Sometimes when I try to log-in or register with Facebook or Google it returns me an error AuthStateForbidden screen
But just refreshing the page or trying again after a while, it run correctly.
I've tried adding Google+ API in Google developers but is the same problem with Facebook.
Any idea?
Thanks in advance!
I had this issue for several times too. From the documentation we know that:
AuthStateForbidden - The state parameter returned by the server is not the one sent
class AuthStateForbidden(AuthException):
"""State parameter is incorrect."""
def __str__(self):
return 'Wrong state parameter given.'
I have searched for any kind of the solution or workaround with no result. Also I have tried to capture this exception somehow, but it is a tricky error. I don't know how to reproduce it.
I have searched python-social-auth's bug tracker for any presence of AuthStateForbidden, as I said - nothing. Moreover, at the moment there more than 50 unsolved issues. Anyways, it is possible to create a new one.
This error is raised here:
def validate_state(self):
"""Validate state value. Raises exception on error, returns state
value if valid."""
if not self.STATE_PARAMETER and not self.REDIRECT_STATE:
return None
state = self.get_session_state()
request_state = self.get_request_state()
if not request_state:
raise AuthMissingParameter(self, 'state')
elif not state:
raise AuthStateMissing(self, 'state')
elif not request_state == state:
raise AuthStateForbidden(self)
Called from here (facebook.py):
@handle_http_errors
def auth_complete(self, *args, **kwargs):
"""Completes loging process, must return user instance"""
self.process_error(self.data)
if not self.data.get('code'):
raise AuthMissingParameter(self, 'code')
state = self.validate_state()
And the state is created in OAuthAuth, which implements BaseAuth and is a parent of BaseOAuth, which is a parent of FacebookOAuth and so on... It almost imposible to follow this code.
I hope, that a guthub issue will do the trick in the future.
