Modify

#1043 closed defect (fixed)

facebook authentication fails (missing access token)

Reported by: bitlbee@… Owned by:
Priority: critical Milestone:
Component: BitlBee Version: devel
Keywords: Cc:
IRC client+version: Client-independent Operating System: Linux
OS version/distro: Archlinux, up to date

Description

I'm using bitlbee last version (3.2) on arch.

It's been about 3 days now, FB chat stoped working (again).

Now I have the following output:

11:21 <@Bitlbee> fb - Logging in: Starting OAuth authentication 11:22 <@Bitlbee> fb - Logging in: Requesting OAuth access token 11:22 <@Bitlbee> fb - Login error: OAuth failure (missing access token) 11:22 <@Bitlbee> fb - Logging in: Signing off.. 11:22 <@Bitlbee> fb - Logging in: Reconnecting in 900 seconds..

I do receive a OAuth code from http://www.bitlbee.org/main.php/Facebook/oauth2.html?code=... but I still get the "missing access token" error.

I tried to revert to password based, but bitlbee keeps trying Oauth.

Could it be possible at least to have an account option to choose between both ‽‽

And why is the last stable 3.2 not listed in the version list when creating a ticket ??

Attachments (0)

Change History (32)

comment:1 Changed at 2013-04-16T16:52:23Z by anonymous

Same error here...

comment:2 Changed at 2013-04-17T14:44:44Z by anonymous

Same here. Arch too.

comment:3 Changed at 2013-04-17T16:50:57Z by anonymous

same here on testing.bitlbee.org

comment:4 Changed at 2013-04-19T12:23:37Z by anonymous

same here :)

comment:5 Changed at 2013-04-19T12:42:17Z by anonymous

(04:38:56 PM) root: jabber - Login error: OAuth failure (missing access token)

comment:6 Changed at 2013-04-20T23:42:59Z by wilmer

This seems to be happening when getting new OAuth credentials, existing ones are still working. The actual error:

{"error":{"message":"The request is invalid because the app secret is the same as the client token","type":"OAuthException","code":1}}

Now to figure out what that means. :<

comment:7 Changed at 2013-04-20T23:54:37Z by wilmer

https://developers.facebook.com/bugs/417142765049146/ explains the problem and tells me to change my settings to something illegal, or at least forces me to lie. I guess I don't care.

In short, I need to tick one checkbox saying "the app secret is embedded in my application" and another one saying "the app secret is NOT embedded in my application". I think I've just done that and the change should take effect in a few minutes. We'll see..

comment:8 Changed at 2013-04-21T22:01:37Z by elakim

Still doesn't work, same error here (with new oauth tokens) :(

comment:9 Changed at 2013-04-25T09:37:40Z by anonymous

Doesn't work for me too...

comment:10 Changed at 2013-04-25T14:06:23Z by anonymous

Nothing so far. Twitter oauth works just fine.

comment:11 Changed at 2013-04-29T01:24:59Z by anonymous

any update on this?

comment:12 Changed at 2013-05-01T11:59:15Z by anonymous

ping

comment:13 Changed at 2013-05-05T23:11:08Z by Dion Moult

Experiencing this as well on Gentoo.

comment:14 in reply to:  13 Changed at 2013-05-06T16:51:20Z by anonymous

As well as on Debian

comment:15 Changed at 2013-05-07T12:47:46Z by anonymous

as well on Rasbian (raspberry-pi)

comment:16 Changed at 2013-05-07T23:09:18Z by wilmer

I thought I had posted this update but apparently I did not: I'm somewhat stuck on this one. Things are working just fine for people who've set up their fb-oauth account already, it's just broken for folks trying to set it up now. And it looks very much like the only fix I can try will swap that, so existing users need to re-authenticate.

That's still better than leaving this broken, but I'm just hoping there's an option I don't know about, which requires some experimenting. IMHO it's clear as mud what thee client secrets and app secrets are. It's not like Facebook give a damn about desktop applications anyway... :-/

comment:17 Changed at 2013-05-14T02:39:20Z by anonymous

I set my FB account using Oauth a long time ago, but something at some time screwed it. From my logs:

  • 2013-01-29: Upgraded bitlbee:i386 (from Bitlbee nightly builds for Debian Squeeze)
    • from 3.0.6+20121230+devel+960-2 to 3.2+20130115+devel+969-1
  • 2013-02-28 06:00:28 (UTC+0200): the &facebook irssi log cuts in the middle of a join line.

