Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
BedrockMission!

Learn more

View all

Sign in to view all badges

SOLVED

Facebook log-in is broken

Stanleyor
Level 3
Level 3

Hey

Today facebook log-in on our web-site stopped working:

28.03.2017 10:54:52.313 *ERROR* [qtp1448280031-74010] com.adobe.granite.auth.oauth.impl.oauth2.Oauth2Helper Response body is incorrect. Can't extract a token from this: '{"access_token":"EAAJGDvtJEUYBANHEc5fdkYXLtAgDV6YHLcZCU87Rf7EPbTZAH05LqtAs1yZBXC3uLPDvpUpPMZCYEWLZCOdIksfObQ8Eu2gVibrZC1yr2lDvE5GeWt72S2Idsss7IbrhEIBNImkL78JAk82RpyMRCz5WdDMiDO2t8dPQdtINowNgZDZD","token_type":"bearer","expires_in":5112541}' org.scribe.exceptions.OAuthException: Response body is incorrect. Can't extract a token from this: '{"access_token":"EAAJGDvtJEUYBANHEc5fdkYXLtAgDV6YHLcZCU87Rf7EPbTZAH05LqtAs1yZBXC3uLPDvpUpPMZCYEWLZCOdIksfObQ8Eu2gVibrZC1yr2lDvE5GeWt72S2Idsss7IbrhEIBNImkL78JAk82RpyMRCz5WdDMiDO2t8dPQdtINowNgZDZD","token_type":"bearer","expires_in":5112541}' at org.scribe.extractors.TokenExtractor20Impl.extract(TokenExtractor20Impl.java:33) at org.scribe.oauth.OAuth20ServiceImpl.getAccessToken(OAuth20ServiceImpl.java:37) at com.adobe.granite.auth.oauth.impl.oauth2.Oauth2Helper.requestAccessCode(Oauth2Helper.java:124) at com.adobe.granite.auth.oauth.impl.OAuthAuthenticationHandler.extractCredentials(OAuthAuthenticationHandler.java:193) at org.apache.sling.auth.core.impl.AuthenticationHandlerHolder.doExtractCredentials(AuthenticationHandlerHolder.java:75) at org.apache.sling.auth.core.impl.AbstractAuthenticationHandlerHolder.extractCredentials(AbstractAuthenticationHandlerHolder.java:60) at org.apache.sling.auth.core.impl.SlingAuthenticator.getAuthenticationInfo(SlingAuthenticator.java:718) at org.apache.sling.auth.core.impl.SlingAuthenticator.doHandleSecurity(SlingAuthenticator.java:466) at org.apache.sling.auth.core.impl.SlingAuthenticator.handleSecurity(SlingAuthenticator.java:451) at org.apache.sling.engine.impl.SlingHttpContext.handleSecurity(SlingHttpContext.java:121) at org.apache.felix.http.base.internal.service.ServletContextImpl.handleSecurity(ServletContextImpl.java:421) at org.apache.felix.http.base.internal.dispatch.InvocationChain.doFilter(InvocationChain.java:57) at org.apache.felix.http.base.internal.dispatch.Dispatcher.dispatch(Dispatcher.java:124) at org.apache.felix.http.base.internal.DispatcherServlet.service(DispatcherServlet.java:61) at javax.servlet.http.HttpServlet.service(HttpServlet.java:725) at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:812) at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:587) at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:221) at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1127) at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:515) at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185) at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1061) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141) at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:215) at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:97) at org.eclipse.jetty.server.Server.handle(Server.java:499) at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:311) at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:257) at org.eclipse.jetty.io.AbstractConnection$2.run(AbstractConnection.java:544) at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:635) at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:555) at java.lang.Thread.run(Thread.java:745)
1 Accepted Solution
Stanleyor
Correct answer by
Level 3
Level 3

If someone experiencing the same problem:

Finally after 2 weeks we got a hot-fix from Adobe.

The claim in docs that "AEM 6.2 Communities works with FB API 2.5" is a lie. You need a hot-fix to make it work.

View solution in original post

12 Replies
Stanleyor
Level 3
Level 3

If I understand correctly that is what AEM uses:
https://github.com/dsyer/scribe-java/blob/master/src/main/java/org/scribe/extractors/TokenExtractor2...

 

public class TokenExtractor20Impl implements AccessTokenExtractor { private static final String TOKEN_REGEX = "access_token=([^&]+)"; private static final String EMPTY_SECRET = ""; /** * {@inheritDoc} */ public Token extract(String response) { Preconditions.checkEmptyString(response, "Response body is incorrect. Can't extract a token from an empty string"); Matcher matcher = Pattern.compile(TOKEN_REGEX).matcher(response); if (matcher.find()) { String token = OAuthEncoder.decode(matcher.group(1)); return new Token(token, EMPTY_SECRET, response); } else { throw new OAuthException("Response body is incorrect. Can't extract a token from this: '" + response + "'", null); } } }

Although according to Facebook change log:

[Oauth Access Token] Format - The response format of https://www.facebook.com/v2.3/oauth/access_token returned when you exchange a code for an access_token now return valid JSON instead of being URL encoded. The new format of this response is {"access_token": {TOKEN}, "token_type":{TYPE}, "expires_in":{TIME}}. We made this update to be compliant with section 5.1 of RFC 6749.

Hence new JSON format cannot be parsed by old REGEX.

There is an example of an appropriate implementation here. But I do not know how to integrate this with AEM and whether that is possible at all.

JK_Kendall
Level 8
Level 8

What version of AEM and Communities are you using?   Social login is a feature of the Communities capability.

Please read about Facebook API versions from the AEM perspective.

