Facebook OAuth causes 500 Internal Server Error

Authentication & Security
1

Hi,

I’m trying to implement Facebook Login in my web app. I created my own login screen with the Facebook login button.
I already got the callback from Facebook to my app working (which means I receive the facebook code) and extracted the code from the URL but get a 500 error (without any further info) when I call (via ajax post) https//my.domain.com/api/v2/user/session?oauth_callback=true&service=facebook&code=some_code_from_facebook to receive a session_token.

Is it possible to use a custom login screen (and a callback page within my web app) or did I understand something wrong.

Thanks
Thomas

2

So to be clear, did you create the Facebook OAuth service inside of Dreamfactory and then when you put the service in use in the web app, you are getting a 500? Can you tell if you are getting the 500 from Facebook or Dreamfactory? If you want to expand the logging details in your Dreamfactory instance, head to the .env file and change the following values:

APP_LOG_LEVEL=debug
APP_LOG=daily
APP_LOG_MAX_FILES=5

This will enable you to get a bit more detail on the usually ambiguous 500 errors.

3

Yes, I created the Facebook OAuth service inside of Dreamfactory. I get the error message from Dreamfactory.
I also successfully tested the service with the built-in Dreamfactory login screen (of course with different OAuth Redirect URI).
Unfortunately the log file doesn’t provide much more information:

[2018-11-06 20:36:44] local.INFO: [REQUEST] {“API Version”:“2.0”,“Method”:“GET”,“Service”:“user”,“Resource”:“session”,“Requestor”:1}
[2018-11-06 20:36:44] local.DEBUG: [REQUEST] {“Parameters”:"{“service”:“facebook”}",“API Key”:null,“JWT”:null}
[2018-11-06 20:36:44] local.DEBUG: API event handled: user.session.get.pre_process
[2018-11-06 20:36:44] local.DEBUG: API event handled: user.session.get.post_process
[2018-11-06 20:36:44] local.DEBUG: Service event handled: user.session.get
[2018-11-06 20:36:44] local.INFO: [RESPONSE] Redirect {“Status Code”:302}
[2018-11-06 20:36:44] local.DEBUG: [RESPONSE] {“Target URL”:“https://www.facebook.com/v2.8/dialog/oauth?client_id=myFacebookClientId&redirect_uri=mydomain.com%2Fdashb
oard%2Fcallback%3Fservice%3Dfacebook&scope=email&response_type=code&state=qDqM1KEBoq0MmuBrWl7Y24bUXC67O8SoufrmG9Wl”}
[2018-11-06 20:36:45] local.INFO: [REQUEST] {“API Version”:“2.0”,“Method”:“POST”,“Service”:“user”,“Resource”:“session”,“Requestor”:1}
[2018-11-06 20:36:45] local.DEBUG: [REQUEST] {“Parameters”:"{“oauth_callback”:“true”,“service”:“facebook”,“code”:“AQD2yNZcAA1qv4MAZPvoQ9B1gLXa8EoD4KducQ-07GN_1pjxq0kLUyJfY
ldEBbiQBAar_nZaOGKbJRSbCtms1NhDLeA3z2LdsPNGTvUGiEeNlOwoo25KMGsoXP0vTnmBdYOHk–VzEJM8v8qDqBbCwu1sY3o69_WCzueEpBnL70eYzikJCHogCFlWAU-ncBdSkhkOIpZq-j7oBNFd0I4tkTRwLVCWf8hy9hV7mUMVMU2rpU
fA5AheZC1VoouOb5X4WU_HBFpfivc526kIUvPBb7IcETADgjRgJ6xxRS8TAotKXT-MqViKNTlB6Qo4GY_0Pc”}",“API Key”:“e098a7a03eb70b28e50ab17147ab6a57f2e5b50c9f2dcad6c30868821d2f876a”,“JWT”:null}
[2018-11-06 20:36:45] local.DEBUG: API event handled: user.session.post.pre_process
[2018-11-06 20:36:45] local.DEBUG: API event handled: user.session.post.post_process
[2018-11-06 20:36:45] local.DEBUG: Service event handled: user.session.post
[2018-11-06 20:36:45] local.INFO: [RESPONSE] {“Status Code”:500,“Content-Type”:null}
[2018-11-06 20:36:45] local.INFO: [RESPONSE] {“Status Code”:500,“Content-Type”:“text/plain”}

4

Solved.
If you should ever run into this issue, sent the state parameter with the session call!

1 Like
5

Hi there

I have the same problem! I am adding the ‘state’ param. Are you still using this? If so, do you have any more information?

Thank you!