Getting Python to work with Facebook's OAuth 2.0 authentication system

I recently treaded into the dreaded territory of the Facebook API to try to create a viral app on top of AvantCard. I ran into a lot of snags that I'll share, and luckily found the solutions (which I will share as well).

The big thing I learned the hard way was that Facebook is requiring OAuth 2.0 authentication by September 1, 2011 and their Python-SDK does not support that.

I found this out by first not trying to use OAuth 2.0 and being OK with the Python-SDK, but discovered that the non-OAuth Facebook cookie (with the key "fbs_[your_app_id]") was not storing in Chrome for some reason. After I figured that out, I switched to OAuth 2.0 by changing a setting within FB.init() in their Javascript SDK and was able to get the correct cookie saved (with the key "fbsr_[your_app_id") in chrome! But... even with the cookie, the Python-SDK wasn't getting it. 

So I went into facebook.py and tweaked the cookie-getter function to look for "fbsr_" vs "fbs" and then discovered they were just completely different and even doing that wouldn't fix the problem.

And along came this handy-dandy website that clarifies all this. They pointed out the problem I discovered after trying to deal with it myself, and created a workaround. Generate the login-url, and authentication-url's with Python. Don't let Facebook's Javascript SDK suck you in.

So I did just that, and it allowed me to successfully, get a user to the log-in screen, and generate the cookie, and get the cookie to get access to the Facebook access_token for that user. The only thing I need to do is throw in some JQuery to let the user not have to physically switch web-pages to do a Facebook login, and simply have a pop-up.

 

The other handy-dandy thing I fell upon was a pre-made function to handle FQL queries in Python really easily by just adding some code into the facebook.py file in the Python-SDK. Here's the site. Even though the site has you put the function inside facebook.py, I just modified it slightly to work in my controllers file for my Django/Python app.

 

Hopefully if anyone else out there is trying to get their Python app to work with Facebook's new OAuth 2.0 authentication system, you found this helpful.

Working with the Twitter API (until 7AM)

After working with Facebook API extensively, the other night I decided it was finally to learn how to connect via Twitter API (little did I know it would keep my up until 7AM). Just a few words on my overall experience that night: it was pretty difficult to understand at first and there was a huge learning curve for me in the beginning, but as soon as I 'got it' it was pretty easy. The biggest reason why I got it was because of Jaisen Mathai. So I started off going straight to Twitter's Dev site and looked right through their tutorial. I thought immediately after reading that it might be a little over my head. They talked a lot about Oauth tokens and the flow between client/server/Twitter authentication and I will admit I was a little lost and discouraged... but I realized Google exists! So next thing I did was Google through 'how to php Twitter API' and opened the first couple results into tabs on Chrome. I skimmed over them all and noticed they all used a little Twitter php class package put together by Jaisen Mathai. I thought, okay seems pretty standard let me download that. I immediately downloaded it from a web site that was NOT Jaisen's because I thought the instructions were a little more clear (sort of a mistake, I will explain), I uploaded onto a server, and started looking at the code. I read through the tutorial and looked through the code and found it was pretty straightforward. As soon as I started playing with it though and customizing it for a simple app I wanted to make, I kept running into issues.
<?php
$twitterObj = new EpiTwitter($consumer_key,$consumer_secret);
$url = $twitterObj->getAuthorizationUrl();
?>
That should have given me a $url with the proper oauth token to go back to Twitter and log a user in to my specific website. However it kept returning a url with the proper url minus the oauth token... I dug into the code and first thing I noticed was in the EpiTwitter class some of the urls were out of date. I tried to change the class variables into the correct ones, then I ran the code again and same issue.. The next thing I did was try to ask @jmathai and hoped that he'd get back to me. He actually responded really quickly saying to email him the question. So I did and while I waited for a response I kept looking online to see if the answer was there. All my search results basically linked back to his page so I decided...you know maybe it was wise to look at what he had to say about his own stuff. I didn't notice anything different until I stumbled upon his Github link to the project. I finally realized that, woops, here was my mistake. His Github contained the most updated code and so I downloaded from there and re-uploaded the library. Boom, baby. It worked. I had gotten a very basic version of logging-in via Twitter up on the server and now it was time to play. Of course also I tweeted back at Jaisen and let him know it was just my mistake of getting old files and he was kind about it. The next thing I did was read through all the documentation of the new classes and learn how it worked. It took a couple tries and it wasn't easy at first. But as soon as I learned the structure of the GET and POST requests it became simply a matter of knowing what Twitter methods were available via the API and how to call them. By the time I became familiar everything it was probably 4AM, so I spent the remainder of the night just coding a basic functioning version of the app I wanted to make (details will be released with the app later this weekend, hopefully tonight). It was a great experience and now I know how to deal with the Twitter API! If anyone has any questions about this or needs help getting started, let me know. I feel like I have learned enough to be helpful enough at this point.

