Incorrect URL without an access token for facebook login using rauth

StackOverflow https://stackoverflow.com/questions/17266559

  •  01-06-2022
  •  | 
  •  

Question

I have the code from rauth site:

https://github.com/litl/rauth/blob/master/examples/facebook-cli.py

(The code can be found at the end of this post for reference)

running the program in the command line will open a firefox window and the following message is shown from facebook site:

Success
SECURITY WARNING: Please treat the URL above as you would your password and do not     share it with anyone.

when the facebook is logged in beforehand. Even if not logged in, the facebook login window opens up and after logging in using username/password the above message is shown in firefox window.

Now the URL generated in the address bar:

https://www.facebook.com/connect/blank.html#_=_

Which is obviously an incorrect one and it gives exception from the subsequent python code.

Now how can I debug what the problem is?

Thanks

PS:

from rauth.service import OAuth2Service

import re
import webbrowser

# Get a real consumer key & secret from:
# https://developers.facebook.com/apps

facebook = OAuth2Service(
    client_id='xxxxxxx',
    client_secret='yyyyyyy',
    name='facebook',
    authorize_url='https://graph.facebook.com/oauth/authorize',
    access_token_url='https://graph.facebook.com/oauth/access_token',
    base_url='https://graph.facebook.com/')

redirect_uri = 'https://www.facebook.com/connect/login_success.html'

params = {'scope': 'read_stream',
      'response_type': 'token',
      'redirect_uri': redirect_uri}

authorize_url = facebook.get_authorize_url(**params)

print 'Visit this URL in your browser: ' + authorize_url
webbrowser.open(authorize_url);

url_with_code = raw_input('Copy URL from your browser\'s address bar: ')
access_token = re.search('\#access_token=([^&]*)', url_with_code).group(1)
session = facebook.get_session(access_token)

user = session.get('me').json()

print 'currently logged in as: ' + user['link']
Was it helpful?

Solution

This is happening due to a change on Facebook's end that strips the URL of the access_token programmatically. It happens on a timer, before a human could conceivably copy it out of the URL bar. The example is broken but I don't have an immediate fix for you so I might suggest you take a look at the Flask application instead, which is a more practical demonstration of rauth anyway.

The relevant bit of JS you're fighting:

setTimeout(function() {window.history.replaceState && window.history.replaceState({}, "", "blank.html#_=_");},500);

OTHER TIPS

Not sure whether your q is still outstanding. I came up with a solution last year. But the code is in Powershell; therefore, it can only be used directly on Window machines. Run this script in Powershell and the stripped-out access token is printed out in the shell. Let me know whether it works on your end or not. Thx!

http://groups.yahoo.com/neo/groups/sas_academy/conversations/messages/591

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top