Django 2.0 allauth Facebook 2018

2
votes

I got Twitter and Google login with Django all-auth. Having issues with Facebook now. Tried every single combination between localhost/127.0.0.1/etc (also went extreme routes by changing my hosts to local.domain.com - even got an SSL thing going as Facebook apparently blocks http access (since March 2018).

Got this far... now I get this error Can anyone lead me into the right direction? I'm about to pull my hair out.

KeyError at /accounts/facebook/login/token/ 'access_token' Request Method:    POST Request

URL: https://localhost:8000/accounts/facebook/login/token/ Django Version: 2.0.3 Exception Type: KeyError Exception Value:
'access_token'

{'error': {'code': 5,
           'fbtrace_id': 'Bs4PHOvc+rZ',
           'message': "This IP can't make requests for that application.",
           'type': 'OAuthException'}}

Addition details:

http://localhost:8000/accounts/facebook/login/callback

SOCIALACCOUNT_PROVIDERS = {
    'facebook': {
        'METHOD': 'js_sdk',
        'SCOPE': ['email', 'public_profile', 'user_friends'],
        'AUTH_PARAMS': {'auth_type': 'reauthenticate'},
        'INIT_PARAMS': {'cookie': True},
        'FIELDS': [
            'id',
            'email',
            'name',
            'first_name',
            'last_name',
            'verified',
            'locale',
            'timezone',
            'link',
            'gender',
            'updated_time',
        ],
        'LOCALE_FUNC': lambda request: 'en_GB',
        'EXCHANGE_TOKEN': True,
        'VERIFIED_EMAIL': False,
        'VERSION': 'v2.5',
    }
}
2
djangofacebookauthenticationdjango-allauthaccount
“This IP can't make requests for that application.” - sounds like you have input something into “Server IP Whitelist” in app dashboard, but it doesn’t match the IP you are trying to make your request from now. - CBroe

2 Answers

4
votes

Django 1.4.15, django-allauth 0.18.0, Facebook upgrade API v2.8
Since Mars 2018, Facebook sets "Use Strict Mode for Redirect URls" YES by default. My problem was in the Facebook App configuration, not in django-allauth.
Working again App settings:

Settings Basic
- App Domains: "AnySite.com"
- Privacy policy URL: "https://AnySite.com/myprivacy/"
- Website: "https://AnySite.com/"
Settings Advanced
- Server IP Whitelist: let it blank
- Domain Manager: let it blank

Facebook login Settings
Yes Client OAuth Login
Yes Web OAuth Login
Yes (new: forced) Use strict Mode for redicect URLs
Yes Embeded Browser OAuth Login
Yes Enforce HTTPS
Valid OAuth Redirect URLs: "https://AnySite.com/accounts/facebook/login/callback/" (mandatory)
Hope it helps.

1
votes

Update in case anyone else is struggling with this in 2020:

In facebook developers:

  1. create a test app from your main app
  2. settings -> basic, add localhost and 127.0.0.1 to app domains. set site url to https://localhost:8000
  3. Products -> facebook login -> settings. client, wen login enabled. Embedded Browser OAuth Login enabled. Add all of these into Valid OAuth Redirect URIs: https://127.0.0.1:8000/ https://127.0.0.1:8000/accounts/facebook/login/callback https://localhost:8000/ https://localhost:8000/accounts/facebook/login/callback

In django:

  1. pip install django-sslserver
  2. add sslserver to INSTALLED_APPS
  3. python manage.py runsslserver

In admin:

  1. Create 2 sites, https://127.0.0.1:8000/ and https://localhost:8000/
  2. Add a social application, facebook, add in your test app id and key. Register the 2 sites above into it.