[web2py] Re: OAuth2.0 and Facebook (as from the book)
the problem is that facebook is not returning an email. i know, i know, you told facebook that email is required and you can't reproduce such a state. i'm 100% with you, but i see the exact same behavior with my users! i suspect that these are actually returning users who granted email access when they first created an account, but then they changed their facebook permissions to remove email access and when they return to your site and login, facebook lets them (because they have before), but does not give you the email address. i have not confirmed this theory, but it's my running theory. other potential issue is the expiration of the facebook access token. those rules changed this spring and i'm not 100% up to date on the rules right now. cfh On Monday, October 28, 2013 10:57:06 AM UTC-7, Lisandro wrote: I'm having a similar problem with KeyError: 'email'. I have a site in production that uses oauth2 and offers the possibility of register/login using personal facebook account. I created a Facebook app and set permissions to get user's email (so I can create the account on my site). Everything works perfect, lots of users have registered in my site using their Facebook accounts. Even myself. However, there are some error tickets created with this error of KeyError:email. First I thought that some users didn't let the application get their emails, but that's not possible. When you try to log in my site using Facebook, facebook tells you that te application will get your email, and you only can accept or decline. If you decline, you're not registered. And if you accept, my site gets your email and creates the account. So, I don't know which could be the problem. This is the traceback of the error: Traceback (most recent call last): File /var/www/vendosimple/gluon/restricted.py, line 212, in restricted exec ccode in environment File /var/www/vendosimple/applications/init/controllers/default.py, line 645, in module File /var/www/vendosimple/gluon/globals.py, line 194, in lambda self._caller = lambda f: f() File /var/www/vendosimple/applications/init/controllers/default.py, line 380, in user form = auth() File /var/www/vendosimple/gluon/tools.py, line 1250, in __call__ return getattr(self, args[0])() File /var/www/vendosimple/gluon/tools.py, line 2128, in login cas_user = cas.get_user() File applications/init/modules/globales.py, line 41, in get_user username=user['id'], registration_id=user['id'], email=user['email']) KeyError: 'email' Any ideas? El martes, 7 de junio de 2011 01:00:33 UTC-3, Massimo Di Pierro escribió: I am not familiar with facebook email. If this (username + @facebook) is avlid email, perhaps web should set that even if username=True On Jun 6, 7:15 pm, Sebastian E. Ovide sebastian.ov...@gmail.com wrote: I do not see major pros and cons... it is a matter of precerences... 1) setting username=True in auth.define_tables(), define_tables will add a field on the table (username) and if that field is present, authentication will be done using username. Personally I prefer to use emails rather than usernames, and as I am using BOTH web2py auth and facebook at the same time for authentication (two different links for different logins), I didn't want to force my application to use usernames so I've used the second option 2) in this case I'm adding an email created by the facebook username + @facebook and therefore auth will keep using email for authentication... no web2py code has been touched, although I'm extending Auth and overriding navbar to display a second login link (facebook) and hide change_password when it is logged in via facebook. if session.login_method_used is None: if not 'change_password' in self.settings.actions_disabled: bar.insert(-1, ' | ') bar.insert(-1, password) and in my controller: def user(): if auth.user_id: if request.args[0] == 'logout': session.login_method_used=None else: if request.args[0] == 'login': session.login_method_used=None elif request.args[0] == 'login_fb': session.login_method_used=facebook request.args[0]='login' if session.login_method_used==facebook: auth.settings.login_form=FaceBookAccount(globals()) return dict(form=auth()) On Mon, Jun 6, 2011 at 11:16 PM, Massimo Di Pierro massimo.dipie...@gmail.com wrote: if there is agreement on one, please send me a patch. On Jun 6, 4:31 pm, Sebastian E. Ovide sebastian.ov...@gmail.com wrote: Hi Mic, thanks for that. actually I've debugged web2py and figure it out for myself. There are two easy ways to fix it (I've
[web2py] Re: OAuth2.0 and Facebook (as from the book)
I see, your theory is pretty much accurate (sorry for my english, I hope that phrase is correct). What I mean is that your theory is the most addecuate for this case, thought it can't be proved. Actually, there is another error that says something about access token been already used, but happens very little. My question now is: ¿can I avoid this situation and do something? I have this in one of my models: if session.login_facebook: from globales import FaceBookAccount auth.settings.login_form = FaceBookAccount(globals()) And this is te dfinition of FaceBookAccount class: class FaceBookAccount(OAuthAccount): AUTH_URL=https://graph.facebook.com/oauth/authorize; TOKEN_URL=https://graph.facebook.com/oauth/access_token; def __init__(self, g): OAuthAccount.__init__(self, g, current.FACEBOOK_APP_ID, current.FACEBOOK_APP_SECRET_KEY, \ self.AUTH_URL, self.TOKEN_URL, scope='email') self.graph = None def get_user(self): if not self.accessToken(): return None if not self.graph: self.graph = GraphAPI((self.accessToken())) user = None try: user = self.graph.get_object(me) except GraphAPIError, e: self.session.token = None self.graph = None if user: return dict(first_name='%s %s' %(user['first_name'], user['last_name']), \ username=user['id'], registration_id=user['id'], email=user['email']) I would like to, at least, show an error message to the user saying that something went wrong trying to get his/her email from Facebook, and that he/she should try again. Can't figure it out how to do it :/ El martes, 29 de octubre de 2013 03:48:36 UTC-3, Christian Foster Howes escribió: the problem is that facebook is not returning an email. i know, i know, you told facebook that email is required and you can't reproduce such a state. i'm 100% with you, but i see the exact same behavior with my users! i suspect that these are actually returning users who granted email access when they first created an account, but then they changed their facebook permissions to remove email access and when they return to your site and login, facebook