redirect_uri error in oauth for facebook django app

4
votes

I am having a problem getting an access token from Facebook for a Django app I am trying to write. I have a view set up as follows.

from django.http import HttpResponse, HttpResponseRedirect
from django.template import Context, loader
import urllib, json, sys

APP_ID = 'DDDDDDDDDDDDDDD'
APP_SECRET = 'SSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSS'
MY_URL = 'http://pckandap.com'

def fbauth(request):
    template = loader.get_template('fbauth.html')

    code = request.GET.get('code')
    if code is None:
        redirect_url = 'https://www.facebook.com/dialog/oauth?client_id='+APP_ID+'&redirect_uri='+MY_URL+'&state=pk1&scope=user_likes'
        return HttpResponseRedirect(redirect_url)
    else:
        access_token = urllib.urlopen('https://graph.facebook.com/oauth/access_token?client_id='+APP_ID+'&redirect_uri='+MY_URL+'&client_secret='+APP_SECRET+'&code='+code)
        context = Context({
            'code_url' : 'https://www.facebook.com/dialog/oauth?client_id='+APP_ID+'&redirect_uri=http://test.com'+'&state=pk1&scope=user_likes',
            'token_url' : 'https://graph.facebook.com/oauth/access_token?client_id='+APP_ID+'&redirect_uri='+MY_URL+'&client_secret='+APP_SECRET+'&code='+code,
            'access_token' : access_token.read()
        })
    return HttpResponse(template.render(context))

In my template which dumps those three variables I get the following:
code_url : https://www.facebook.com/dialog/oauth?client_id=258585004264349&redirect_uri=http://pckandap.com&state=pk1&scope=user_likes
token_url : https://graph.facebook.com/oauth/access_token?client_id=258585004264349&redirect_uri=http://pckandap.com&client_secret=0916bad6925f0df7719218bef87b9576&code=AQDiSPeG4wGLSPKLxy2P1gPWv6se46PN_-CPbUeB3ruZKmvPM7enVHc7yiiLe6goFZwG7quOokNGLY6ktOi32VX0SB5lqjbe-kvT_hxhwIYV3VkJklOpFysSWAWrCnOu5w0pYVIC5GAIpOE7QUVzq3GMf-u6W096zn_4h7X9ODjHo1qGdxUTf9KxCpDXJLzRib2YtZfpR2-RZj0tmAXoN139
access_token : {"error":{"message":"Error validating verification code. Please make sure your redirect_uri is identical to the one you used in the OAuth dialog request","type":"OAuthException","code":100}}

2
djangofacebookoauth
similar issue with facebook auth stackoverflow.com/questions/16562602/…Adam Mendoza
Did you really just post your full client id and client secret?!Dan Johnson

2 Answers

10
votes

Found out the redirect_uri needs a trailing slash. The following now works.

from django.http import HttpResponse, HttpResponseRedirect
from django.template import Context, loader
import urllib, json, sys, cgi

APP_ID = 'DDDDDDDDDDDDDDD'
APP_SECRET = 'SSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSS'
MY_URL = 'http://pckandap.com/'

def fbauth(request):
    code = request.GET.get('code')
    if code is None:
        args = dict(client_id=APP_ID, redirect_uri=MY_URL, scope="user_likes,friends_likes")
        redirect_url = "https://graph.facebook.com/oauth/authorize?" + urllib.urlencode(args)
        return HttpResponseRedirect(redirect_url)
    else:
        args = dict(client_id=APP_ID, redirect_uri=MY_URL)
        args["client_secret"] = APP_SECRET  
        args["code"] = code
        token_url = "https://graph.facebook.com/oauth/access_token?"+urllib.urlencode(args)
        request.session['access_token'] = urllib.urlopen(token_url).read()[13:-1]
        return HttpResponseRedirect('/dash/likes')
1
votes

Is is feasible for you to use an existing module (django-social-auth) for facebook logins?

If not, I would start by changing the logic of your if loop as it is failing open. Change it around as so:

code = request.GET.get('code', None)

if code is not None:
    access_token = urllib.urlopen...
else:
    redirect_url = ...

In your context['code_url'] you have redirect_uri=http://test.com, should that be replaced with something different?