#1043 closed defect (fixed)
facebook authentication fails (missing access token)
Reported by: | Owned by: | ||
---|---|---|---|
Priority: | critical | Milestone: | |
Component: | BitlBee | Version: | devel |
Keywords: | Cc: | ||
IRC client+version: | Client-independent | Operating System: | Linux |
OS version/distro: | Archlinux, up to date |
Description
I'm using bitlbee last version (3.2) on arch.
It's been about 3 days now, FB chat stoped working (again).
Now I have the following output:
11:21 <@Bitlbee> fb - Logging in: Starting OAuth authentication 11:22 <@Bitlbee> fb - Logging in: Requesting OAuth access token 11:22 <@Bitlbee> fb - Login error: OAuth failure (missing access token) 11:22 <@Bitlbee> fb - Logging in: Signing off.. 11:22 <@Bitlbee> fb - Logging in: Reconnecting in 900 seconds..
I do receive a OAuth code from http://www.bitlbee.org/main.php/Facebook/oauth2.html?code=... but I still get the "missing access token" error.
I tried to revert to password based, but bitlbee keeps trying Oauth.
Could it be possible at least to have an account option to choose between both ‽‽
And why is the last stable 3.2 not listed in the version list when creating a ticket ??
Attachments (0)
Change History (32)
comment:1 Changed at 2013-04-16T16:52:23Z by
comment:5 Changed at 2013-04-19T12:42:17Z by
(04:38:56 PM) root: jabber - Login error: OAuth failure (missing access token)
comment:6 Changed at 2013-04-20T23:42:59Z by
This seems to be happening when getting new OAuth credentials, existing ones are still working. The actual error:
{"error":{"message":"The request is invalid because the app secret is the same as the client token","type":"OAuthException","code":1}}
Now to figure out what that means. :<
comment:7 Changed at 2013-04-20T23:54:37Z by
https://developers.facebook.com/bugs/417142765049146/ explains the problem and tells me to change my settings to something illegal, or at least forces me to lie. I guess I don't care.
In short, I need to tick one checkbox saying "the app secret is embedded in my application" and another one saying "the app secret is NOT embedded in my application". I think I've just done that and the change should take effect in a few minutes. We'll see..
comment:8 Changed at 2013-04-21T22:01:37Z by
Still doesn't work, same error here (with new oauth tokens) :(
comment:16 Changed at 2013-05-07T23:09:18Z by
I thought I had posted this update but apparently I did not: I'm somewhat stuck on this one. Things are working just fine for people who've set up their fb-oauth account already, it's just broken for folks trying to set it up now. And it looks very much like the only fix I can try will swap that, so existing users need to re-authenticate.
That's still better than leaving this broken, but I'm just hoping there's an option I don't know about, which requires some experimenting. IMHO it's clear as mud what thee client secrets and app secrets are. It's not like Facebook give a damn about desktop applications anyway... :-/
comment:17 Changed at 2013-05-14T02:39:20Z by
I set my FB account using Oauth a long time ago, but something at some time screwed it. From my logs:
- 2013-01-29: Upgraded bitlbee:i386 (from Bitlbee nightly builds for Debian Squeeze)
- from 3.0.6+20121230+devel+960-2 to 3.2+20130115+devel+969-1
- 2013-02-28 06:00:28 (UTC+0200): the &facebook irssi log cuts in the middle of a join line.
Since then I got the same bug, and deleting the account then recreating it doesn't help.
comment:19 Changed at 2013-05-15T09:59:38Z by
Same here - it stopped working (somewhere around upgrade to 3.2+20130506+devel+983-1).
comment:20 follow-up: 21 Changed at 2013-05-20T03:25:53Z by
Workaround is to not use oauth.
acc fb set oauth off
acc fb set username <yourusername>@chat.facebook.com
acc fb set password <yourpassword>
acc fb on
comment:21 Changed at 2013-05-21T02:51:44Z by
Replying to anonymous:
Workaround is to not use oauth.
acc fb set oauth off
acc fb set username <yourusername>@chat.facebook.com
acc fb set password <yourpassword>
acc fb on
After trying to get oauth to work and reverting to password - it does not work either. I get a message that my account is not available because it is in use from some other location. I can log in in a browser and clear all the sessions but that didn't help. :(
comment:22 Changed at 2013-05-21T02:56:59Z by
Here's the full output from my login attempt.
