How to use the django-rest-framework-social-oauth2 with facebook Oauth2? - McMap

About

How to use the django-rest-framework-social-oauth2 with facebook Oauth2?

Asked 2/5, 2016 at 23:44 Answered 5/5, 2016 at 23:45

Solved python django oauth-2.0 django-rest-framework python-social-auth

E

1

6

I have read the documentation here: django-rest-framework-social-oauth2, but everything is very unclear to me (It's my first time working with this).

and by the end it shows some configuration of how to do the settings to use facebook Oauth2. And there's this information on the docs:

You can test these settings by running the following command :
curl -X POST -d “grant_type=convert_token&client_id=<client_id>&client_secret=<client_secret>&backend=facebook&token=<facebook_token>”  http://localhost:8000/auth/convert-token
This request returns the “access_token” that you should use on all HTTP requests with DRF. What is happening here is that we are converting a third-party access token (user_access_token) in an access token to use with your api and its clients (“access_token”). You should use this token on each and further communications between your system/application and your api to authenticate each request and avoid authenticating with FB every time.

Does it mean that with this endpoint I will be able to somehow "override" a sing up method creating a user on my application with the same user_access_token it has on facebook?

If this is right, by my understanding. After I get the FB.getLoginStatus response, I will be able to make calls on my own API endpoints referring to the logged user with his facebook user_acess_token (That also is the same on my system).

I guess I would also need to add social accounts tokens to user models?

Am I right?

Ebneter answered 2/5, 2016 at 23:44 Comment(0)

E

3

I could test it with a test token from facebook and it behaves as I expected like I wrote in my question.

Ebneter answered 5/5, 2016 at 23:45 Comment(13)

How did you get the access token? I'm assuming cleint id and client secret is what we getting from fb after registering our app. Please help – Diarchy 19/7, 2016 at 10:13

@AjaySingh you can make a javascript request using the facebook documentation and it will give you an access_token to test your backend. And yes, the client_secret and the client_id are the ones you get after registering your app. – Ebneter 19/7, 2016 at 16:40

I wanted to use django-rest-framework-social-oauth2 for this, but it keeps on getting 404 as my project doesn't have any route to url "localhost:8000/auth/convert-token" Do I need to add something to my urls.py? – Diarchy 19/7, 2016 at 16:55

@AjaySingh checkout their github documentation. I openned two issues there with questions and somehow I explained my implementation. I don't know what is your case but here are the issues Issue 1 and Issue2 – Ebneter 19/7, 2016 at 17:15

@AjaySingh I don't know exactly how you are doing, but you have to set some configuration. Also, some endpoint answer 404 if you don't set the right playload on them. – Ebneter 19/7, 2016 at 17:17

I'm using same settings as github.com/PhilipGarnero/… and my curl call is curl -X POST -d "grant_type=convert_token&client_id=<client_id>&client_secret=<client_secret>&backend=facebook&token=<facebook_token>" localhost:8000/auth/convert-token which is throwing 404 – Diarchy 19/7, 2016 at 17:23

@AjaySingh Post a more detailed question and send me the link. I will see if I can help you if you show more information about your settings. Also post the full 404 error message. – Ebneter 19/7, 2016 at 17:33

this is all I've done.. added settings to my django application and calling this curl but resulting in 404 – Diarchy 19/7, 2016 at 19:4

I solved that issue. But now i'm getting : {"error":"invalid_request","error_description":"Invalid client_id parameter value."} i've copied my client id from fb developer consol only. Any idea why is that happening? – Diarchy 20/7, 2016 at 9:45

@AjaySingh These parameters (client_id and client_secret) are returned from your Application. On the instalation topic go to the step Now go to django admin and add a new Application. and your admin you defined these variables (client_id and secret). Copy them and send them on you request. – Ebneter 23/7, 2016 at 0:39

@AjaySingh You can also overwrite these endpoints and get these ids from your own code. If you study this code here you will see that you can overwrite the package endpoint. It's good because you won't ask to many information from your client app. Sorry it took me too long to answer you. Try to email me if you have any questions (email on my profile) – Ebneter 23/7, 2016 at 0:50

I've already integrated this library. It's working fine as of now. Thanks for your reply. Will surely mail you in case i need to customize it. Thanks :) – Diarchy 25/7, 2016 at 19:37

Wait so we are doing posts request from our app with our client_id and client_secret ? So anyone can see them ? – Prestissimo 19/1, 2021 at 19:55

Recommended topics

#Godot #Unity #Godot 4.X #Mongodb

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

© 2022 - 2024 — McMap. All rights reserved.