Comments (8)
Last time I checked, Facebook was not compliant with OAuth 2 RFC. As a result they won't work with requests-oauthlib right now.
I believe they are using a modified version of draft 12 or so (very old) but will need to investigate a bit. I vaguely recollect them trying to patch on some additional security layer with mixed results. Because of this non compliance, and them being unlikely to change, we would need special case logic for Facebook. This can certainly be done and have some ideas for approaches. There is currently no ETA on when it might happen unfortunately.
@jayd3e If you would be interested in making this happen let me know :)
from requests-oauthlib.
I can certainly make this happen. What are your ideas? My first inclination was to just to attempt to decode the response body as JSON, but if that fails, then attempt to parse the string as a list of key/value pairs.
from requests-oauthlib.
Had a quick look and seems like Facebook is not so far off, just a bit.
What I had in mind was to gradually introduce hooks into OAuth2Session as a need arises, like now, and have provider specific inherit and implement those hooks. Maybe add process_token_response
just before the parse request body or something a long those lines, example below.
# in requests_oauthlib.oauth2_session.py
class OAuth2Session(requests.Session):
...
def fetch_token(...):
...
r = self.process_token_response(r)
self._client.parse_request_body_response(r.text, scope=self.scope)
...
...
def process_token_response(self, r):
"""Pre response parsing."""
# do stuff
return r
# in requests_oauthlib.contrib.facebook_session.py
class FacebookSession(OAuth2Session):
def process_token_response(self, r):
"""Pre response parsing."""
# token = parse body with oauthlib.common.urldecode
# change token param expires to expires_in
# add token_type='Bearer' to token
# set r.text = json.dumps(token)
return r
Of course this will need test & docs too =)
from requests-oauthlib.
Cool, yah this looks like an ok option. We might want to avoid using inheritance as an api though.
from requests-oauthlib.
@jayd3e yea I am a bit hesitant of using inheritance myself but didn't see a nice way to do it without having a lot of boiler plate since this is a relatively thin wrapper. Suggestions welcome :)
from requests-oauthlib.
An alternative I guess would be to register various hooks on the session object and have them invoked.
from requests-oauthlib.
Awesome fix @ib-lundgren, glad you did it, b/c I definitely wouldn't have done as good of a job. Excellent work.
from requests-oauthlib.
Cheers, I found a spot of time and just went ahead.
I'm certain you could and if not then that's what code review is for :)
Never hesitate to send a PR!
On Mon, Aug 12, 2013 at 8:32 PM, Joe Dallago [email protected]:
Awesome fix @ib-lundgren https://github.com/ib-lundgren, glad you did
it, b/c I definitely wouldn't have done as good of a job. Excellent fix.—
Reply to this email directly or view it on GitHubhttps://github.com//issues/63#issuecomment-22518879
.
from requests-oauthlib.
Related Issues (20)
- Requirements out of date HOT 2
- Hkş HOT 2
- Scope changes with Microsoft services & `offline_access`
- Question: Is this project maintained? HOT 1
- Compliance fix for tokens that never expire (e.g. Mailchimp)
- Redo request after token is updated
- Why is the backend client workflow asking for a code or a response url? HOT 1
- refresh token workflow HOT 1
- rsengun HOT 1
- How to test if LinkedIn token is still valid and re-use? HOT 2
- 1.3.2 release? HOT 3
- (insecure_transport) OAuth 2 MUST utilize https. HOT 4
- LinkedIn issue with multiple scopes HOT 1
- ImportError: No module named parse HOT 3
- Remove 2.7 from setup.py HOT 2
- Access tokens leaked in logs when using DEBUG level
- 1.4.0 claims to support Python 2.7 in PyPI but does not HOT 2
- Changelog suggests Python 3.4-3.6 is unsupported, but project metadata allows these versions
- Release template purposal HOT 2
- Issue refreshing Wix OAuth tokens - cannot send payload as JSON using `refresh_token_request` compliance hook HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from requests-oauthlib.