Menu
I am following this tutorial on Spring Boot with OAuth: https://spring.io/guides/tutorials/spring-boot-oauth2/
In the 'click' app, I added:
security:
oauth2:
client:
clientId: 233668646673605
clientSecret: 33b17e044ee6a4fa383f46ec6e28ea1d
scope: email <------- ***** THIS IS WHAT I ADDED ***** ---------
accessTokenUri: https://graph.facebook.com/oauth/access_token
userAuthorizationUri: https://www.facebook.com/dialog/oauth
tokenName: oauth_token
authenticationScheme: query
clientAuthenticationScheme: form
resource:
userInfoUri: https://graph.facebook.com/me
logging:
level:
org.springframework.security: DEBUG
I used one of my test Facebook accounts and everything worked. The Principal object contained the email address. The credentials in the above-mentioned config file were part of the tutorial.
To test things out with my own OAuth registered app, I went to my regular account and created a Facebook developer account with an app that used the Facebook Login as a product.
I then placed my own clientId and clientSecret into the YAML file, repackaged the app and ran it.
The email address for the same test Facebook account was not received from Facebook.
Any ideas as to why the one in the tutorial worked and mine didn't?
Here is what my Facebook Login config looks like:
Any ideas?
Any help would be much appreciated!
Thanks!
968
You need get email explicitly as follows: var url = '/me? fields=name,email'; FB. api(url, function (response) { alert(response.name); alert(response.
Facebook work on the OAuth 2.0 protocol and most of the social providers like Facebook, Google, Microsoft, Linkedin are supporting OAuth 2.0. Refer to this article Getting Started with OAuth 2.0 to know about OAuth flow.
The service checks to see who you are on Facebook and creates a new account for you. When you sign into that service in the future, it sees that you're sign in with the same Facebook account and gives you access to your account. You don't need to set up a new account or anything—Facebook authenticates you instead.
Select Settings in the left side navigation panel and under Client OAuth Settings, enter your redirect URL in the Valid OAuth Redirect URIs field for successful authorization.
Ok, I FINALLY figured it out, so posting it here for whoever else may run into this. I couldn't find the answer so easily.
You wrote that tutorial before Facebook Graph API changed.
Now, just because you specify 'scope: email', it just allows you to get the email (after user approves). However, to actually get the email, you need to explicitely specify that in the URL itself. So, in the config above, this line would change (not the extra '?fields=email,name'):
userInfoUri: https://graph.facebook.com/me?fields=email,name
This is a change to the Facebook API as of version 2.4. It's at 2.8 as of this writing. See this link: https://developers.facebook.com/blog/post/2015/07/08/graph-api-v2.4/
(In particular, pay attention to what it says in the 3rd bullet, starting with 'Fewer default fields for faster performance..'
Hope this helps someone!
113
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With