Implementing OAuth2 Learnings


I’ve just recently implemented OAuth2 using Flask and Authomatic to login users via Facebook and Google, and learned a few things in the process:

  • the server IP whitelist in Facebook Developer settings does not have to be set. If it is set, FB will only allow incoming connections from these server addresses. Before I fixed this, I kept getting the result:
  • in login2() handler: Something went wrong: Failed to obtain OAuth 2.0 access token from https://graph.facebook.com/oauth/access_token! HTTP status: 400, message: {“error”:{“message”:”This IP can’t make requests for that application.”,”type”:”OAuthException”,”code”:5}}.

    I was scratching my head, because no matter how I update the IP address whitelist on the FB dev console, I could not get the app to successfully authenticate.

  • the app will need to go through FB status review so that the app can be available publicly, else only the developer account can connect via OAuth2
  • For google, the API for google+ has to be enabled. Before doing this, I kept getting None user results.
  • For both FB and google, the callback URL has to be properly set

I got some help from Peter Hudec and Migs Paraz while troubleshooting the problems.

Advertisements

Leave a comment

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s