Problems with OAuth 2 Gem
I have a rails project using https://github.com/intridea/oauth2. In my rails app I have the following code:
ApplicationController.rb
def facebook_client
OAuth2::Client.new(FacebookOauthCredentials::APP_ID, FacebookOauthCredentials::APP_SECRET, :site => 'https://graph.facebook.com')
end
FacebookController.rb
def facebook_session_create(poster, featured_item)
redirect_to facebook_client.web_server.authorize_url(:scope => 'publish_stream', :redirect_uri => "http://localhost:3000/facebook/facebook_callback")
end
def facebook_callback
if(params[:code])
begin
access_token = facebook_client.web_server.get_access_token(params[:code], :redirect_uri => "http://localhost:3000/facebook/facebook_callback")
access_token.post('/me/feed', "testing #{rand(1000)}")
rescue OAuth2::HTTPError => e
render :text => e.response.body
end
end
end
Every time I run this code I get this response:
{"error":{"type":"OAuthExcep开发者_Go百科tion","message":"Error validating verification code."}}
However, I use the sinatra app supplied in the OAuth2 gem's readme file, it works fine.
def client
OAuth2::Client.new(FacebookOauthCredentials::APP_ID, FacebookOauthCredentials::APP_SECRET, :site => 'https://graph.facebook.com')
end
get '/auth/facebook' do
redirect client.web_server.authorize_url(
:redirect_uri => redirect_uri,
:scope => 'publish_stream'
)
end
get '/auth/facebook/callback' do
access_token = client.web_server.get_access_token(params[:code], :redirect_uri => redirect_uri)
begin
user = JSON.parse(access_token.post('/me/feed', :message => "testing # {rand(10000)}"))
rescue Exception => e
return e.response.body
end
user.inspect
end
def redirect_uri
uri = URI.parse(request.url)
uri.path = '/auth/facebook/callback'
uri.query = nil
uri.to_s
end
I have tried reproducing the steps using irb, but I an http 400 error. I'm not sure if it's for the same reason as the rails app, or if it's because I'm doing a hybrid of console and web browser operation. Any suggestions would be greatly appreciated.
I found the answer to my problem on this page Facebook graph API - OAuth Token
I ran into the exact same problem but it turned out the issue is not the encoding of the redirect_uri parameter, or that I had a trailing slash or question mark it's simply that I passed in two different redirect urls (had not read the specification at that time).
The redirect_uri is only used as a redirect once (the first time) to redirect back to the relying party with the "code" token. The 2nd time, the redirect_uri is passed back to the auth server but this time it's not used as you'd expect (to redirect) rather it's used by the authentication server to verify the code. The server responds with the access_token.
You'll notice facebook documentation (which is terrible) says fetch "Exchange it for an access token by fetching .... "
In summary, I didn't have to encode or do anything special to the Uri, just pass in the same redirect_uri twice, and fetch the 2nd page to get the access_token inside.
I didn't copy my original code correctly and the redirect uri I was passing to get the code was different than the uri I was passing to get the access token. Facebook's API documentation is terrible :(
I had this problem/error but finally found a different solution (by comparing my Dev app settings which was working) to my prod app settings (which was generating this error).
I went to the advanced settings page for my app in the Facebook Developer app: https://developers.facebook.com/apps/YourAppID/advanced
Then I found the "Encrypted Access Token:" setting and turn it to "Enabled."
加载中,请稍侯......
精彩评论