Incorrect return url after Facebook authentication

[zindi]

Hi All,
I am following the spring social show case example and I am having issues relating to Facebook.
My application will connect to Facebook and authorise the app but the return url is not correct.

The "signup" process is initiated from a /login.jsp page and the return url redirects to the same.

I am using Spring social 1.0.0RC1 and Spring 3.0.5RELEASE.
Any help in resolving this is much appreciated.

Thanks in advance.

[habuma]

A few of the details of your problem are unclear to me. To start, what callback URL were you expecting and what callback URL did you get? Was it Facebook complaining about the bad callback URL...or was the problem upon return from authorization with Facebook? Any details you can provide will be helpful in figuring this out.

[zindi]

Thank you for the quick reply. I am referring to the callback url to the application after authentication from Facebook. Basically I have a "Login with Facebook" button on my login.jsp page. When invoked the Facebook login and permission authorisation dialog is presented. Once the user logs in and grants permission to the app, the app is seen to have successfully granted permission. This was verified by visiting the "Privacy Settings" settings on Facebook. However once the app is authorised I would like my application be be redirected to /signup where I can pull the necessary information from the graph api and pre-populate the fields.
My issue is that after authorisation the application comes back to login.jsp, which was the starting point.

Thanks.

[Keith Donald]

How are you initiating the sign-in? I assume you have a form that is submitting a POST request to /signin/facebook backed by a ProviderSignInController instance, as in the show case example? If so, the controller should handle the form POST and generate the callbackUrl in a way where it will process the callback. Upon receiving the callback, it will redirect the user to /signup if no local user is associated with the authorizing Facebook user. If you are not submitting your form to this controller, it's likely you'll need to handle this responsibility yourself. If you can provide a little more background there, that would be helpful. I sense you might be doing things a bit differently than the Showcase example.

Keith

[zindi]

Hi Keith,

Yes, I am sending a POST request to /signin/facebook backed by the ProviderSignInController. One thing I had done differently than the showcase example was that I used <fb:login-button> instead of a standard submit button. Once this was changed to a standard submit button the authorisation process happens as before but now I am being redirect to /signin/facebook. Ideally this should be /signup. Maybe I am missing a configuration somewhere. Given below are my configurations.

Code:

<form id="fb_signin" action="<c:url value="/signin/facebook"/>" method="POST">
    <button type="submit"><img src="<c:url value="images/social/facebook/sign-in-with-facebook.png"/>"/></button>
</form>

Code:

@Configuration
public class SocialConfig {

    //@Inject
    //private Environment environment;

    @Inject
    private DataSource dataSource;

    @Bean
    @Scope(value = "singleton", proxyMode = ScopedProxyMode.INTERFACES)
    public ConnectionFactoryLocator connectionFactoryLocator() {
        ConnectionFactoryRegistry registry = new ConnectionFactoryRegistry();
        registry.addConnectionFactory(new FacebookConnectionFactory(
                "<appID>",
                "<appSecret>"));
        return registry;
    }

    @Bean
    @Scope(value = "singleton", proxyMode = ScopedProxyMode.INTERFACES)
    public UsersConnectionRepository usersConnectionRepository() {
        return new JdbcUsersConnectionRepository(dataSource, connectionFactoryLocator(), Encryptors.noOpText());
    }

    @Bean
    @Scope(value = "request", proxyMode = ScopedProxyMode.INTERFACES)
    public ConnectionRepository connectionRepository() {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication == null) {
            throw new IllegalStateException("Unable to get a ConnectionRepository: no user signed in");
        }
        return usersConnectionRepository().createConnectionRepository(authentication.getName());
    }

    @Bean
    @Scope(value = "request", proxyMode = ScopedProxyMode.INTERFACES)
    public Facebook facebook() {
        Connection<Facebook> facebook = connectionRepository().findPrimaryConnection(Facebook.class);
        return facebook != null ? facebook.getApi() : new FacebookTemplate();
    }

    @Bean
    @Scope(value = "request", proxyMode = ScopedProxyMode.INTERFACES)
    public Twitter twitter() {
        Connection<Twitter> twitter = connectionRepository().findPrimaryConnection(Twitter.class);
        return twitter != null ? twitter.getApi() : new TwitterTemplate();
    }

//    @Bean
//    public ConnectController connectController() {
//        ConnectController connectController = new ConnectController(connectionFactoryLocator(), connectionRepository());
//        connectController.addInterceptor(new PostToWallAfterConnectInterceptor());
//        connectController.addInterceptor(new TweetAfterConnectInterceptor());
//        return connectController;
//    }

    @Bean
    public ProviderSignInController providerSignInController() {
        ProviderSignInController controller = new ProviderSignInController(connectionFactoryLocator(),
                usersConnectionRepository(), new SimpleSignInAdapter());
        URL appUrl = null;
        try {

            appUrl= new URL("<my-app-url>");
        }
        catch (Exception e) {

        }
        controller.setApplicationUrl(appUrl);
        return controller;
    }

}

[Keith Donald]

Yeah, that's most likely the issue. If you use the fb:login-button tag, it will handle the OAuth redirect for you in JavaScript. You'd be bypassing ProviderSignInController then, and dealing with Facebook's JavaScript API. Craig can likely provide more insight on exactly how fb:login-button works, and how it could be used in conjunction with Spring Social--you can also get more info from Facebook's developer reference.

After you changed things to a regular form posting to /signin/facebook, which doesn't require any special JavaScript and also can be used to support sign-in with multiple providers in the same way, you're getting what I expect. The authorization callback will come back to /signin/facebook, and then a redirect will happen to /signup if no local user could be mapped from the Facebook user (otherwise the user will be signed-in). You can see this in the showcase sample as well as the Greenhouse reference app when you try to sign-in with your Facebook account there. This should give you what you want, unless I'm missing something. You might also want to review the sign-in chapter of the Spring Social reference manual.

We should make it clear in our reference documentation how our Facebook sign-in support relates to what Facebook already provides developers via fb:login-button, etc.

Keith