Flask facebook canvas app - 405 method not allowed

3
votes

I am fairly new to web development and Python, trying to make a facebook app using python flask. Found some code in this tutorial that I am using to get started: http://ryaneshea.com/facebook-authentication-for-flask-apps

The Facebook OAuth authentication is working, the first time a user uses the app they are asked to give the app their permissions. Afterwards they are supposed to be redirected to the applications index site. If the app is being used from within Facebook it then gives the message: "405 method not allowed". If the app is being used from outside of Facebook (from my apache web server) the redirection works.

When the app is used from outside of Facebook only GET requests are made, but when used from inside of Facebook this is the POST request that gives the 405 error: 

"POST /?fb_source=search&ref=br_tf HTTP/1.1""

Any suggestions on how to accept the POST requests from Facebook so the user can be redirected?

Here are the relevant parts of the code:

from flask import render_template, url_for, request, session, redirect

from flask_oauth import OAuth

oauth = OAuth()

facebook = oauth.remote_app('facebook',

                        base_url='https://graph.facebook.com/',
                        request_token_url=None,
                        access_token_url='/oauth/access_token',
                        authorize_url='https://www.facebook.com/dialog/oauth',
                        consumer_key=FACEBOOK_APP_ID,
                        consumer_secret=FACEBOOK_APP_SECRET,
                        request_token_params={'scope': 'email, '}
)

app = Flask(__name__)

@facebook.tokengetter
def get_facebook_token():
    return session.get('facebook_token')

def pop_login_session():
    session.pop('logged_in', None)
    session.pop('facebook_token', None)

@app.route("/")
def index():
    return render_template('index.html')

@app.route("/facebook_login")
def facebook_login():
    return facebook.authorize(callback=url_for('facebook_authorized',
                                               next=request.args.get('next'), _external=True))

@app.route("/facebook_authorized")
@facebook.authorized_handler
def facebook_authorized(resp):
    next_url = request.args.get('next') or url_for('index')
    if resp is None or 'access_token' not in resp:
        return redirect(next_url)

    session['logged_in'] = True
    session['facebook_token'] = (resp['access_token'], '')

    return redirect(next_url)
1
pythonfacebookapacheflask

1 Answers

3
votes

I fixed it by specifying both GET and POST methods for the appropriate routes. Had to restart apache to get it working.

This is the syntax:

@app.route("/facebook_authorized", methods=['GET', 'POST'])