0

We have been using servicestack as framework for web services, we also uses its SSO with FB, LinkedIn, GooglePlus features. We enable them like this

Plugins.Add(new AuthFeature(() => new AuthUserSession(), new IAuthProvider[] { new FacebookAuthProvider(appSettings), new GoogleOAuth2Provider(appSettings), new TwitterAuthProvider(appSettings), new LinkedInOAuth2Provider(appSettings)}

From 3/27 the FB SSO stops working on our site but the other SSO's like LinkedIn works fine. When I debug for facebook SSO, we are getting the Auth_Code from the FB back to our services, but I am assuming the server to server communication is failing while passing(code, secret). It is just an assumption made as the Auth_token is not set in session. If you came to know that FB updates something in OAuth process that ServiceStack not follows or anything like that, please provide me that info links.

I am wrong in my assumption "we are getting the Auth_Code from the FB back to our services, but I am assuming the server to server communication is failing while passing(code, secret). It is just an assumption made as the Auth_token is not set in session." Using the fiddler I am able to see the server-to-server communication for exchanging Auth_Code, Client_Secret with Access_Token. I see the Token response. After that I was taken back to my ReferralURL. In my Referral end point I am getting the Usersession.ProviderOAuthAccess, It has the Facebook provider but I don't see any Token information in it. This is really an interesting chase. Please help me with any other ideas to test.

I found added info: After getting the Access_Token froom FB, the immediate call is https://avatars.io/facebook/?size=medium initiated by service-stack.

https://github.com/ServiceStack/ServiceStack/blob/v4.0.50/src/ServiceStack/Auth/FacebookAuthProvider.cs

At line 73 of FacebookAuthProvider.cs it calls OnAuthenticated function whoch calls OnAuthenticated function at line 171

https://github.com/ServiceStack/ServiceStack/blob/v4.0.50/src/ServiceStack/Auth/CredentialsAuthProvider.cs

which calls the function SafeAddMetadata at line 177 of the file

https://github.com/ServiceStack/ServiceStack/blob/v4.0.50/src/ServiceStack/Auth/AuthMetadataProvider.cs

Finally triggers this: "http://avatars.io/facebook/{0}?size=medium".Fmt(tokens.UserName));

Which seems that the tokens.username is empty from my network flow. This issue is beyond my thinking. It used to work, just stopped suddenly not sure what happened, we even don't even upgrade servicestack or servicestack.OAuth packages.

anveshtummala
  • 432
  • 4
  • 11
  • 1
    Are you using the latest version of ServiceStack? If not does upgrading to the latest v4.5.8 of ServiceStack resolve the issue? – mythz Apr 18 '17 at 15:14
  • We are currently using the version 4.0.50. I have not tested with updating to latest version. When I try, I am having few issues with RedisManager, Session objects. I am very curious how the Servicestack is doing Server to server communication with FB for getting the Token by passing Code, Client_Secret. I keep trying the upgrade process. – anveshtummala Apr 18 '17 at 16:53
  • 1
    All that's in the implementation for the [FacebookAuthProvider](https://github.com/ServiceStack/ServiceStack/blob/master/src/ServiceStack/Auth/FacebookAuthProvider.cs) – mythz Apr 18 '17 at 16:57
  • That is cool. Love to see all of it in open source. I upgraded it to newer version, lol now I need to get license key for never version. – anveshtummala Apr 18 '17 at 17:18

0 Answers0