social-core icon indicating copy to clipboard operation
social-core copied to clipboard
verified publisher icon python-social-auth

Add Facebook Limited Login backend

Open Tenzer opened this issue 4 years ago • 6 comments

Proposed changes

This adds a new backend for Facebook Limited Login

This is a new login method for Facebook which uses OpenID Connect and doesn't have the ability to associate a user logging into one app with the IDFA token on iOS devices: https://developers.facebook.com/docs/facebook-login/limited-login.

Types of changes

Please check the type of change your PR introduces:

  • [ ] Release (new release request)
  • [ ] Bugfix (non-breaking change which fixes an issue)
  • [x] New feature (non-breaking change which adds functionality)
  • [ ] Code style update (PEP8, lint, formatting, renaming, etc)
  • [ ] Refactoring (no functional changes, no api changes)
  • [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • [ ] Build related changes (build process, tests runner, etc)
  • [ ] Other (please describe):

Checklist

Put an x in the boxes that apply. You can also fill these out after creating the PR. If you're unsure about any of them, don't hesitate to ask. We're here to help! This is simply a reminder of what we are going to look for before merging your code.

  • [x] Lint and unit tests pass locally with my changes
  • [x] I have added tests that prove my fix is effective or that my feature works

Other information

Any other information that is important to this PR such as screenshots of how the component looks before and after the change.

Tenzer avatar May 18 '21 09:05 Tenzer

Codecov Report

Merging #590 (bd12218) into master (4b57a1d) will decrease coverage by 0.03%. The diff coverage is 70.96%.

@@            Coverage Diff             @@
##           master     #590      +/-   ##
==========================================
- Coverage   77.29%   77.27%   -0.03%     
==========================================
  Files         325      325              
  Lines        9845     9875      +30     
  Branches     1176     1180       +4     
==========================================
+ Hits         7610     7631      +21     
- Misses       2080     2088       +8     
- Partials      155      156       +1
Flag Coverage Δ
unittests 77.27% <70.96%> (-0.03%) :arrow_down:

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files Coverage Δ
social_core/backends/facebook.py 55.12% <60.86%> (+0.99%) :arrow_up:
social_core/tests/backends/test_facebook.py 100.00% <100.00%> (ø)
social_core/tests/backends/test_open_id_connect.py 99.08% <100.00%> (ø)

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

codecov[bot] avatar May 18 '21 09:05 codecov[bot]

I have converted this to a draft while I test it out more thoroughly. It turned out the "simple" approach I was hoping for doesn't quite work since this backend doesn't have any APIs available for validating the user, nonce, etc.

Tenzer avatar May 19 '21 08:05 Tenzer

I have rebased the branch as I noticed there were some conflicts with the master branch. The sole test failure is the same as what is currently in the master branch.

Tenzer avatar Dec 17 '21 09:12 Tenzer

Looks good, but can't merge until SAML errors in the tests are sorted out...

nijel avatar Dec 20 '21 13:12 nijel

Those SAML tests look pretty broken to me. I just tried to run them locally to have a look at how they are failing, and I managed to run it three times in a row which produced different failures each time. The first run was successful but the two following ones failed with different errors: https://gist.github.com/Tenzer/12720fc757ec4d595e4b775825ff8323

Tenzer avatar Dec 20 '21 13:12 Tenzer

Strange is that those worked fine for years, so this is most likely result of upgrade of some underlying library. I haven't found time to dig into that so far...

nijel avatar Dec 20 '21 14:12 nijel

@nijel Any chance you could take a look at this PR again? I have rebased it to get the latest fixes in from the master branch, and that seems to have fixed the unrelated failing tests.

Tenzer avatar Jan 26 '23 09:01 Tenzer

Merged, thanks for your contribution!

nijel avatar Jan 26 '23 10:01 nijel

Thanks a lot!

Tenzer avatar Jan 26 '23 10:01 Tenzer

This has introduced non-declared hard dependency on jose, see https://github.com/python-social-auth/social-app-django/issues/427#issuecomment-1471630584

nijel avatar Mar 16 '23 09:03 nijel

Sorry about that! I didn't really think that importing an internal module would cause issues like this.

I guess another solution which wasn't mentioned in your linked comment, would be to move all the imports of jose inside social_core/backends/open_id_connect.py into the methods where they are used. Then they won't create errors at import time.

Switching everything to use PyJWT would probably be the nicest solution to this, but will likely take more time and be more complicated than other workarounds, such as either always depending on jose or splitting Facebook Limited Login into a separate file.

Is there anything you would like me to do to help out with this?

Tenzer avatar Mar 16 '23 10:03 Tenzer

Moving the imports will make the backend fail at authentication time instead of at import time, what sort of hides the configuration error.

nijel avatar Mar 17 '23 08:03 nijel

Proposed fix: https://github.com/python-social-auth/social-core/pull/778

nijel avatar Mar 27 '23 13:03 nijel