lets them (because they have before), but does not give you the email address. i have not confirmed this theory, but it's my running theory. other potential issue is the expiration of the facebook access token. those rules changed this spring and i'm not 100% up to date on the rules right now. cfh On Monday, October 28, 2013 10:57:06 AM UTC-7, Lisandro wrote: I'm having a similar problem with KeyError: 'email'. I have a site in production that uses oauth2 and offers the possibility of register/login using personal facebook account. I created a Facebook app and set permissions to get user's email (so I can create the account on my site). Everything works perfect, lots of users have registered in my site using their Facebook accounts. Even myself. However, there are some error tickets created with this error of KeyError:email. First I thought that some users didn't let the application get their emails, but that's not possible. When you try to log in my site using Facebook, facebook tells you that te application will get your email, and you only can accept or decline. If you decline, you're not registered. And if you accept, my site gets your email and creates the account. So, I don't know which could be the problem. This is the traceback of the error: Traceback (most recent call last): File /var/www/vendosimple/gluon/restricted.py, line 212, in restricted exec ccode in environment File /var/www/vendosimple/applications/init/controllers/default.py, line 645, in module File /var/www/vendosimple/gluon/globals.py, line 194, in lambda self._caller = lambda f: f() File /var/www/vendosimple/applications/init/controllers/default.py, line 380, in user form = auth() File /var/www/vendosimple/gluon/tools.py, line 1250, in __call__ return getattr(self, args[0])() File /var/www/vendosimple/gluon/tools.py, line 2128, in login cas_user = cas.get_user() File applications/init/modules/globales.py, line 41, in get_user username=user['id'], registration_id=user['id'], email=user['email']) KeyError: 'email' Any ideas? El martes, 7 de junio de 2011 01:00:33 UTC-3, Massimo Di Pierro escribió: I am not familiar with facebook email. If this (username + @facebook) is avlid email, perhaps web should set that even if username=True On Jun 6, 7:15 pm, Sebastian E. Ovide sebastian.ov...@gmail.com wrote: I do not see major pros and cons... it is a matter of precerences... 1) setting username=True in auth.define_tables(), define_tables will add a field on the table (username) and if that field is present, authentication will be done using username. Personally I prefer to use
Re: [web2py] Re: OAuth2.0 and Facebook (as from the book)
create a fake email... something like the following (check for errors I did not test it) if user: if not user.has_key('email') or user['email'] == '' or user['email'] is None: user['email'] = user['first_name'] + '.' + user['last_name'] + '.' + user['id'] + '@facebook.email.is.not.valid' 2013/10/29 Lisandro rostagnolisan...@gmail.com I see, your theory is pretty much accurate (sorry for my english, I hope that phrase is correct). What I mean is that your theory is the most addecuate for this case, thought it can't be proved. Actually, there is another error that says something about access token been already used, but happens very little. My question now is: ¿can I avoid this situation and do something? I have this in one of my models: if session.login_facebook: from globales import FaceBookAccount auth.settings.login_form = FaceBookAccount(globals()) And this is te dfinition of FaceBookAccount class: class FaceBookAccount(OAuthAccount): AUTH_URL=https://graph.facebook.com/oauth/authorize; TOKEN_URL=https://graph.facebook.com/oauth/access_token; def __init__(self, g): OAuthAccount.__init__(self, g, current.FACEBOOK_APP_ID, current.FACEBOOK_APP_SECRET_KEY, \ self.AUTH_URL, self.TOKEN_URL, scope='email') self.graph = None def get_user(self): if not self.accessToken(): return None if not self.graph: self.graph = GraphAPI((self.accessToken())) user = None try: user = self.graph.get_object(me) except GraphAPIError, e: self.session.token = None self.graph = None if user: return dict(first_name='%s %s' %(user['first_name'], user['last_name']), \ username=user['id'], registration_id=user['id'], email=user['email']) I would like to, at least, show an error message to the user saying that something went wrong trying to get his/her email from Facebook, and that he/she should try again. Can't figure it out how to do it :/ El martes, 29 de octubre de 2013 03:48:36 UTC-3, Christian Foster Howes escribió: the problem is that facebook is not returning an email. i know, i know, you told facebook that email is required and you can't reproduce such a state. i'm 100% with you, but i see the exact same behavior with my users! i suspect that these are actually returning users who granted email access when they first created an account, but then they changed their facebook permissions to remove email access and when they return to your site and login, facebook lets them (because they have before), but does not give you the email address. i have not confirmed this theory, but it's my running theory. other potential issue is the expiration of the facebook access token. those rules changed this spring and i'm not 100% up to date on the rules right now. cfh On Monday, October 28, 2013 10:57:06 AM UTC-7, Lisandro wrote: I'm having a similar problem with KeyError: 'email'. I have a site in production that uses oauth2 and offers the possibility of register/login using personal facebook account. I created a Facebook app and set permissions to get user's email (so I can create the account on my site). Everything works perfect, lots of users have registered in my site using their Facebook accounts. Even myself. However, there are some error tickets created with this error of KeyError:email. First I thought that some users didn't let the application get their emails, but that's not possible. When you try to log in my site using Facebook, facebook tells you that te application will get your email, and you only can accept or decline. If you decline, you're not registered. And if you accept, my site gets your email and creates the account. So, I don't know which could be the problem. This is the traceback of the error: Traceback (most recent call last): File /var/www/vendosimple/gluon/**restricted.py, line 212, in restricted exec ccode in environment File /var/www/vendosimple/**applications/init/controllers/**default.py, line 645, in module File /var/www/vendosimple/gluon/**globals.py, line 194, in lambda self._caller = lambda f: f() File /var/www/vendosimple/**applications/init/controllers/**default.py, line 380, in user form = auth() File /var/www/vendosimple/gluon/**tools.py, line 1250, in __call__ return getattr(self, args[0])() File /var/www/vendosimple/gluon/**tools.py, line 2128, in login cas_user = cas.get_user() File applications/init/modules/**globales.py, line 41, in get_user username=user['id'], registration_id=user['id'], email=user['email']) KeyError: 'email' Any ideas? El martes, 7 de junio de 2011 01:00:33 UTC-3, Massimo Di Pierro escribió: I am not familiar with facebook email. If this (username + @facebook) is avlid email, perhaps web should set that even if username=True
