Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

added sign in with facebook #1872

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

prathamesh0987
Copy link

@prathamesh0987 prathamesh0987 commented Oct 23, 2024

Description

Implement Facebook as social provider for third party logins.

Fixes #1657

Implementation

implements Facebook third party provider. Uses facebook Oauth to able to sign in

Tests

added test for facebook signup and signin.

Todos

create documentation in docs repo and add sign in with facebook to frontend

@FlxMgdnz FlxMgdnz requested a review from lfleischmann October 25, 2024 18:39
Copy link
Member

@lfleischmann lfleischmann left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Apart from the other comments:

  1. Some of the tests fail. For the Sign In it might be possible that it is due to a missing test fixture (we use fixtures in the backend/test to load test data into the database), i.e. a missing existing user. For the Sign Up something seems to be wrong with the State Cookie.
  2. The Facebook provider is not considered in the GetProvider function (see here)

@@ -112,6 +118,9 @@ func (s *thirdPartySuite) setUpConfig(enabledProviders []string, allowedRedirect
cfg.ThirdParty.Providers.Discord.Enabled = true
case "microsoft":
cfg.ThirdParty.Providers.Microsoft.Enabled = true
case "facebook":
cfg.ThirdParty.Providers.Facebook.Enabled = true
}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This prevents tests from compiling.

Suggested change
}

Config: &oauth2.Config{
ClientID: config.ClientID,
ClientSecret: config.Secret,
Endpoint: facebook.Endpoint,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Using facebook.Endpoint from the golang.org/x/oauth2/facebook makes using some of the declared variables at the top obsolete, since they are not used (e.g. FacebookOauthAuthEndpoint) except for in tests. Also: it makes the tests (the added table test inthirdparty_auth_test.go) fail, because the API versions differ: it's v3.2 vs. v9.0. Furthermore: the Facebook API version is currently at v21.0 (see here) so I think we should use that unless there was a specific reason you used the old version(s)?

Emails: []Email{
{
Email: fbUser.Email,
Verified: true, // Facebook email is considered verified
Copy link
Member

@lfleischmann lfleischmann Oct 30, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I do not think we should assume that. See here

We recently had another (abandoned) PR (see here) for this issue which indicated that it is possible to find out about the verified status of an email using a debug_token endpoint. Maybe we should try to do that.

@FlxMgdnz
Copy link
Member

/award 750

Copy link

oss-gg bot commented Oct 31, 2024

Awarding prathamesh0987: 750 points 🕹️ Well done! Check out your new contribution on oss.gg/prathamesh0987

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
Status: 🆕 New
Development

Successfully merging this pull request may close these issues.

Sign in with Facebook
3 participants