pynder
pynder copied to clipboard
charliewolf
Issues with fetching the Security token
Hi everyone, I'v been having problem with fetching the security key, so far I'v been doing it manually by going to
https://www.facebook.com/dialog/oauth?client_id=464891386855067&redirect_uri=https://www.facebook.com/connect/login_success.html&scope=basic_info,email,public_profile,user_about_me,user_activities,user_birthday,user_education_history,user_friends,user_interests,user_likes,user_location,user_photos,user_relationship_details&response_type=token
and copying the address I was redirected to.
yet, lately I'v been getting the following error message:
URL Blocked: This redirect failed because the redirect URI is not whitelisted in the app’s Client OAuth Settings. Make sure Client and Web OAuth Login are on and add all your app domains as Valid OAuth Redirect URIs.
And being redirected to:
https://www.facebook.com/connect/login_success.html?error_code=1349168&error_message=URL+Blocked%3A+This+redirect+failed+because+the+redirect+URI+is+not+whitelisted+in+the+app’s+Client+OAuth+Settings.+Make+sure+Client+and+Web+OAuth+Login+are+on+and+add+all+your+app+domains+as+Valid+OAuth+Redirect+URIs.#_=_
Instead of being redirected to an address containing valid information. Anyone else is having the same issues? How should I resolve those?
I deleted the app from my phone, do you think this might have to do with it?
Authentication has changed, this comment in the unofficial Tinder API documentation explains the new manual way.
You may consider in the future doing it automatically, this comment should set you off on the right track if you wish to do so.
@sfgasdfsafggfgg thanks a lot man! I'm developing a Tinder app with Deep Learning / Machine Learning to auto-swipe based on attractiveness. Your comment helped me cause the auth was not working anymore. https://github.com/philipperemy/Deep-Learning-Tinder
@sfgasdfsafggfgg Hi, Im trying to automate the token process using robobrowser, but it has proven fruitless so far. It looks like facebook is defending against it, do you know if someone actually managed to automatically fetch the token?
@frmsaul This is the code I use:
import robobrowser
import re
MOBILE_USER_AGENT = "Mozilla/5.0 (Linux; U; en-gb; KFTHWI Build/JDQ39) AppleWebKit/535.19 (KHTML, like Gecko) Silk/3.16 Safari/535.19"
FB_AUTH = "https://www.facebook.com/v2.6/dialog/oauth?redirect_uri=fb464891386855067%3A%2F%2Fauthorize%2F&display=touch&state=%7B%22challenge%22%3A%22IUUkEUqIGud332lfu%252BMJhxL4Wlc%253D%22%2C%220_auth_logger_id%22%3A%2230F06532-A1B9-4B10-BB28-B29956C71AB1%22%2C%22com.facebook.sdk_client_state%22%3Atrue%2C%223_method%22%3A%22sfvc_auth%22%7D&scope=user_birthday%2Cuser_photos%2Cuser_education_history%2Cemail%2Cuser_relationship_details%2Cuser_friends%2Cuser_work_history%2Cuser_likes&response_type=token%2Csigned_request&default_audience=friends&return_scopes=true&auth_type=rerequest&client_id=464891386855067&ret=login&sdk=ios&logger_id=30F06532-A1B9-4B10-BB28-B29956C71AB1&ext=1470840777&hash=AeZqkIcf-NEW6vBd"
def get_access_token(email, password):
s = robobrowser.RoboBrowser(user_agent=MOBILE_USER_AGENT, parser="lxml")
s.open(FB_AUTH)
##submit login form##
f = s.get_form()
f["pass"] = password
f["email"] = email
s.submit_form(f)
##click the 'ok' button on the dialog informing you that you have already authenticated with the Tinder app##
f = s.get_form()
s.submit_form(f, submit=f.submit_fields['__CONFIRM__'])
##get access token from the html response##
access_token = re.search(r"access_token=([\w\d]+)", s.response.content.decode()).groups()[0]
return access_token
The mobile user agent is to force the mobile oauth flow, since the desktop oauth flow uses ajax.
To everyone using the @sfgasdfsafggfgg script remember to pip install lxml