Re: [web2py] Re: OAuth2.0 and Facebook (as from the book)
Thanks for the answer. The problem is that I really need a valid email address, because in my site I use that email to send important notifications to the user. I already tried with facebook mail, that is, joining the user name with @ facebook.com. But it didn't work. When I send an email to a facebook mail, I receive an automatic response from Facebook saying that there is a permission problem. I understand that @facebook email addresses are only for communication between Facebook users :/ 2013/10/29 Michele Comitini michele.comit...@gmail.com create a fake email... something like the following (check for errors I did not test it) if user: if not user.has_key('email') or user['email'] == '' or user['email'] is None: user['email'] = user['first_name'] + '.' + user['last_name'] + '.' + user['id'] + '@facebook.email.is.not.valid' 2013/10/29 Lisandro rostagnolisan...@gmail.com I see, your theory is pretty much accurate (sorry for my english, I hope that phrase is correct). What I mean is that your theory is the most addecuate for this case, thought it can't be proved. Actually, there is another error that says something about access token been already used, but happens very little. My question now is: ¿can I avoid this situation and do something? I have this in one of my models: if session.login_facebook: from globales import FaceBookAccount auth.settings.login_form = FaceBookAccount(globals()) And this is te dfinition of FaceBookAccount class: class FaceBookAccount(OAuthAccount): AUTH_URL=https://graph.facebook.com/oauth/authorize; TOKEN_URL=https://graph.facebook.com/oauth/access_token; def __init__(self, g): OAuthAccount.__init__(self, g, current.FACEBOOK_APP_ID, current.FACEBOOK_APP_SECRET_KEY, \ self.AUTH_URL, self.TOKEN_URL, scope='email') self.graph = None def get_user(self): if not self.accessToken(): return None if not self.graph: self.graph = GraphAPI((self.accessToken())) user = None try: user = self.graph.get_object(me) except GraphAPIError, e: self.session.token = None self.graph = None if user: return dict(first_name='%s %s' %(user['first_name'], user['last_name']), \ username=user['id'], registration_id=user['id'], email=user['email']) I would like to, at least, show an error message to the user saying that something went wrong trying to get his/her email from Facebook, and that he/she should try again. Can't figure it out how to do it :/ El martes, 29 de octubre de 2013 03:48:36 UTC-3, Christian Foster Howes escribió: the problem is that facebook is not returning an email. i know, i know, you told facebook that email is required and you can't reproduce such a state. i'm 100% with you, but i see the exact same behavior with my users! i suspect that these are actually returning users who granted email access when they first created an account, but then they changed their facebook permissions to remove email access and when they return to your site and login, facebook lets them (because they have before), but does not give you the email address. i have not confirmed this theory, but it's my running theory. other potential issue is the expiration of the facebook access token. those rules changed this spring and i'm not 100% up to date on the rules right now. cfh On Monday, October 28, 2013 10:57:06 AM UTC-7, Lisandro wrote: I'm having a similar problem with KeyError: 'email'. I have a site in production that uses oauth2 and offers the possibility of register/login using personal facebook account. I created a Facebook app and set permissions to get user's email (so I can create the account on my site). Everything works perfect, lots of users have registered in my site using their Facebook accounts. Even myself. However, there are some error tickets created with this error of KeyError:email. First I thought that some users didn't let the application get their emails, but that's not possible. When you try to log in my site using Facebook, facebook tells you that te application will get your email, and you only can accept or decline. If you decline, you're not registered. And if you accept, my site gets your email and creates the account. So, I don't know which could be the problem. This is the traceback of the error: Traceback (most recent call last): File /var/www/vendosimple/gluon/**restricted.py, line 212, in restricted exec ccode in environment File /var/www/vendosimple/**applications/init/controllers/**default.py, line 645, in module File /var/www/vendosimple/gluon/**globals.py, line 194, in lambda self._caller = lambda f: f() File /var/www/vendosimple/**applications/init/controllers/**default.py, line 380, in user form = auth() File
Re: [web2py] Re: OAuth2.0 and Facebook (as from the book)
this is what they say: https://www.facebook.com/help/224049364288051 facebook documentation for developers is incomplete, so to say, on many occasions... mic 2013/10/29 Lisandro Rostagno rostagnolisan...@gmail.com Thanks for the answer. The problem is that I really need a valid email address, because in my site I use that email to send important notifications to the user. I already tried with facebook mail, that is, joining the user name with @facebook.com. But it didn't work. When I send an email to a facebook mail, I receive an automatic response from Facebook saying that there is a permission problem. I understand that @facebook email addresses are only for communication between Facebook users :/ 2013/10/29 Michele Comitini michele.comit...@gmail.com create a fake email... something like the following (check for errors I did not test it) if user: if not user.has_key('email') or user['email'] == '' or user['email'] is None: user['email'] = user['first_name'] + '.' + user['last_name'] + '.' + user['id'] + '@facebook.email.is.not.valid' 2013/10/29 Lisandro rostagnolisan...