Skip to content

Commit

Permalink
docs: clarify facebook graph API versioning (#4208)
Browse files Browse the repository at this point in the history
  • Loading branch information
@aeneasr
aeneasr authored Nov 13, 2024
1 parent 253c5b6 commit a90df58
Showing 1 changed file with 5 additions and 0 deletions.
5 changes: 5 additions & 0 deletions selfservice/strategy/oidc/provider_facebook.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -69,6 +69,11 @@ func (g *ProviderFacebook) Claims(ctx context.Context, token *oauth2.Token, quer
}

appSecretProof := g.generateAppSecretProof(token)
// Do not use the versioned Graph API here. If you do, it will break once the version is deprecated. See also:
//
// When you use https://graph.facebook.com/me without specifying a version, Facebook defaults to the oldest
// available version your app supports. This behavior ensures backward compatibility but can lead to unintended
// issues if that version becomes deprecated.
u, err := url.Parse(fmt.Sprintf("https://graph.facebook.com/me?fields=id,name,first_name,last_name,middle_name,email,picture,birthday,gender&appsecret_proof=%s", appSecretProof))
if err != nil {
return nil, errors.WithStack(herodot.ErrInternalServerError.WithReasonf("%s", err))
Expand Down

0 comments on commit a90df58

Please sign in to comment.