Hey web2py_tn, I don't know if you still need this but I recently battled this problem myself and here is a solution I'd like to leave here so others don't need to battle with this too.
If you're using the web2py_multiauth first apply this patch: http://code.google.com/p/cfhowes/issues/detail?id=2 Then overwrite these 2 functions in facebook.py to: def parse_signed_request(signed_request, application_secret_key): """Parse a signed request, returning a dictionary describing its payload.""" def decode(encoded): padding = '=' * (len(encoded) % 4) return base64.urlsafe_b64decode(encoded + padding) try: encoded_signature, encoded_payload = (str(string) for string in signed_request.split('.', 2)) signature = decode(encoded_signature) signed_request_data = json.loads(decode(encoded_payload)) except (TypeError, ValueError): raise Exception("Signed request had a corrupt payload") if signed_request_data.get('algorithm', '').upper() != 'HMAC-SHA256': raise Exception("Signed request is using an unknown algorithm") expected_signature = hmac.new(application_secret_key, msg=encoded_payload, digestmod=hashlib.sha256).digest() if signature != expected_signature: raise Exception("Signed request signature mismatch") return signed_request_data def get_user_from_cookie(cookies, app_id, app_secret): """Parses the cookie set by the official Facebook JavaScript SDK. cookies should be a dictionary-like object mapping cookie names to cookie values. If the user is logged in via Facebook, we return a dictionary with the keys "uid" and "access_token". The former is the user's Facebook ID, and the latter can be used to make authenticated requests to the Graph API. If the user is not logged in, we return None. Download the official Facebook JavaScript SDK at http://github.com/facebook/connect-js/. Read more about Facebook authentication at http://developers.facebook.com/docs/authentication/. """ cookie = cookies.get("fbsr_" + app_id, "") if not cookie: return None response = parse_signed_request(cookie.value, app_secret) if not response: return None args = dict( code = response['code'], client_id = app_id, client_secret = app_secret, redirect_uri = '', ) file = urllib.urlopen("https://graph.facebook.com/oauth/access_token?"; + urllib.urlencode(args)) try: token_response = file.read() finally: file.close() access_token = cgi.parse_qs(token_response)["access_token"][-1] return dict( uid = response["user_id"], access_token = access_token, ) The key change here is in get_user_from cookie where "parse_signed_request(cookie, app_secret)" changed to "parse_signed_request(cookie.value, app_secret)" Sexta-feira, 1 de Fevereiro de 2013 22:00:40 UTC, web2py_tn escreveu: > > Hey Ben- > Can you share your version of facebook.py? > > On Wednesday, February 1, 2012 2:24:29 PM UTC+1, Ben Tammetta wrote: >> >> It seemed that version of facebook.py that I was using is just >> incompatible and/or outdated >> get_user_from_cookie() was trying to parse a cookie variable out that did >> not exist from facebook. >> >> I ended up passing the correct cookie variable directly in and changing a >> couple lines to prove that that was the problem. >> When I ran into other issues it seemed best just to write my own version >> of facebook.py as I needed certain functions. >> > -- --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
