Adium

Opened 7 years ago

Closed 6 years ago

Last modified 6 years ago

#16368 closed defect (outofdate)

Facebook Authorization keeps repeating

Reported by: aski Owned by:
Milestone: Component: Service/Facebook
Version: Severity: major
Keywords: Cc:
Patch Status:

Description

Summary

When I want to connect Adium to Facebook the authorization seems to work and then the authorization windows appears again.

Steps to reproduce

Detail the exact steps taken to produce the bug. Use the following format, each line with " 1." before it:

  1. Fill in the username password in the mask for the facebook authorization and hit login
  2. Facebook window asks whether to save the browser -> hit save browser
  3. The authorization window appears again and says: please enter your email and password.

Expected results

Authorization of the facebook account finalizes.

Actual results

Authorization does not work and authorization window shows up over and over again.

Regression

Latest Adium version on Mac OS X 10.8.3

Notes

Attachments (3)

Snímek obrazovky 2013-05-05 v 9.16.56.png (32.3 KB) - added by Melebius 7 years ago.
Facebook login request
Snímek obrazovky 2013-05-05 v 9.17.15.png (64.0 KB) - added by Melebius 7 years ago.
Browser save request
Snímek obrazovky 2013-05-05 v 10.21.21.png (70.1 KB) - added by Melebius 7 years ago.
Login to Facebook from an unknown device – e-mail login notification

Download all attachments as: .zip

Change History (29)

comment:1 Changed 7 years ago by Thijs Alkemade

Resolution: duplicate
Status: newclosed

Closed as duplicate of #16343.

comment:2 Changed 7 years ago by Melebius

This is not a duplicate of #16343, it’s a different issue although not very well described.

I’m confirming this issue with Adium 1.5.6 on OS X 10.6.8. However, it appears just on one of my two Macs running the same configuration. The problem appears on the same machine that was also affected by #16343. It is the computer I use less often (the other is running every day, this one not). The issue #16343 forced me to enter my Facebook password and since I don’t write the password very often, I realized that I was not able to enter the right password (on Facebook login web page), so I reset the password and set a new one.

After Facebook password reset with login notifications on, I had to go through these notifications with all my browsers and devices again. However, this is not possible with Adium now. After choosing the Save browser option, the window simply disappears, Adium logs in to Facebook and an e-mail with the subject Login from an unknown device comes. I can enjoy Facebook chat then – until some time period exceeds and I have to connect Adium to Facebook next time.

Once again, structured:

Steps to reproduce

  1. Turn Facebook’s login notification on.
  2. Logout from Facebook web page.
  3. Reset your Facebook password.
  4. Wait some time with Facebook chat disconnected in Adium (hours probably).
  5. Login to Facebook chat in Adium.
  6. Choose Save browser and submit.

Expected results

The dialog window lets you input a name and submit.

Actual results

The window disappears.

Attachments

I added three attachments to illustrate the process.

Last edited 7 years ago by Melebius (previous) (diff)

Changed 7 years ago by Melebius

Facebook login request

Changed 7 years ago by Melebius

Browser save request

Changed 7 years ago by Melebius

Login to Facebook from an unknown device – e-mail login notification

comment:3 Changed 7 years ago by Prabhakaran

Am experiencing the same problem Melebius is having, "I can enjoy Facebook chat then – until some time period exceeds and I have to connect Adium to Facebook next time." 1-6 Steps to reproduce is same as Melebius said,

  1. Leave the system idle for 30+ mins /keep the system locked. so that your WiFi network gets disconnected, and after my Mac get the Wifi network back, Adium asks for authorizing my facebook account. The network is proxy protected and I have provided my authentication details in network settings.

Adium version : 1.5.6 (19/03/13)

comment:4 Changed 7 years ago by Melebius

My other Mac started to suffer from this bug yesterday. Unlike Friendtam, I have no proxy in my network and connect using Wifi and Ethernet alternately.

comment:5 Changed 7 years ago by Thijs Alkemade

Ticket #16388 has been marked as a duplicate of this ticket.

comment:6 Changed 7 years ago by Robert

Milestone: Patches Needing Improvement
Patch Status: Needs Dev Review

No patch to be seen...

comment:7 Changed 7 years ago by Robert

Component: Adium CoreService/Facebook

comment:8 Changed 7 years ago by Robert

Resolution: duplicate
Status: closednew

comment:9 Changed 7 years ago by ^_^

As has been recognized this is not a duplicate of other, similar, issues.

I have tested this across several existing installations and several virgin ones, across numerous platform architectures. The problem is all the same.

With existing installations I have tested both leaving a frozen environment, as well as sterilizing by expunging the FB account record from the library as well as Keychain. Its made no difference.

Additionally, monitoring how FB handles the authentication of the Adium request and OAuth request, from watching on a high-level through request sniffing in addition to low level packet monitoring, Facebook is handling all requests normal. The force of re-authentication is on the Adium/libpurple side, and seemingly either a failure to store a proper auth key, or as I suspect to properly deliver it on login request or to fail to accompany it with supplemental information of who the authorizing agent (the local installation) is, either by invalid information or absent information.

