@@ -4,7 +4,7 @@ Configuring Providers
44django-all-access configures and stores the set of OAuth providers in the database.
55To enable your users to authenticate with a particular provider, you will need to add
66the OAuth API URLs as well as your application's consumer key and consumer secret.
7- The process of registering your application with each provider will vary and
7+ The process of registering your application with each provider will vary and
88you should refer to the provider's API documentation for more information.
99
1010.. note ::
@@ -14,18 +14,16 @@ you should refer to the provider's API documentation for more information.
1414 `AES specification <http://en.wikipedia.org/wiki/Advanced_Encryption_Standard >`_.
1515 Since this is a symmetric-key encryption the key/secret pairs can still be read
1616 if the encryption key is compromised. In this case django-all-access uses a
17- key based on the standard ``SECRET_KEY `` setting. You should take care to keep
17+ key based on the standard ``SECRET_KEY `` setting. You should take care to keep
1818 this setting secret as its name would imply.
1919
2020
21- .. versionadded :: 0.6
22-
2321Common Providers
2422------------------------------------
2523
2624To get you started, there is an initial fixture of commonly used providers. This includes
2725the URLs needed for Facebook, Twitter, Google, Microsoft Live, Github and Bitbucket. Once you've
28- added ``allaccess `` to your ``INSTALLED_APP `` and created the tables with ``syncdb ``/`` migrate ``,
26+ added ``allaccess `` to your ``INSTALLED_APP `` and created the tables with ``migrate ``,
2927you can load this fixture via::
3028
3129 python manage.py loaddata common_providers.json
@@ -38,8 +36,8 @@ and how they would be populated for additional providers you might want to use.
3836OAuth 1.0 Providers
3937------------------------------------
4038
41- OAuth 1.0 Protocol is defined by `RFC 5849 <http://tools.ietf.org/html/rfc5849 >`_.
42- It is sometimes referred to as 3-Legged OAuth due to the number of requests
39+ OAuth 1.0 Protocol is defined by `RFC 5849 <http://tools.ietf.org/html/rfc5849 >`_.
40+ It is sometimes referred to as 3-Legged OAuth due to the number of requests
4341between the provider and consumer.
4442
4543To enable an OAuth provider, you should add a ``Provider `` record with the necessary
@@ -99,12 +97,20 @@ Facebook is a large social network which provides a REST API with OAuth 2.0
9997authentication. The below ``Provider `` record will enable Facebook authentication::
10098
10199 name: facebook
102- authorization_url: https://www.facebook.com/dialog/oauth
103- access_token_url: https://graph.facebook.com/oauth/access_token
104- profile_url: https://graph.facebook.com/me
100+ authorization_url: https://www.facebook.com/v2.8/ dialog/oauth
101+ access_token_url: https://graph.facebook.com/v2.8/ oauth/access_token
102+ profile_url: https://graph.facebook.com/v2.8/ me
105103
106104As you can see, the ``request_token_url `` is not included because it is not needed.
107105After adding your consumer key and secret to this record you should now be able
108106to authenticate with Facebook by visiting ``/accounts/login/facebook/ ``.
109107Facebook also has `developer docs <http://developers.facebook.com/docs/ >`_
110108for additional information on using their API.
109+
110+ .. note ::
111+
112+ Facebook began using the version number in the URL as part of their 2.0 API.
113+ Since then very little has changed with regard to the OAuth flow but the
114+ version number is now required. The latest version of the API might not
115+ match the documentation here. For the most up to date info on the Facebook
116+ API you should consult their API docs.
0 commit comments