Joab Mendes Joab Mendes - 8 months ago 81
Python Question

How to use the django-rest-framework-social-oauth2 with facebook Oauth2?

I have read the documentation here:
django-rest-framework-social-oauth2, but everything is very unclear to me (It's my first time working with this).

and by the end it shows some configuration of how to do the settings to use facebook Oauth2. And there's this information on the docs:

You can test these settings by running the following command :

curl -X POST -d “grant_type=convert_token&client_id=<client_id>&client_secret=<client_secret>&backend=facebook&token=<facebook_token>” http://localhost:8000/auth/convert-token

This request returns the “access_token” that you should use on all
HTTP requests with DRF. What is happening here is that we are
converting a third-party access token (user_access_token) in an
access token to use with your api and its clients (“access_token”).
You should use this token on each and further communications between
your system/application and your api to authenticate each request and
avoid authenticating with FB every time.

Does it mean that with this endpoint I will be able to somehow "override" a
sing up
method creating a user on my application with the same user_access_token it has on facebook?

If this is right, by my understanding. After I get the FB.getLoginStatus response, I will be able to make calls on my own API endpoints referring to the logged user with his facebook user_acess_token (That also is the same on my system).

I guess I would also need to add social accounts tokens to user models?

Am I right?

Answer Source

I could test it with a test token from facebook and it behaves as I expected like I wrote in my question.