Authentication appears to be good, but the account has been "locked" in some way - possibly because of my attempts to make oauth work. I have used a browser login to delete all sessions and tried logging in while the browser login was open and then logged the browser out and tried again. All with the same error.
When I revert to attempting oauth, I get the "missing token" error again.
09:01 <@root> fb2 - Logging in: Authenticated, requesting buddy list 09:01 < chatfacebookcom> jpinx: << BitlBee - Message with subject: Sorry, your account isn't available >> 09:01 < chatfacebookcom> jpinx: Your account is temporarily unavailable. Regain access by logging into your
account from a web browser.
09:01 <@root> fb2 - Login error: Account and resource used from a different location 09:01 <@root> fb2 - Logging in: Signing off..
comment:23 follow-up: 26 Changed at 2013-05-21T03:14:37Z by
jpinx, try removing bitlbee in your Account Settings > App Settings > Apps you use section on the Facebook and try again without oauth.
Or wait some time for that locked session to time itself out.
comment:24 Changed at 2013-05-21T03:24:23Z by
i think jpinx is having a problem unrelated to this ticket. i'm having symptoms as described in the ticket:
root jabber - Logging in: Starting OAuth authentication root jabber - Logging in: Requesting OAuth access token root jabber - Login error: OAuth failure (missing access token) root jabber - Logging in: Signing off.. root jabber - Logging in: Reconnecting in 5 seconds.. root jabber - Logging in: Starting OAuth authentication
i can't log in with fb or gtalk (any jabber?) with either oauth or password. i followed your suggestion and removed bitlbee from facebook approved apps to get a clean oauth experience but it still doesn't work. for comparison, i can connect to these services using trillian or adium on the same machine using the same credentials.
comment:26 Changed at 2013-05-21T04:05:11Z by
Replying to tripgod:
jpinx, try removing bitlbee in your Account Settings > App Settings > Apps you use section on the Facebook and try again without oauth.
Or wait some time for that locked session to time itself out.
I did all that with no success. I have the benefit of comparing my 2 fb accounts. One account has been working with password authentication without issues for over a year. fb2 was similarly working, but I needed oauth because I travel a lot and I want my local laptop to connect to fb2. I attempted to setup oauth and got the errors mentioned in this ticket. I logged in through a browser and removed Bitlbee as an app, waited about a day and attempted to revert to password auth, it now fails as well -- giving the errors I pasted.
It appears that fb2
comment:27 Changed at 2013-05-21T04:09:50Z by
It appears that fb2 has been broken completely by the oauth setup attempt. :(
comment:28 follow-up: 29 Changed at 2013-05-23T20:53:27Z by
Resolution: | → fixed |
---|---|
Status: | new → closed |
I'm pretty sure I've just fixed this. Apologies for taking so long, I had to figure out how these two different key types work (still unclear) and which one I could change safely.
I've now reset the "client token" which I could do safely. Nobody needs to upgrade their BitlBee, authentication will just work again, and accounts previously authenticated will continue to work. Please reopen this bug if you're still having troubles.
comment:30 Changed at 2013-05-23T21:02:01Z by
Glad to hear that. No problem, and thanks for the confirmation! I've posted an update on Twitter (which ironcally is now having login issues. This better not be BitlBee-specific..).
comment:31 Changed at 2013-05-23T21:12:36Z by
ah, yes, I was wondering why twitter stopped showing tweets. I cycle the account in bitlbee and can't login.
<@ root> | twitter - Login error: Could not retrieve /users/lookup.xml: 403 Forbidden
It must've been like this since late 20, early 21 May.
Is this the same trouble ticket you're referring? I don't see any ticket open with this error. Should I open a new ticket?
comment:32 Changed at 2013-05-23T21:29:11Z by
Setting base_url to https seems to fix it, hm. :-/ Anyway, yes, that's definitely a different bug.
Same error here...