I am trying to use Facebook iOS sdk with PassportJS (sever is NodeJS) I sucessfully managed to log in with Facebook on my iOS app. The next thing I do is hand over the access token to the server and verify from there. Unfortunately it does not work at all.
The weird part is that for my website it works fine. I just use the callback url to post the token to the server.
So in code what happens after facebook login (which works)
/*
* Callback for session changes.
*/
- (void)sessionStateChanged:(FBSession *)session
state:(FBSessionState) state
error:(NSError *)error
{
switch (state) {
case FBSessionStateOpen:
if (!error) {
// We have a valid session
NSString *token = session.accessTokenData.accessToken;
NSLog(@"User session found: %@", token);
[[NSNotificationCenter defaultCenter] postNotificationName:nGotFacebookSession object:nil userInfo:@{
@"token": token
}];
}
break;
case FBSessionStateClosed:
case FBSessionStateClosedLoginFailed:
[FBSession.activeSession closeAndClearTokenInformation];
break;
default:
break;
}
[[NSNotificationCenter defaultCenter]
postNotificationName:FBSessionStateChangedNotification
object:session];
if (error) {
UIAlertView *alertView = [[UIAlertView alloc]
initWithTitle:@"Error"
message:error.localizedDescription
delegate:nil
cancelButtonTitle:@"OK"
otherButtonTitles:nil];
[alertView show];
}
}
Then, in the login controller the notification gets received:
- (void) facebookLogin: (NSNotification*) notification
{
[MBProgressHUD showHUDAddedTo:self.view animated:YES];
NSString *token = [notification.userInfo objectForKey:@"token"];
[[CBApi sharedAPI] get:@"api/auth/facebook/callback" andParams:@{
@"code": token
} andCallback:^(NSDictionary *json) {
[MBProgressHUD hideHUDForView:self.view animated:YES];
if ([json objectForKey:kError]) {
Alert(@"Error", @"Login details failed");
} else {
User *u = [User createEntity];
u.email = self.emailField.text;
[self dismissViewControllerAnimated:YES completion:nil];
}
}];
}
And then I get this error back from the server (copypasted from console):
failed to obtain access token (status: 400 data: {
"error": {
"message": "Invalid verification code format.",
"type": "OAuthException",
"code": 100
}
})
Like I said, it fully works when using the web site for login, no problem, it's just that it does not accept iOS native generated access tokens. I have never done fb login like this before. If you could help me that would be really great, thanks anyway!
I figured it out! For anyone who has the same problem, this is what I have done: Instead of using passportjs' normal Facebook Strategy, use this one instead: https://github.com/drudge/passport-facebook-token
It allows you to use active access tokens and is almost a drop in replacement for me. The server uses for the website the old facebook strategy (the one who came with passpostjs) and the facebookstrategy-token for iOS logins.