weixin_39981360
weixin_39981360
2020-11-24 14:26

Invalid OAuth access token.

Hi Philip, i'm trying to test your framework in order to create social app authentication in my APIs. After: curl -X POST -d "grant_type=convert_token&client_id=oQLj8tAr8QbbDw1uxC3AAmoSaIEL6IoO6ACSw9SS&client_secret=gDg2jwmQwRn33Oye8W5cB5nNRv9gCQCKN8fuIewilX6jIohQFS30F0zJclyLxOUPUnodP0jcgTxY6m1Rnjzvbek5fef3HCEMN9IJazkkM15MCkVzvwy36MBIEhvtNleT&backend=facebook&token=0647a7a063cd58d79038a57786fe4a57" http://localhost:8000/api/social/convert-token

I receive back the response: {"error_description": "Backend responded with HTTP400: {\"error\":{\"message\":\"Invalid OAuth access token.\",\"type\":\"OAuthException\",\"code\":190,\"fbtrace_id\":\"Fs2FhofZ8T4\"}}.", "error": "invalid_request"}

I get client_id and client_secret from admin panel. Where do I have to get the token? I tried all alternatives: client_token from dashboard and even from https://developers.facebook.com/tools/accesstoken/

This is my facebook settings code:

*** Auth Social Login **

Facebook configuration

SOCIAL_AUTH_FACEBOOK_KEY = '926874140727083' #App ID SOCIAL_AUTH_FACEBOOK_SECRET = '34c940f05f8d62b8f34e32f12ca4ff92' #App Secret SOCIAL_AUTH_FACEBOOK_TOKEN = '0647a7a063cd58d79038a57786fe4a57'

Define SOCIAL_AUTH_FACEBOOK_SCOPE to get extra permissions from facebook. Email is not sent by default, to get it, you must request the email permission:

SOCIAL_AUTH_FACEBOOK_APP_NAMESPACE = 'areaoperatoriacc'

SOCIAL_AUTH_FACEBOOK_SCOPE = ['email']

*** *** **

该提问来源于开源项目:RealmTeam/django-rest-framework-social-oauth2

  • 点赞
  • 写回答
  • 关注问题
  • 收藏
  • 复制链接分享
  • 邀请回答

6条回答

  • weixin_39981360 weixin_39981360 4月前

    Well I got to receive: { "refresh_token": "9hcs4X8KOnl7M6CoSYVJjZ1RWirMA2", "access_token": "p6XsgIuRpx45TdorRdc77PTDxQwMeA", "expires_in": 36000, "token_type": "Bearer", "scope": "write read" } but I receive it even if I comment SOCIAL_AUTH_FACEBOOK_KEY and other parameters in settings.py!!! The only truly mandatory is SOCIAL_AUTH_FACEBOOK_SECRET

    Other issue: Have I to use App Token or User Token shown in https://developers.facebook.com/tools/accesstoken/ page??? It works only with User Token!

    点赞 评论 复制链接分享
  • weixin_39999532 weixin_39999532 4月前

    You don't need SOCIAL_AUTH_FACEBOOK_TOKEN in your settings.py. You are using a wrong token, that is why it isn't working. The token you are looking for is way longer and given by facebook when you authenticate on a client app (for example an iOS app or Js web app). You need to use the access token shown in User Token on the https://developers.facebook.com/tools/accesstoken page.

    Do you have any more questions ?

    点赞 评论 复制链接分享
  • weixin_39981360 weixin_39981360 4月前

    Yes, probably because of my bad understanding of english language, sorry: 1) Definitively, WHERE do I find SOCIAL_AUTH_FACEBOOK_KEY = 'xxxxxxxx' #App ID SOCIAL_AUTH_FACEBOOK_SECRET = 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx' #App Secret values to populate settings.py variables?

    2) When and where I have to use 'Application' Model values in the registration/login process? When Facebook Dashboard values?

    Thank you so much!

    点赞 评论 复制链接分享
  • weixin_39999532 weixin_39999532 4月前

    1) You find these values on your facebook application dashboard. Normally, the app ID is shown and you have to enter a passwird to display the app secret. 2) You need to create an application model as shown in the readme and use its values when authenticating. Basically, you have to copy client_id and client secret. The token is given by facebook and you can get the test token shown under User Token on the https://developers.facebook.com/tools/accesstoken page.

    点赞 评论 复制链接分享
  • weixin_39981360 weixin_39981360 4月前

    Only last few questions: 1) I'm writing an application BE, to let Android, WP and iOS devices register, login and so on through Facebook, Twitter and Google accounts. Does your package manage these features automatically?

    2) Where can I find the list of parameters needed by HTTP services in your package?

    3) Where(if they exist) can I find examples?

    Thanks again!

    点赞 评论 复制链接分享
  • weixin_39999532 weixin_39999532 4月前

    1) It does not handle all of this automatically but it helps a lot. 2) Everything is in the readme. You should be able to setup everything based solely on the readme. 3) There is the facebook example on the readme. I don't have examples of clients you'll have to do the research yourself but I believe it is fairly simple.

    点赞 评论 复制链接分享

为你推荐