret_proof parameter.
appsecret_proof
Developers can (per app) toggle a setting to make this required for all requests. That breaks this library:
** (exit) an exception was raised: ** (CaseClauseError) no case clause matching: {:ok, %OAuth2.Response{body: %{"error" => %{"code" => 100, "fbtrace_id" => "...", "message" => "API calls from the server require an appsecret_proof argument", "type" => "GraphMethodException"}}, headers: [{"WWW-Authenticate", "OAuth \"Facebook Platform\" \"invalid_request\" \"API calls from the server require an appsecret_proof argument\""}, {"Access-Control-Allow-Origin", "*"}, {"Pragma", "no-cache"}, {"Cache-Control", "no-store"}, {"Expires", "Sat, 01 Jan 2000 00:00:00 GMT"}, {"Content-Type", "application/json"}, {"x-fb-trace-id", "..."}, {"x-fb-rev", "..."}, {"Vary", "Accept-Encoding"}, {"X-FB-Debug", "..."}, {"Date", "Sun, 20 Nov 2016 21:54:56 GMT"}, {"Transfer-Encoding", "chunked"}, {"Connection", "keep-alive"}], status_code: 400}} (ueberauth_facebook) lib/ueberauth/strategy/facebook.ex:141: Ueberauth.Strategy.Facebook.fetch_user/2 (ueberauth) lib/ueberauth/strategy.ex:299: Ueberauth.Strategy.run_callback/2 ...
There is no problem providing this parameter consistently so this pull request does that.
@tt could you resolve the conflicts please?
@doomspork, done.
Thank you @tt 👍
Facebook allows a mean of securing Graph API requests by providing the
appsecret_proof
parameter.Developers can (per app) toggle a setting to make this required for all requests. That breaks this library:
There is no problem providing this parameter consistently so this pull request does that.