@gmail.com I see, your theory is pretty much accurate (sorry for my english, I hope that phrase is correct). What I mean is that your theory is the most addecuate for this case, thought it can't be proved. Actually, there is another error that says something about access token been already used, but happens very little. My question now is: ¿can I avoid this situation and do something? I have this in one of my models: if session.login_facebook: from globales import FaceBookAccount auth.settings.login_form = FaceBookAccount(globals()) And this is te dfinition of FaceBookAccount class: class FaceBookAccount(OAuthAccount): AUTH_URL=https://graph.facebook.com/oauth/authorize; TOKEN_URL=https://graph.facebook.com/oauth/access_token; def __init__(self, g): OAuthAccount.__init__(self, g, current.FACEBOOK_APP_ID, current.FACEBOOK_APP_SECRET_KEY, \ self.AUTH_URL, self.TOKEN_URL, scope='email') self.graph = None def get_user(self): if not self.accessToken(): return None if not self.graph: self.graph = GraphAPI((self.accessToken())) user = None try: user = self.graph.get_object(me) except GraphAPIError, e: self.session.token = None self.graph = None if user: return dict(first_name='%s %s' %(user['first_name'], user['last_name']), \ username=user['id'], registration_id=user['id'], email=user['email']) I would like to, at least, show an error message to the user saying that something went wrong trying to get his/her email from Facebook, and that he/she should try again. Can't figure it out how to do it :/ El martes, 29 de octubre de 2013 03:48:36 UTC-3, Christian Foster Howes escribió: the problem is that facebook is not returning an email. i know, i know, you told facebook that email is required and you can't reproduce such a state. i'm 100% with you, but i see the exact same behavior with my users! i suspect that these are actually returning users who granted email access when they first created an account, but then they changed their facebook permissions to remove email access and when they return to your site and login, facebook lets them (because they have before), but does not give you the email address. i have not confirmed this theory, but it's my running theory. other potential issue is the expiration of the facebook access token. those rules changed this spring and i'm not 100% up to date on the rules right now. cfh On Monday, October 28, 2013 10:57:06 AM UTC-7, Lisandro wrote: I'm having a similar problem with KeyError: 'email'. I have a site in production that uses oauth2 and offers the possibility of register/login using personal facebook account. I created a Facebook app and set permissions to get user's email (so I can create the account on my site). Everything works perfect, lots of users have registered in my site using their Facebook accounts. Even myself. However, there are some error tickets created with this error of KeyError:email. First I thought that some users didn't let the application get their emails, but that's not possible. When you try to log in my site using Facebook, facebook tells you that te application will get your email, and you only can accept or decline. If you decline, you're not registered. And if you accept, my site gets your email and creates the account. So, I don't know which could be the problem. This is the traceback of the error: Traceback (most recent call last): File /var/www/vendosimple/gluon/**restricted.py, line 212, in restricted exec ccode in environment File /var/www/vendosimple/**applications/init/controllers/**default.py, line 645, in module File
Re: [web2py] Re: OAuth2.0 and Facebook (as from the book)
Thanks, you're right, Facebook documentation is very poor and is often outdated. That page says that anyone can send you an email from external mail services (gmail, yahoo, etc).. but I tried that and I receive a response from Facebook saying that there is a permission problem... I suppose that the user can choose not to be contacted outside facebook :/ So in my case, I have no way to avoid this problem. Maybe creating that fake email address and asking the user to enter a valid emai addres and then verify it... but that deviates from the goal of register/login with facebook, that should be a simple and fast method, mostly for the user. Anyway, thanks a lot for the help and the answers! Off the topic, I'm starting to think that Facebook is kind of an ·internet explorer experience for developers, where developers have to work extra to cover inconsistency or problems like this :/ 2013/10/29 Michele Comitini michele.comit...@gmail.com this is what they say: https://www.facebook.com/help/224049364288051 facebook documentation for developers is incomplete, so to say, on many occasions... mic 2013/10/29 Lisandro Rostagno rostagnolisan...@gmail.com Thanks for the answer. The problem is that I really need a valid email address, because in my site I use that email to send important notifications to the user. I already tried with facebook mail, that is, joining the user name with @facebook.com. But it didn't work. When I send an email to a facebook mail, I receive an automatic response from Facebook saying that there is a permission problem. I understand that @facebook email addresses are only for communication between Facebook users :/ 2013/10/29 Michele Comitini michele.comit...@gmail.com create a fake email... something like the following (check for errors I did not test it) if user: if not user.has_key('email') or user['email'] == '' or user['email'] is None: user['email'] = user['first_name'] + '.' + user['last_name'] + '.' + user['id'] + '@facebook.email.is.not.valid' 2013/10/29 Lisandro rostagnolisan...@gmail.com I see, your theory is pretty much accurate (sorry for my english, I hope that phrase is correct). What I mean is that your theory is the most addecuate for this case, thought it can't be proved. Actually, there is another error that says something about access token been already used, but happens very little. My question now is: ¿can I avoid this situation and do something? I have this in one of my models: if session.login_facebook: from globales import FaceBookAccount auth.settings.login_form = FaceBookAccount(globals()) And this is te dfinition of FaceBookAccount class: class FaceBookAccount(OAuthAccount): AUTH_URL=https://graph.facebook.com/oauth/authorize; TOKEN_URL=https://graph.facebook.com/oauth/access_token; def __init__(self, g): OAuthAccount.