4

I am referring tutorials to implement django social-auth, I hace successfully implemented it for Twitter and Google+ . But, in case of facebook , I am not seeing "Valid OAuth redirect URIs" which has to provided for facebook. I assume that the new developer console of facebook has this new field.

By leaving the field empty, I am still able to login but I am not getting relevent details from FB. It might be because of this "redirect URI".

enter image description here

I followed below tutorials

I guessed that "http://localhost:8000/oauth/complete/facebook/" could be the URI looking at google+ and twitter pattern but I am still not getting email ID of user.

Can someone please confirm the redirect URI that has been used by them for Facebook in their Django App

Shashank Vivek
  • 16,888
  • 8
  • 62
  • 104
  • If the redirect URI used in the login dialog call was not set in the app settings, you would not be able to login, it would show an error message directly in the dialog, and not let you proceed. – CBroe Jul 26 '17 at 07:44
  • @CBroe : I am able to login even when I dont provide redirect URI. Its required for google n twitter but not for FB. :( – Shashank Vivek Jul 26 '17 at 17:16
  • Ah, so you mean you do not explicitly provide it on your end, in your code. Well the socialauth component is probably able to generate that by itself. Then it is more likely a case of this, that it does not correctly ask for the fields you want, as is necessary since API v2.4, see https://stackoverflow.com/q/32584850/1427878 – CBroe Jul 26 '17 at 17:20

2 Answers2

1

The problem is that Django sends a redirect_state parameter which is not allowed by Facebook redirect URI policy.

Here's a simple solution:

  1. Create a new backend for Facebook OAuth that don't pass redirect_state:

    from social_core.backends.facebook import FacebookOAuth2

class CustomFacebookOauth(FacebookOAuth2):
    REDIRECT_STATE = False

  2. change social_core.backends.facebook.FacebookOAuth2 on your CustomFacebookOauth in AUTHENTICATION_BACKENDS of settings.py.

Stephen Rauch
  • 47,830
  • 31
  • 106
  • 135
XMAZA
  • 11
  • 2
0

After hours of headache I finally found out that it was

https://{your_website_name}/social-auth/complete/facebook/

e.g. https://www.instagram.com/social-auth/complete/facebook/

Note that https is made mandatory by facebook.

TheGeek
  • 23
  • 8