I’ve got a Django template that initiates the Facebook OAuth process by doing:
window.location='https://www.facebook.com/dialog/oauth?client_id=MY_CLIENT_ID&redirect_uri=http%3A//localhost%3A8000/fbpanel/explore-python'
Then, in my Django view, I get the resulting code as follows:
import cgi
import urllib
# [...]
code = request.GET['code']
args = {
'client_id': MY_CLIENT_ID,
'redirect_uri': 'http://localhost:8000/fbpanel/explore_python'
'client_secret': MY_CLIENT_SECRET,
'code': code,
}
url = 'https://graph.facebook.com/oauth/access_token?' + \
urllib.urlencode(args)
raw_response = urllib.urlopen(url).read()
response = cgi.parse_qs(raw_response)
if response:
error = ''
if response['access_token']:
access_token = response['access_token'][0]
if response['expires']:
expires = response['expires'][0]
else:
access_token = 'No access token returned'
expires = 'No expiration given'
error = raw_response
Invariably, response is None and raw_response contains Error: {"error":{"message":"Error validating verification code.","type":"OAuthException"}}
The same credentials validate fine with the JavaScript SDK. I was binding my server to localhost in that case too, and have localhost:8000 set in my official app domain. Before I did that, the JavaScript wouldn’t work. After, it did. So I don’t think localhost is the issue.
I’ve manually stepped through the code, printing the code returned by FB out,
then manually running the above code line by line in the python interpreter, and
I can’t see anything I’m doing wrong. What are my next debugging steps? The FB
documentation offers little guidance if you receive an OAuthException.
The value used for
redirect_urimust be exactly the same when you request the token as it was when you requested the code. Since no actual redirect occurs when requesting the token, it can be easy to miss small differences. The error message is not particularly descriptive in this case; what it really means is “The parameters you are sending don’t correspond with the code value you are sending”.