__init__(self, g, current.FACEBOOK_APP_ID, current.FACEBOOK_APP_SECRET_KEY, \ self.AUTH_URL, self.TOKEN_URL, scope='email') self.graph = None def get_user(self): if not self.accessToken(): return None if not self.graph: self.graph = GraphAPI((self.accessToken())) user = None try: user = self.graph.get_object(me) except GraphAPIError, e: self.session.token = None self.graph = None if user: return dict(first_name='%s %s' %(user['first_name'], user['last_name']), \ username=user['id'], registration_id=user['id'], email=user['email']) I would like to, at least, show an error message to the user saying that something went wrong trying to get his/her email from Facebook, and that he/she should try again. Can't figure it out how to do it :/ El martes, 29 de octubre de 2013 03:48:36 UTC-3, Christian Foster Howes escribió: the problem is that facebook is not returning an email. i know, i know, you told facebook that email is required and you can't reproduce such a state. i'm 100% with you, but i see the exact same behavior with my users! i suspect that these are actually returning users who granted email access when they first created an account, but then they changed their facebook permissions to remove email access and when they return to your site and login, facebook lets them (because they have before), but does not give you the email address. i have not confirmed this theory, but it's my running theory. other potential issue is the expiration of the facebook access token. those rules changed this spring and i'm not 100% up to date on the rules right now. cfh On Monday, October 28, 2013 10:57:06 AM UTC-7, Lisandro wrote: I'm having a similar problem with KeyError: 'email'. I have a site in production that uses oauth2 and offers the possibility of register/login using personal facebook account. I created a Facebook app and set permissions to
Re: [web2py] Re: OAuth2.0 and Facebook (as from the book)
Lisandro, the ratio of users without email is so low that i would just block the user telling them that they must grant email permissions to use your site. detect that there was no email returned from facebook and send a response to the browser that prompts the user to try again and add the email permission. in the event that this is the login of an existing user, your database will already have an email and maybe you prompt them to verify that the saved email is still correct. good luck! cfh On 10/29/13, 8:05 , Lisandro Rostagno wrote: Thanks, you're right, Facebook documentation is very poor and is often outdated. That page says that anyone can send you an email from external mail services (gmail, yahoo, etc).. but I tried that and I receive a response from Facebook saying that there is a permission problem... I suppose that the user can choose not to be contacted outside facebook :/ So in my case, I have no way to avoid this problem. Maybe creating that fake email address and asking the user to enter a valid emai addres and then verify it... but that deviates from the goal of register/login with facebook, that should be a simple and fast method, mostly for the user. Anyway, thanks a lot for the help and the answers! Off the topic, I'm starting to think that Facebook is kind of an ·internet explorer experience for developers, where developers have to work extra to cover inconsistency or problems like this :/ 2013/10/29 Michele Comitini michele.comit...@gmail.com this is what they say: https://www.facebook.com/help/224049364288051 facebook documentation for developers is incomplete, so to say, on many occasions... mic 2013/10/29 Lisandro Rostagno rostagnolisan...@gmail.com Thanks for the answer. The problem is that I really need a valid email address, because in my site I use that email to send important notifications to the user. I already tried with facebook mail, that is, joining the user name with @facebook.com. But it didn't work. When I send an email to a facebook mail, I receive an automatic response from Facebook saying that there is a permission problem. I understand that @facebook email addresses are only for communication between Facebook users :/ 2013/10/29 Michele Comitini michele.comit...@gmail.com create a fake email... something like the following (check for errors I did not test it) if user: if not user.has_key('email') or user['email'] == '' or user['email'] is None: user['email'] = user['first_name'] + '.' + user['last_name'] + '.' + user['id'] + '@facebook.email.is.not.valid' 2013/10/29 Lisandro rostagnolisan...@gmail.com I see, your theory is pretty much accurate (sorry for my english, I hope that phrase is correct). What I mean is that your theory is the most addecuate for this case, thought it can't be proved. Actually, there is another error that says something about access token been already used, but happens very little. My question now is: ¿can I avoid this situation and do something? I have this in one of my models: if session.login_facebook: from globales import FaceBookAccount auth.settings.login_form = FaceBookAccount(globals()) And this is te dfinition of FaceBookAccount class: class FaceBookAccount(OAuthAccount): AUTH_URL=https://graph.facebook.com/oauth/authorize; TOKEN_URL=https://graph.facebook.com/oauth/access_token; def __init__(self, g): OAuthAccount.__init__(self, g, current.FACEBOOK_APP_ID, current.FACEBOOK_APP_SECRET_KEY, \ self.AUTH_URL, self.TOKEN_URL, scope='email') self.graph = None def get_user(self): if not self.accessToken(): return None if not self.graph: self.graph = GraphAPI((self.accessToken())) user = None try: user = self.graph.get_object(me) except GraphAPIError, e: self.session.token = None self.graph = None if user: return dict(first_name='%s %s' %(user['first_name'], user['last_name']), \ username=user['id'], registration_id=user['id'], email=user['email']) I would like to, at least, show an error message to the user saying that something went wrong trying to get his/her email from Facebook, and that he/she should try again. Can't figure it out how to do it :/ El martes, 29 de octubre de 2013 03:48:36 UTC-3, Christian Foster Howes escribió: the problem is that facebook is not returning an email. i know, i know, you told facebook that email is required and you can't reproduce such a state. i'm 100% with you, but i see the exact same behavior with my users! i suspect that these are actually returning users who granted email access when they first created an account, but then they changed their facebook permissions to remove email access and when they return to your site and login, facebook lets them (because they have before), but does not give you the email address. i
[web2py] Re: OAuth2.0 and Facebook (as from the book)