I cannot quote a version number of when libpurple/pidgin/Adium began this failure, but it seems generally widespread and not a freak occurrence of data corruption of a single user. Additionally its timing does not coincide with Facebook's various modifications of access and evolving Auth methodologies. However in perusing the code changes of Adium nothing has stood out. Its possible it may be in libpurple, but my investigation has still pointed to a failure of the auth storage changes in Adium and not its supporting pidgin library functionality.

comment:10 Changed 7 years ago by Thijs Alkemade

I have a theory about this from when I tried to add GTalk's XMPP OAuth support, yet no Facebook account to test it with.

The way Adium handles cookies during the OAuth setup is pretty hacky. This is due to the fact that WebKit has two different ways of handling cookies: either you use Safari's cookie store, or you have to roll your own. Using Safari's is not an option: logging in to Facebook in Adium might log out the account that is currently signed in in Safari and adding two accounts to Adium would create a mess.

What we would want is for each instance of the OAuth WebView to have its own cookie store, which only persists as long as that view exists. But Apple doesn't provide that.

I believe the current code only keeps track of cookies set by HTTP headers (Set-Cookie:) and adds them manually to all requests to facebook. Speficically, this means that cookies set by JavaScript and will not stick and JavaScript can not read from the cookies currently set. While this might have worked at the time OAuth support was introduced in Adium, it is very likely to have been broken by a server-side change by Facebook.

I realize that this might be difficult, as the login is a multi-step process with lots of compiled JavaScript, but it might help if someone took a look with the WebKit-inspector at the scripts Facebook uses and see if they try to manipulate cookies.

comment:11 Changed 7 years ago by Vicki Brown

I just want to add that I've been seeing this in 10.7.5 for several days now.

comment:12 Changed 7 years ago by Liam Gladdy

Has been an issue for me for the last 2 weeks. I worked around it by switching to a pure XMPP chat.facebook.com server which bypasses any 2-factor auth, but it seems to not be as reliable as using the Facebook plugin.

comment:13 Changed 7 years ago by Felix

For me this helped:

  1. go to facebook.com -> Settings -> Applications
  2. Delete Adium from the list of Applications
  3. Restart Adium
  4. Reautorize within Adium

comment:14 in reply to:  13 Changed 7 years ago by wellenreitr

Replying to time2ride:

For me this helped:

  1. go to facebook.com -> Settings -> Applications
  2. Delete Adium from the list of Applications
  3. Restart Adium
  4. Reautorize within Adium

Thanks, worked for me too!

comment:15 in reply to:  13 Changed 7 years ago by Felix

Replying to time2ride:

For me this helped:

  1. go to facebook.com -> Settings -> Applications
  2. Delete Adium from the list of Applications
  3. Restart Adium
  4. Reautorize within Adium

Apparently this is only a temporary fix as the bug started to appear again. Sorry...

comment:16 Changed 7 years ago by Vicki Brown

Facebook sends this email

We detected a login into your account from an unrecognized device on Tuesday, June 4, 2013 at 3:52pm. This device has been added to your account. Operating System: Mac OS X Browser: Unknown

I'm wondering if the fact that it says "Browser: Unknown" could be a hint to debugging/fixing this issue.

comment:17 Changed 7 years ago by koelkast

This bug has also been bothering me for quite some while now... I'm using OSX 10.7.5, and ofcourse the latest version of Adium

comment:18 Changed 7 years ago by Liam Gladdy

It feels like it has to be a change in cookie name or something similar. It's just the cookie to ID a browser isn't being saved or sent properly anymore... I don't know enough Objective-C to try and fix it though...

comment:19 Changed 6 years ago by tolkiman

I have the exact same issue and no tricks or Jabber workarounds have helped me so far. I've already deactivated my 2-factor-authentification, but the problem still persists. Every time I wake up my Mac, Adium wants my Facebook Login and PW...

Trillian is working fine btw...

comment:20 Changed 6 years ago by Liam Gladdy

This seems to be fixed in the newest beta client...

comment:21 Changed 6 years ago by Melebius

I haven’t been noticing this problem for a few days although I haven’t upgraded to the beta of Adium. Something might have changed on the Facebook’s side…

comment:22 Changed 6 years ago by koelkast

its working for me again aswell, using version 1.5.6 i didnt change a thing :P

comment:23 Changed 6 years ago by trss

Same problem with my client which is at 1.5.7

In debug mode, this is what I see. A line ending with --step-- 7 A couple of lines saying received challenge and decoded challenge respectively. A couple of lines of critical errors as follows:- (GLib : general): CRITICAL: const char *purple_url_encode(const char *): assertion `str != NULL' failed (GLib : GLib): CRITICAL: GString *g_string_append(GString *, const gchar *): assertion `val != NULL' failed

comment:24 Changed 6 years ago by Nobu

Same problem here as trss, started 1-2 days ago. Worked fine before that.

comment:25 Changed 6 years ago by Robert

Resolution: outofdate
Status: newclosed

The original issue has been reported as fixed by a couple of commenters.

trss and bugmenot, Facebook had temporary server-side issue a few weeks ago which have been fixed since. If you are still experiencing problems with it, please file new reports.

comment:26 Changed 6 years ago by trss

Great, I'm logged on now. Works fine. I just stopped trying until I saw this comment.

Note: See TracTickets for help on using tickets.