Since then I got the same bug, and deleting the account then recreating it doesn't help.

comment:18 Changed at 2013-05-14T14:43:26Z by tripgod@…

I have the same issue.

comment:19 Changed at 2013-05-15T09:59:38Z by anonymous

Same here - it stopped working (somewhere around upgrade to 3.2+20130506+devel+983-1).

comment:20 Changed at 2013-05-20T03:25:53Z by anonymous

Workaround is to not use oauth.

acc fb set oauth off
acc fb set username <yourusername>@chat.facebook.com
acc fb set password <yourpassword>
acc fb on

comment:21 in reply to:  20 Changed at 2013-05-21T02:51:44Z by jpinx

Replying to anonymous:

Workaround is to not use oauth.

acc fb set oauth off
acc fb set username <yourusername>@chat.facebook.com
acc fb set password <yourpassword>
acc fb on

After trying to get oauth to work and reverting to password - it does not work either. I get a message that my account is not available because it is in use from some other location. I can log in in a browser and clear all the sessions but that didn't help. :(

comment:22 Changed at 2013-05-21T02:56:59Z by jpinx

Here's the full output from my login attempt.

Authentication appears to be good, but the account has been "locked" in some way - possibly because of my attempts to make oauth work. I have used a browser login to delete all sessions and tried logging in while the browser login was open and then logged the browser out and tried again. All with the same error.

When I revert to attempting oauth, I get the "missing token" error again.

09:01 <@root> fb2 - Logging in: Authenticated, requesting buddy list 09:01 < chatfacebookcom> jpinx: << BitlBee - Message with subject: Sorry, your account isn't available >> 09:01 < chatfacebookcom> jpinx: Your account is temporarily unavailable. Regain access by logging into your

account from a web browser.

09:01 <@root> fb2 - Login error: Account and resource used from a different location 09:01 <@root> fb2 - Logging in: Signing off..

comment:23 Changed at 2013-05-21T03:14:37Z by tripgod

jpinx, try removing bitlbee in your Account Settings > App Settings > Apps you use section on the Facebook and try again without oauth.

Or wait some time for that locked session to time itself out.

comment:24 Changed at 2013-05-21T03:24:23Z by anonymous

i think jpinx is having a problem unrelated to this ticket. i'm having symptoms as described in the ticket:

root		jabber - Logging in: Starting OAuth authentication
root		jabber - Logging in: Requesting OAuth access token
root		jabber - Login error: OAuth failure (missing access token)
root		jabber - Logging in: Signing off..
root		jabber - Logging in: Reconnecting in 5 seconds..
root		jabber - Logging in: Starting OAuth authentication

i can't log in with fb or gtalk (any jabber?) with either oauth or password. i followed your suggestion and removed bitlbee from facebook approved apps to get a clean oauth experience but it still doesn't work. for comparison, i can connect to these services using trillian or adium on the same machine using the same credentials.

comment:25 Changed at 2013-05-21T03:27:23Z by ronaldpwilson@…

forgot to sign comment 24.

comment:26 in reply to:  23 Changed at 2013-05-21T04:05:11Z by anonymous

Replying to tripgod:

jpinx, try removing bitlbee in your Account Settings > App Settings > Apps you use section on the Facebook and try again without oauth.

Or wait some time for that locked session to time itself out.

I did all that with no success. I have the benefit of comparing my 2 fb accounts. One account has been working with password authentication without issues for over a year. fb2 was similarly working, but I needed oauth because I travel a lot and I want my local laptop to connect to fb2. I attempted to setup oauth and got the errors mentioned in this ticket. I logged in through a browser and removed Bitlbee as an app, waited about a day and attempted to revert to password auth, it now fails as well -- giving the errors I pasted.

It appears that fb2

comment:27 Changed at 2013-05-21T04:09:50Z by jpinx

It appears that fb2 has been broken completely by the oauth setup attempt. :(

comment:28 Changed at 2013-05-23T20:53:27Z by wilmer

Resolution: fixed
Status: newclosed

I'm pretty sure I've just fixed this. Apologies for taking so long, I had to figure out how these two different key types work (still unclear) and which one I could change safely.

I've now reset the "client token" which I could do safely. Nobody needs to upgrade their BitlBee, authentication will just work again, and accounts previously authenticated will continue to work. Please reopen this bug if you're still having troubles.

comment:29 in reply to:  28 Changed at 2013-05-23T20:58:45Z by anonymous

Confirmed it works. Thanks, wilmer.

comment:30 Changed at 2013-05-23T21:02:01Z by wilmer

Glad to hear that. No problem, and thanks for the confirmation! I've posted an update on Twitter (which ironcally is now having login issues. This better not be BitlBee-specific..).

comment:31 Changed at 2013-05-23T21:12:36Z by tripgod

ah, yes, I was wondering why twitter stopped showing tweets. I cycle the account in bitlbee and can't login.

<@ root> | twitter - Login error: Could not retrieve /users/lookup.xml: 403 Forbidden

It must've been like this since late 20, early 21 May.

Is this the same trouble ticket you're referring? I don't see any ticket open with this error. Should I open a new ticket?

comment:32 Changed at 2013-05-23T21:29:11Z by wilmer

Setting base_url to https seems to fix it, hm. :-/ Anyway, yes, that's definitely a different bug.

Modify Ticket

Action
as closed The ticket will remain with no owner.
The resolution will be deleted.

Add Comment


E-mail address and name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.