The mobile registration page allows for users to signup without an email address: http://touch.facebook.com/r.php Paolo Il giorno lunedì 28 ottobre 2013 18:57:06 UTC+1, Lisandro ha scritto: I'm having a similar problem with KeyError: 'email'. I have a site in production that uses oauth2 and offers the possibility of register/login using personal facebook account. I created a Facebook app and set permissions to get user's email (so I can create the account on my site). Everything works perfect, lots of users have registered in my site using their Facebook accounts. Even myself. However, there are some error tickets created with this error of KeyError:email. First I thought that some users didn't let the application get their emails, but that's not possible. When you try to log in my site using Facebook, facebook tells you that te application will get your email, and you only can accept or decline. If you decline, you're not registered. And if you accept, my site gets your email and creates the account. So, I don't know which could be the problem. This is the traceback of the error: Traceback (most recent call last): File /var/www/vendosimple/gluon/restricted.py, line 212, in restricted exec ccode in environment File /var/www/vendosimple/applications/init/controllers/default.py, line 645, in module File /var/www/vendosimple/gluon/globals.py, line 194, in lambda self._caller = lambda f: f() File /var/www/vendosimple/applications/init/controllers/default.py, line 380, in user form = auth() File /var/www/vendosimple/gluon/tools.py, line 1250, in __call__ return getattr(self, args[0])() File /var/www/vendosimple/gluon/tools.py, line 2128, in login cas_user = cas.get_user() File applications/init/modules/globales.py, line 41, in get_user username=user['id'], registration_id=user['id'], email=user['email']) KeyError: 'email' Any ideas? El martes, 7 de junio de 2011 01:00:33 UTC-3, Massimo Di Pierro escribió: I am not familiar with facebook email. If this (username + @facebook) is avlid email, perhaps web should set that even if username=True On Jun 6, 7:15 pm, Sebastian E. Ovide sebastian.ov...@gmail.com wrote: I do not see major pros and cons... it is a matter of precerences... 1) setting username=True in auth.define_tables(), define_tables will add a field on the table (username) and if that field is present, authentication will be done using username. Personally I prefer to use emails rather than usernames, and as I am using BOTH web2py auth and facebook at the same time for authentication (two different links for different logins), I didn't want to force my application to use usernames so I've used the second option 2) in this case I'm adding an email created by the facebook username + @facebook and therefore auth will keep using email for authentication... no web2py code has been touched, although I'm extending Auth and overriding navbar to display a second login link (facebook) and hide change_password when it is logged in via facebook. if session.login_method_used is None: if not 'change_password' in self.settings.actions_disabled: bar.insert(-1, ' | ') bar.insert(-1, password) and in my controller: def user(): if auth.user_id: if request.args[0] == 'logout': session.login_method_used=None else: if request.args[0] == 'login': session.login_method_used=None elif request.args[0] == 'login_fb': session.login_method_used=facebook request.args[0]='login' if session.login_method_used==facebook: auth.settings.login_form=FaceBookAccount(globals()) return dict(form=auth()) On Mon, Jun 6, 2011 at 11:16 PM, Massimo Di Pierro massimo.dipie...@gmail.com wrote: if there is agreement on one, please send me a patch. On Jun 6, 4:31 pm, Sebastian E. Ovide sebastian.ov...@gmail.com wrote: Hi Mic, thanks for that. actually I've debugged web2py and figure it out for myself. There are two easy ways to fix it (I've tried to add them to the book, but my account doesn't allow me to edit it) 1) set username=False in auth.define_tables() 2) add email = user['username']+@facebook.com in the return of def get_user On Mon, Jun 6, 2011 at 10:02 PM, Michele Comitini michele.comit...@gmail.com wrote: Hi Sebastian, copy from this example: http://code.google.com/r/michelecomitini-facebookaccess/source/browse. .. http://code.google.com/r/michelecomitini-facebookaccess/source/browse.. .and let me know mic 2011/6/6 Sebastian E. Ovide
[web2py] Re: OAuth2.0 and Facebook (as from the book)
I'm having a similar problem with KeyError: 'email'. I have a site in production that uses oauth2 and offers the possibility of register/login using personal facebook account. I created a Facebook app and set permissions to get user's email (so I can create the account on my site). Everything works perfect, lots of users have registered in my site using their Facebook accounts. Even myself. However, there are some error tickets created with this error of KeyError:email. First I thought that some users didn't let the application get their emails, but that's not possible. When you try to log in my site using Facebook, facebook tells you that te application will get your email, and you only can accept or decline. If you decline, you're not registered. And if you accept, my site gets your email and creates the account. So, I don't know which could be the problem. This is the traceback of the error: Traceback (most recent call last): File /var/www/vendosimple/gluon/restricted.py, line 212, in restricted exec ccode in environment File /var/www/vendosimple/applications/init/controllers/default.py, line 645, in module File /var/www/vendosimple/gluon/globals.py, line 194, in lambda self._caller = lambda f: f() File /var/www/vendosimple/applications/init/controllers/default.py, line 380, in user form = auth() File /var/www/vendosimple/gluon/tools.py, line 1250, in __call__ return getattr(self, args[0])() File /var/www/vendosimple/gluon/tools.py, line 2128, in login cas_user = cas.get_user() File applications/init/modules/globales.py, line 41, in get_user username=user['id'], registration_id=user['id'], email=user['email']) KeyError: 'email' Any ideas? El martes, 7 de junio de 2011 01:00:33 UTC-3, Massimo Di Pierro escribió: I am not familiar with facebook email. If this (username + @facebook) is avlid email, perhaps web should set that even if username=True On Jun 6, 7:15 pm, Sebastian E. Ovide sebastian.ov...@gmail.com wrote: I do not see major pros and cons... it is a matter of precerences... 