Early Morning Crisis Averted

Alright. Here's basically what happened. We finished the product at around 6:30am. At about 7am I headed to bed. At 7:30am I got a frantic call from Dan telling me that nothing was working. It turned out that somehow Facebook had deleted our app from the Developers thing and we had lost the ability to use the API key and secret. We had to quickly create a new app as fast as possible and rewrite some configuration files on the site to make it all work. It was up and running again by 7:45 and so it was fine. We ended up getting 8 upvotes fr Hacker News and got as high as 20th position on the first page! We also got a couple hits from StumbleUpon and some upvotes on Reedit. Things are going well but not as good as hoped. The issues in the launch, I feel, were a big inhibitor in maintaining first page position on hacker news which would have been golden. Instead bugs caused chaos again. Every time we tighten up security and bug control but there's always something that slips by. So we'll just keep getting better with experience. Or release it at a time when we'll be awake to make changes during crucial moments...

Where My Friends Be??? Late night/early morning success

So... it's finally done! With no more than 3 hours to spare for some sleep. The wakey-wakey, class, practice, and homework! Yay for another long week. Hopefully though it's worth it. Where My Friends Be is a mashup of Google Maps and Facebook where you can see a map of all your friends around the world. This project was a fairly simple concept, no hard coding problems, but we (Dan, Ajay, and myself) think it has some potential. To the little users we've shown so far they've all loved it. Let us know what you think!

Will Iteration Pay Off?

I realize I'm fairly new at this web development game, but I've already dipped my toes pretty deep into the water (is that the right expression?). Since first really learning how to do this over break (about 8 weeks ago) I've come up with ideas I thought were cool and coded them together almost once a week. It has been really fun and I have thousands of more ideas left and I'm ready to keep moving. Even though I have yet to see the back of my eyelids before 5AM in the past couple weeks, its been really exciting and I'm loving every second. Update on the Google Maps - Facebook API Mashup: it's going real well. Almost done, just polishing some things, and planning to stay up however long with Dan to code it up and release it. We've shown the beta to some friends and they all are very excited about it. I think this could finally penetrate the Bored at Work Network and maintain a first page place on Hacker News. If so - then I will finally have proven myself to the tech community and to myself. Things are moving fast and I'm excited. Now on to homework (because that's still important right?).

Google Maps API Shuts Us Off!

Last  night, I coded up this really cool idea into a very simple and kind of gross looking UI using the Facebook Graph API and Google Maps API (geocoding etc). The idea is you get your Facebook friends and then locate them all on the map, with you as the center to see how cool/wordly you are. Dan and Ajay thought it was cool so we started to work throughout the night to make it faster and sweeter looking. After getting it to load much faster and getting very close to the finish line...we suddenly got hit with a bunch of errors. After spending a good amount of time crying, screaming, etc, we realized Google Maps had an API limit and had to stop for the night. We are gong to wait until the hold is lifted and if it isn't lifted soon, we'll have to use our other servers to route Google API requests.