savage-lands/share/readmes/authorization_oauth_social_auth_facebook.md

in order to use the facebook login with our DRF we need to first get an access token from facebook

then we must login to an OAuth2 application to get an authorization token from our system

so we must have an OAuth Application set up before we can use the facebook token with the DRF

1. install [Django OAuth Toolkit](https://django-oauth-toolkit.readthedocs.io/en/latest/)
2. read and apply [Step 3: Register an application](https://django-oauth-toolkit.readthedocs.io/en/latest/rest-framework/getting_started.html#step-3-register-an-application)

note: step 2 can be done in the admin under Django OAuth Toolkit > Application

1. install the [Django rest-framework Social OAuth2](https://github.com/RealmTeam/django-rest-framework-social-oauth2) package
2. go to the facebook developers [debug access token](https://developers.facebook.com/tools/accesstoken/) page, and get a fake user access token
3. test it using the shell script *facebook_convert.sh* which is located in **/opt/shell-commands/social_rest**
4. or just run the command 

`curl -X POST -d "grant_type=convert_token`
`&client_id=$CLIENT_ID`
`&client_secret=$CLIENT_SECRET`
`&backend=facebook`
`&token=$FACEBOOK_USER_TOKEN"`
` $baseurl/auth/convert-token`

where CLIENT\_ID, CLIENT\_SECRET, AND FACEBOOK\_USER\_TOKEN are all either variables or direct values put in the proper places

CLIENT\_ID and CLIENT_SECRET you get from the OAuth application you created before.   That application manages authorized user tokens to let users make DRF requests on authorization only parts of the system

FACEBOOK\_USER\_TOKEN is a value you get **AFTER** you've logged into facebook.  at the facebook developers [debug access token page](https://developers.facebook.com/tools/accesstoken/) you look up the Facebook app you are trying to log into, and get a debug user access token.

In production, this means that you ahve to log into facebook **only** via web or by ios, you **absolutely cannot** log into facebook by the command line.  No way.

So in production you will have to retrieve the access token facebook provides after login, *then* make the call to retrieve *yet another* access token from the Django OAuth Application you set up on your web server.
initial commit 2025-04-17 00:41:48 +03:00			`in order to use the facebook login with our DRF we need to first get an access token from facebook`

			`then we must login to an OAuth2 application to get an authorization token from our system`

			`so we must have an OAuth Application set up before we can use the facebook token with the DRF`

			`1. install [Django OAuth Toolkit](https://django-oauth-toolkit.readthedocs.io/en/latest/)`
			`2. read and apply [Step 3: Register an application](https://django-oauth-toolkit.readthedocs.io/en/latest/rest-framework/getting_started.html#step-3-register-an-application)`

			`note: step 2 can be done in the admin under Django OAuth Toolkit > Application`

			`1. install the [Django rest-framework Social OAuth2](https://github.com/RealmTeam/django-rest-framework-social-oauth2) package`
			`2. go to the facebook developers [debug access token](https://developers.facebook.com/tools/accesstoken/) page, and get a fake user access token`
			`3. test it using the shell script facebook_convert.sh which is located in /opt/shell-commands/social_rest`
			`4. or just run the command`

			`curl -X POST -d "grant_type=convert_token`
			`&client_id=$CLIENT_ID`
			`&client_secret=$CLIENT_SECRET`
			`&backend=facebook`
			`&token=$FACEBOOK_USER_TOKEN"`
			` $baseurl/auth/convert-token`

			`where CLIENT\_ID, CLIENT\_SECRET, AND FACEBOOK\_USER\_TOKEN are all either variables or direct values put in the proper places`

			`CLIENT\_ID and CLIENT_SECRET you get from the OAuth application you created before. That application manages authorized user tokens to let users make DRF requests on authorization only parts of the system`

			`FACEBOOK\_USER\_TOKEN is a value you get AFTER you've logged into facebook. at the facebook developers [debug access token page](https://developers.facebook.com/tools/accesstoken/) you look up the Facebook app you are trying to log into, and get a debug user access token.`

			`In production, this means that you ahve to log into facebook only via web or by ios, you absolutely cannot log into facebook by the command line. No way.`

			`So in production you will have to retrieve the access token facebook provides after login, then make the call to retrieve yet another access token from the Django OAuth Application you set up on your web server.`