1) setting username=True in auth.define_tables(), define_tables will add a field on the table (username) and if that field is present, authentication will be done using username. Personally I prefer to use emails rather than usernames, and as I am using BOTH web2py auth and facebook at the same time for authentication (two different links for different logins), I didn't want to force my application to use usernames so I've used the second option 2) in this case I'm adding an email created by the facebook username + @facebook and therefore auth will keep using email for authentication... no web2py code has been touched, although I'm extending Auth and overriding navbar to display a second login link (facebook) and hide change_password when it is logged in via facebook. if session.login_method_used is None: if not 'change_password' in self.settings.actions_disabled: bar.insert(-1, ' | ') bar.insert(-1, password) and in my controller: def user(): if auth.user_id: if request.args[0] == 'logout': session.login_method_used=None else: if request.args[0] == 'login': session.login_method_used=None elif request.args[0] == 'login_fb': session.login_method_used=facebook request.args[0]='login' if session.login_method_used==facebook: auth.settings.login_form=FaceBookAccount(globals()) return dict(form=auth()) On Mon, Jun 6, 2011 at 11:16 PM, Massimo Di Pierro massimo.dipie...@gmail.com wrote: if there is agreement on one, please send me a patch. On Jun 6, 4:31 pm, Sebastian E. Ovide sebastian.ov...@gmail.com wrote: Hi Mic, thanks for that. actually I've debugged web2py and figure it out for myself. There are two easy ways to fix it (I've tried to add them to the book, but my account doesn't allow me to edit it) 1) set username=False in auth.define_tables() 2) add email = user['username']+@facebook.com in the return of def get_user On Mon, Jun 6, 2011 at 10:02 PM, Michele Comitini michele.comit...@gmail.com wrote: Hi Sebastian, copy from this example: http://code.google.com/r/michelecomitini-facebookaccess/source/browse. .. http://code.google.com/r/michelecomitini-facebookaccess/source/browse.. .and let me know mic 2011/6/6 Sebastian E. Ovide sebastian.ov...@gmail.com Hi All, just wondering if the section OAuth2.0 and Facebook of the book is up to date? I following it's instructions but I'm getting an Internal error to reproduce
[web2py] Re: OAuth2.0 and Facebook (as from the book)
if there is agreement on one, please send me a patch. On Jun 6, 4:31 pm, Sebastian E. Ovide sebastian.ov...@gmail.com wrote: Hi Mic, thanks for that. actually I've debugged web2py and figure it out for myself. There are two easy ways to fix it (I've tried to add them to the book, but my account doesn't allow me to edit it) 1) set username=False in auth.define_tables() 2) add email = user['username']+@facebook.com in the return of def get_user On Mon, Jun 6, 2011 at 10:02 PM, Michele Comitini michele.comit...@gmail.com wrote: Hi Sebastian, copy from this example: http://code.google.com/r/michelecomitini-facebookaccess/source/browse... http://code.google.com/r/michelecomitini-facebookaccess/source/browse...and let me know mic 2011/6/6 Sebastian E. Ovide sebastian.ov...@gmail.com Hi All, just wondering if the section OAuth2.0 and Facebook of the book is up to date? I following it's instructions but I'm getting an Internal error to reproduce 1) get last web2py 1.196.3 2) follow the instructions from the book 2.a) get facebook and place it in modules 2.b) copy the code from the book 2.c) replace from facebook import GraphAPI with facebook = local_import('facebook') 2.d) replace facebook. to GraphAPIError and GraphAPI 2.e) replace YOUR_CLIENT_ID and YOUR_CLIENT_SECRET with real data 3) set your app URL tohttp://localhost:8000/welcome/ Is something missing ? When I click login, it redirect me to facebook, where I can login, and then it redirects me tohttp://localhost:8000/welcome/ At that point I get an error: TRACEBACK 1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12. 13. 14. 15. 16. Traceback (most recent call last): File /home/sebas/Downloads/web2py/gluon/restricted.py, line 184, in restricted exec ccode in environment File /home/sebas/Downloads/web2py/applications/welcome/controllers/default.py http://localhost:8000/admin/default/edit/welcome/controllers/default.py, line 71, in module File /home/sebas/Downloads/web2py/gluon/globals.py, line 137, in lambda / self._caller = lambda f: f() File /home/sebas/Downloads/web2py/applications/welcome/controllers/default.py http://localhost:8000/admin/default/edit/welcome/controllers/default.py, line 33, in user return dict(form=auth()) File /home/sebas/Downloads/web2py/gluon/tools.py, line 1070, in __call__ return getattr(self,args[0])() File /home/sebas/Downloads/web2py/gluon/tools.py, line 1626, in login user = self.get_or_create_user(table_user._filter_fields(cas_user)) File /home/sebas/Downloads/web2py/gluon/tools.py, line 1360, in get_or_create_user user = self.db(table_user[username] == keys[username]).select().first() KeyError: 'email' any ideas , thanks -- Sebastian E. Ovide -- Sebastian E. Ovide
Re: [web2py] Re: OAuth2.0 and Facebook (as from the book)
I do not see major pros and cons... it is a matter of precerences... 1) setting username=True in auth.define_tables(), define_tables will add a field on the table (username) and if that field is present, authentication will be done using username. Personally I prefer to use emails rather than usernames, and as I am using BOTH web2py auth and facebook at the same time for authentication (two different links for different logins), I didn't want to force my application to use usernames so I've used the second option 2) in this case I'm adding an email created by the facebook username + @facebook and therefore auth will keep using email for authentication... no web2py code has been touched, although I'm extending Auth and overriding navbar to display a second login link (facebook) and hide change_password when it is logged in via facebook. if session.login_method_used is None: if not 'change_password' in self.settings.actions_disabled: bar.insert(-1, ' | ') bar.insert(-1, password) and in my controller: def user(): if auth.user_id: if request.args[0] == 'logout': session.login_method_used=None else: if request.args[0] == 'login': session.login_method_used=None elif request.args[0] == 'login_fb': session.login_method_used=facebook request.args[0]='login' if session.login_method_used==facebook: auth.settings.login_form=FaceBookAccount(globals()) return dict(form=auth()) On Mon, Jun 6, 2011 at 11:16 PM, Massimo Di Pierro massimo.dipie...@gmail.com wrote: if there is agreement on one, please send me a patch. On Jun 6, 4:31 pm, Sebastian E. Ovide sebastian.ov...@gmail.com wrote: Hi Mic, thanks for that. actually I've debugged web2py and figure it out for myself. There are two easy ways to fix it (I've tried to add them to the book, but my account doesn't allow me to edit it) 1) set username=False in auth.define_tables() 2) add email = user['username']+@facebook.com in the return of def get_user On Mon, Jun 6, 2011 at 10:02 PM, Michele Comitini michele.comit...