- JK

Stanleyor
Level 3
Level 3

Hey, JK Kendall

I've just updated AEM Communities with AEM-6.2-COMMUNITIES-LIVEFYRE-FEATURE-PACK-2 Version: 1.10.111 but the problem is still there. The feature pack has *not* fixed the problem. Currently we are using Version: 1.10.111

29.03.2017 10:33:47.585 *ERROR* [qtp456392319-11621] com.adobe.granite.auth.oauth.impl.oauth2.Oauth2Helper Response body is incorrect. Can't extract a token from this: '{"access_token":"EAAJGDvtJEUYBACvrh7nPweWzT254Fr5akEw8akKV6WDIgYSK9FmszwIfZBbvP9yKeqf8yeKv5foKdeYZC45DZBYkM0ZCw3DOfjsBnZAmyAZBtrXDJfoO5p7lfoy9fAAgGL3UNXsP4VSWfNXsJ0izqFknnzAsSNH5ZCZAwnroMZAzhTwZDZD","token_type":"bearer","expires_in":5184000}'
org.scribe.exceptions.OAuthException: Response body is incorrect. Can't extract a token from this: '{"access_token":"EAAJGDvtJEUYBACvrh7nPweWzT254Fr5akEw8akKV6WDIgYSK9FmszwIfZBbvP9yKeqf8yeKv5foKdeYZC45DZBYkM0ZCw3DOfjsBnZAmyAZBtrXDJfoO5p7lfoy9fAAgGL3UNXsP4VSWfNXsJ0izqFknnzAsSNH5ZCZAwnroMZAzhTwZDZD","token_type":"bearer","expires_in":5184000}'
        at org.scribe.extractors.TokenExtractor20Impl.extract(TokenExtractor20Impl.java:33)
        at org.scribe.oauth.OAuth20ServiceImpl.getAccessToken(OAuth20ServiceImpl.java:37)
        at com.adobe.granite.auth.oauth.impl.oauth2.Oauth2Helper.requestAccessCode(Oauth2Helper.java:124)
        at com.adobe.granite.auth.oauth.impl.OAuthAuthenticationHandler.extractCredentials(OAuthAuthenticationHandler.java:193)
        at org.apache.sling.auth.core.impl.AuthenticationHandlerHolder.doExtractCredentials(AuthenticationHandlerHolder.java:75)
        at org.apache.sling.auth.core.impl.AbstractAuthenticationHandlerHolder.extractCredentials(AbstractAuthenticationHandlerHolder.java:60)
        at org.apache.sling.auth.core.impl.SlingAuthenticator.getAuthenticationInfo(SlingAuthenticator.java:718)
        at org.apache.sling.auth.core.impl.SlingAuthenticator.doHandleSecurity(SlingAuthenticator.java:466)
........

Facebook log-in worked on Monday. On Tuesday FB log-in broke. We deployed or changed nothing.

JK_Kendall
Level 8
Level 8

My guess would be to upgrade your Facebook app to use FB API v2.5 or later.

- JK

Stanleyor
Level 3
Level 3

https://developers.facebook.com/docs/apps/changelog -> Changes from v2.2 to v2.3

[Oauth Access Token] Format - The response format of https://www.facebook.com/v2.3/oauth/access_token returned when you exchange a code for an access_token now return valid JSON instead of being URL encoded. The new format of this response is {"access_token": {TOKEN}, "token_type":{TYPE}, "expires_in":{TIME}}. We made this update to be compliant with section 5.1 of RFC 6749.

If I understood correctly for version >= 2.3 the response format is JSON. Including the version 2.5.

v2.2 was available until March 25, 2017.

JK_Kendall
Level 8
Level 8

Hi Stanley,

I am no expert on this.  All I can do is point out the history of social login for AEM and that AEM 6.2 Communities works with FB API 2.5.

Also, there is sample code for creating an OAuth provider (using LinkedIn as an example) - I don't know if you can do something with that.

I hope someone else will respond to this thread or you could open a support ticket.

I think the key is to understand what did change, because something changed.  If you deployed or changed nothing in AEM, then it suggests something changed coming from Facebook.

If you have a dev system and could quickly try the getting started tutorial and try its Facebook login, perhaps you could get more specific information... ???  It should take you about 10 minutes to setup, author a new site, and then try the social login.  Maybe even then setup a new Facebook app and try it with the dev setup.

Wish I could be of more help - I realize how frustrating this must be.

- JK

Stanleyor
Level 3
Level 3

Hey, JK Kendall

Thank you for your help

Stanleyor
Correct answer by
Level 3
Level 3

If someone experiencing the same problem:

Finally after 2 weeks we got a hot-fix from Adobe.

The claim in docs that "AEM 6.2 Communities works with FB API 2.5" is a lie. You need a hot-fix to make it work.

View solution in original post

Pablo_Larrosa-R
Level 2
Level 2

Hi Stanleyor,

We have the exact same issue ( "Response body is incorrect. Can't extract a token from this: " ), can you tell me the hotfix number so I can download it from the package share??

Thanks in advance for your help.

Regards

mohitk
Level 1
Level 1

Hi Pablo,

The hotfix is not public as of now. This fix is officially coming in next Feature Pack. If it's urgent you can get it via Adobe's customer support by opening a RFH for the same.

-Mohit

Pablo_Larrosa-R
Level 2
Level 2

Thanks for the update Mohit,

Probably wait till the next Feature Pack, the issue is not urgent for us ( for now )

Regards

Mateo_Recoba
Level 1
Level 1

Hi all, good news!

In fix pack 6.3 (released on 23, June 2017) we found solution for this issue (among others fixes).

Please follow this link :

Adobe Experience Manager Help | Release Notes: AEM 6.3 Cumulative Fix Pack

Regards

Mateo Recoba

Pablo.Larrosa