From 967173f9a3f0264276c20a96b85bbb5e8642f625 Mon Sep 17 00:00:00 2001 From: Jan Dvorak Date: Mon, 29 Mar 2021 16:07:14 +0200 Subject: [PATCH] Upgrade default Facebook API to v10 & allow overriding this value --- packages/facebook-oauth/CHANGELOG.md | 9 ++++++++- packages/facebook-oauth/facebook_client.js | 4 +++- packages/facebook-oauth/facebook_server.js | 6 ++++-- packages/facebook-oauth/package.js | 2 +- 4 files changed, 16 insertions(+), 5 deletions(-) diff --git a/packages/facebook-oauth/CHANGELOG.md b/packages/facebook-oauth/CHANGELOG.md index 5fbc7693da..a772af6e78 100644 --- a/packages/facebook-oauth/CHANGELOG.md +++ b/packages/facebook-oauth/CHANGELOG.md @@ -1,4 +1,11 @@ -## Changelog +# Changelog +## 1.8.0 - unreleased +### Breaking changes +- N/A + +### Changes +- Updated to use Facebook GraphAPI v10 +- You can now override the default API version by setting `Meteor.settings.public.packages.facebook-oauth.apiVersion` to for example `8.0` ## 1.7.3 - 2020-10-05 ### Breaking changes diff --git a/packages/facebook-oauth/facebook_client.js b/packages/facebook-oauth/facebook_client.js index 3f6d39abff..e6f78f320d 100644 --- a/packages/facebook-oauth/facebook_client.js +++ b/packages/facebook-oauth/facebook_client.js @@ -30,8 +30,10 @@ Facebook.requestCredential = (options, credentialRequestCompleteCallback) => { const loginStyle = OAuth._loginStyle('facebook', config, options); + const API_VERSION = Meteor.settings?.public?.packages?.['facebook-oauth']?.apiVersion || '10.0'; + let loginUrl = - `https://www.facebook.com/v8.0/dialog/oauth?client_id=${config.appId}` + + `https://www.facebook.com/v${API_VERSION}/dialog/oauth?client_id=${config.appId}` + `&redirect_uri=${OAuth._redirectUri('facebook', config, options.params, options.absoluteUrlOptions)}` + `&display=${display}&scope=${scope}` + `&state=${OAuth._stateParam(loginStyle, credentialToken, options && options.redirectUrl)}`; diff --git a/packages/facebook-oauth/facebook_server.js b/packages/facebook-oauth/facebook_server.js index 08331bbb6a..1d8ff7b6b4 100644 --- a/packages/facebook-oauth/facebook_server.js +++ b/packages/facebook-oauth/facebook_server.js @@ -1,6 +1,8 @@ Facebook = {}; import crypto from 'crypto'; +const API_VERSION = Meteor.settings?.public?.packages?.['facebook-oauth']?.apiVersion || '10.0'; + Facebook.handleAuthFromAccessToken = (accessToken, expiresAt) => { // include basic fields from facebook // https://developers.facebook.com/docs/facebook-login/permissions/ @@ -65,7 +67,7 @@ const getTokenResponse = query => { const redirectUri = OAuth._redirectUri('facebook', config, undefined, absoluteUrlOptions); // Request an access token responseContent = HTTP.get( - "https://graph.facebook.com/v8.0/oauth/access_token", { + `https://graph.facebook.com/v${API_VERSION}/oauth/access_token`, { params: { client_id: config.appId, redirect_uri: redirectUri, @@ -104,7 +106,7 @@ const getIdentity = (accessToken, fields) => { hmac.update(accessToken); try { - return HTTP.get("https://graph.facebook.com/v8.0/me", { + return HTTP.get(`https://graph.facebook.com/v${API_VERSION}/me`, { params: { access_token: accessToken, appsecret_proof: hmac.digest('hex'), diff --git a/packages/facebook-oauth/package.js b/packages/facebook-oauth/package.js index b789d4fd98..4143f52d36 100644 --- a/packages/facebook-oauth/package.js +++ b/packages/facebook-oauth/package.js @@ -1,6 +1,6 @@ Package.describe({ summary: "Facebook OAuth flow", - version: "1.7.4" + version: "1.8.0" }); Package.onUse(api => {