@gmail.com wrote: Hi Sebastian, copy from this example: http://code.google.com/r/michelecomitini-facebookaccess/source/browse. .. http://code.google.com/r/michelecomitini-facebookaccess/source/browse.. .and let me know mic 2011/6/6 Sebastian E. Ovide sebastian.ov...@gmail.com Hi All, just wondering if the section OAuth2.0 and Facebook of the book is up to date? I following it's instructions but I'm getting an Internal error to reproduce 1) get last web2py 1.196.3 2) follow the instructions from the book 2.a) get facebook and place it in modules 2.b) copy the code from the book 2.c) replace from facebook import GraphAPI with facebook = local_import('facebook') 2.d) replace facebook. to GraphAPIError and GraphAPI 2.e) replace YOUR_CLIENT_ID and YOUR_CLIENT_SECRET with real data 3) set your app URL tohttp://localhost:8000/welcome/ Is something missing ? When I click login, it redirect me to facebook, where I can login, and then it redirects me tohttp://localhost:8000/welcome/ At that point I get an error: TRACEBACK 1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12. 13. 14. 15. 16. Traceback (most recent call last): File /home/sebas/Downloads/web2py/gluon/restricted.py, line 184, in restricted exec ccode in environment File /home/sebas/Downloads/web2py/applications/welcome/controllers/default.py http://localhost:8000/admin/default/edit/welcome/controllers/default.py, line 71, in module File /home/sebas/Downloads/web2py/gluon/globals.py, line 137, in lambda / self._caller = lambda f: f() File /home/sebas/Downloads/web2py/applications/welcome/controllers/default.py http://localhost:8000/admin/default/edit/welcome/controllers/default.py, line 33, in user return dict(form=auth()) File /home/sebas/Downloads/web2py/gluon/tools.py, line 1070, in __call__ return getattr(self,args[0])() File /home/sebas/Downloads/web2py/gluon/tools.py, line 1626, in login user = self.get_or_create_user(table_user._filter_fields(cas_user)) File /home/sebas/Downloads/web2py/gluon/tools.py, line 1360, in get_or_create_user user = self.db(table_user[username] == keys[username]).select().first() KeyError: 'email' any ideas , thanks -- Sebastian E. Ovide -- Sebastian E. Ovide -- Sebastian E. Ovide
[web2py] Re: OAuth2.0 and Facebook (as from the book)
I am not familiar with facebook email. If this (username + @facebook) is avlid email, perhaps web should set that even if username=True On Jun 6, 7:15 pm, Sebastian E. Ovide sebastian.ov...@gmail.com wrote: I do not see major pros and cons... it is a matter of precerences... 1) setting username=True in auth.define_tables(), define_tables will add a field on the table (username) and if that field is present, authentication will be done using username. Personally I prefer to use emails rather than usernames, and as I am using BOTH web2py auth and facebook at the same time for authentication (two different links for different logins), I didn't want to force my application to use usernames so I've used the second option 2) in this case I'm adding an email created by the facebook username + @facebook and therefore auth will keep using email for authentication... no web2py code has been touched, although I'm extending Auth and overriding navbar to display a second login link (facebook) and hide change_password when it is logged in via facebook. if session.login_method_used is None: if not 'change_password' in self.settings.actions_disabled: bar.insert(-1, ' | ') bar.insert(-1, password) and in my controller: def user(): if auth.user_id: if request.args[0] == 'logout': session.login_method_used=None else: if request.args[0] == 'login': session.login_method_used=None elif request.args[0] == 'login_fb': session.login_method_used=facebook request.args[0]='login' if session.login_method_used==facebook: auth.settings.login_form=FaceBookAccount(globals()) return dict(form=auth()) On Mon, Jun 6, 2011 at 11:16 PM, Massimo Di Pierro massimo.dipie...@gmail.com wrote: if there is agreement on one, please send me a patch. On Jun 6, 4:31 pm, Sebastian E. Ovide sebastian.ov...@gmail.com wrote: Hi Mic, thanks for that. actually I've debugged web2py and figure it out for myself. There are two easy ways to fix it (I've tried to add them to the book, but my account doesn't allow me to edit it) 1) set username=False in auth.define_tables() 2) add email = user['username']+@facebook.com in the return of def get_user On Mon, Jun 6, 2011 at 10:02 PM, Michele Comitini michele.comit...@gmail.com wrote: Hi Sebastian, copy from this example: http://code.google.com/r/michelecomitini-facebookaccess/source/browse. .. http://code.google.com/r/michelecomitini-facebookaccess/source/browse.. .and let me know mic 2011/6/6 Sebastian E. Ovide sebastian.ov...@gmail.com Hi All, just wondering if the section OAuth2.0 and Facebook of the book is up to date? I following it's instructions but I'm getting an Internal error to reproduce 1) get last web2py 1.196.3 2) follow the instructions from the book 2.a) get facebook and place it in modules 2.b) copy the code from the book 2.c) replace from facebook import GraphAPI with facebook = local_import('facebook') 2.d) replace facebook. to GraphAPIError and GraphAPI 2.e) replace YOUR_CLIENT_ID and YOUR_CLIENT_SECRET with real data 3) set your app URL tohttp://localhost:8000/welcome/ Is something missing ? When I click login, it redirect me to facebook, where I can login, and then it redirects me tohttp://localhost:8000/welcome/ At that point I get an error: TRACEBACK 1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12. 13. 14. 15. 16. Traceback (most recent call last): File /home/sebas/Downloads/web2py/gluon/restricted.py, line 184, in restricted exec ccode in environment File /home/sebas/Downloads/web2py/applications/welcome/controllers/default.py http://localhost:8000/admin/default/edit/welcome/controllers/default.py, line 71, in module File /home/sebas/Downloads/web2py/gluon/globals.py, line 137, in lambda / self._caller = lambda f: f() File /home/sebas/Downloads/web2py/applications/welcome/controllers/default.py http://localhost:8000/admin/default/edit/welcome/controllers/default.py, line 33, in user return dict(form=auth()) File /home/sebas/Downloads/web2py/gluon/tools.py, line 1070, in __call__ return getattr(self,args[0])() File /home/sebas/Downloads/web2py/gluon/tools.py, line 1626, in login user = self.get_or_create_user(table_user._filter_fields(cas_user)) File /home/sebas/Downloads/web2py/gluon/tools.py, line 1360, in get_or_create_user user = self.db(table_user[username] == keys[username]).select().first() KeyError: 'email' any ideas , thanks -- Sebastian E. Ovide -- Sebastian E. Ovide -- Sebastian E.