social-auth-app-django facebook backend state with redirect_uri

杀马特。学长 韩版系。学妹 提交于 2021-01-27 12:24:42

问题


I know my question sounds like a duplicate, but I've looked everywhere without finding any solution.

I am working on implementing social logins for my django webapp. So far google, twitter and yahoo logins have worked as expected. But facebook always gives the error below:

URL blocked: This redirect failed because the redirect URI is not white-listed in the app's client OAuth settings. Make sure that the client and web OAuth logins are on and add all your app domains as valid OAuth redirect URIs.

After some digging I got to learn how to setup my facebook login properly: Facebook app settings below

App Domains set to domain.ext

Site URL set to https://www.domain.ext/

Valid OAuth Redirect URIs set to https://domain.ext/social/complete/facebook/

I also looked at the redirect url (shown below) and found that it contains a state variable, state=kMQH3TdKSdF8oYGGx7Xri4KgFaEQ9OyU. Full url below

https://www.facebook.com/v2.9/dialog/oauth?client_id=977674249054153&redirect_uri=https%3A%2F%2Fwww.domain.ext%2Fsocial%2Fcomplete%2Ffacebook%2F&state=kMQH3TdKSdF8oYGGx7Xri4KgFaEQ9OyU&return_scopes=true&scope=email%2Cpublic_profile

My facebook login url on my django app is {% url 'social:begin' 'facebook' %} and I have this 'social_core.backends.facebook.FacebookOAuth2' in AUTHENTICATION_BACKENDS

I searched and found there's such issue already on the social-core github page which has been resolved. It says that from v1.7.0, this line REDIRECT_STATE = False has been added to the facebook backend. I dug into the sourcecode and found that to be the case. But my app's url keep sending the state variable and I have no idea why that is the case. Please has someone else encountered this odd behaviour, and if yes how did you go about working it out?


回答1:


Have you tried django-allauth? I find it to be a much better solution. It takes care of third party provider integration for you with builtin support for many providers and custom providers.




回答2:


I've spent hours on this issue, but it turns out I only needed to do this Valid OAuth Redirect URIs set to https://www.domain.ext/social/complete/facebook/

Note the www.



来源:https://stackoverflow.com/questions/50363059/social-auth-app-django-facebook-backend-state-with-redirect-uri

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!