How to use the django-rest-framework-social-oauth2 with facebook Oauth2?

Question

I have read the documentation here: django-rest-framework-social-oauth2, but everything is very unclear to me (It's my first time working with this).

and by the end it shows some configuration of how to do the settings to use facebook Oauth2. And there's this information on the docs:

You can test these settings by running the following command :

curl -X POST -d “grant_type=convert_token&client_id=<client_id>&client_secret=<client_secret>&backend=facebook&token=<facebook_token>”  http://localhost:8000/auth/convert-token

This request returns the “access_token” that you should use on all HTTP requests with DRF. What is happening here is that we are converting a third-party access token (user_access_token) in an access token to use with your api and its clients (“access_token”). You should use this token on each and further communications between your system/application and your api to authenticate each request and avoid authenticating with FB every time.

Does it mean that with this endpoint I will be able to somehow "override" a sing up method creating a user on my application with the same user_access_token it has on facebook?

If this is right, by my understanding. After I get the FB.getLoginStatus response, I will be able to make calls on my own API endpoints referring to the logged user with his facebook user_acess_token (That also is the same on my system).

I guess I would also need to add social accounts tokens to user models?

Am I right?

Answer 1

I could test it with a test token from facebook and it behaves as I expected like I wrote in my question.