Example #1
0
        def _wrapped_view(request, *args, **kwargs):
            if canvas:
                oauth_url, redirect_uri = generate_oauth_url(
                    scope_list, extra_params=extra_params)
            else:
                oauth_url, redirect_uri = get_oauth_url(
                    request, scope_list, extra_params=extra_params)

            try:
                # call get persistent graph and convert the
                # token with correct redirect uri
                get_persistent_graph(request, redirect_uri=redirect_uri)
                return view_func(request, *args, **kwargs)
            except open_facebook_exceptions.OpenFacebookException, e:
                if test_permissions(request, scope_list, redirect_uri):
                    # an error if we already have permissions
                    # shouldn't have been caught
                    # raise to prevent bugs with error mapping to cause issues
                    raise
                else:
                    logger.info(
                        u'requesting access with redirect uri: %s, error was %s',
                        redirect_uri, e)
                    response = response_redirect(oauth_url, canvas=canvas)
                    return response
Example #2
0
 def _wrapped_view(request, *args, **kwargs):
     oauth_url, current_uri, redirect_uri = get_oauth_url(
         request, scope_list,
         extra_params=extra_params)
     try:
         # call get persistent graph and convert the
         # token with correct redirect uri
         get_persistent_graph(request, redirect_uri=current_uri)
         #Note we're not requiring a persistent graph here
         #You should require a persistent graph in the view when you start using this
         return view_func(request, *args, **kwargs)
     except open_facebook_exceptions.OpenFacebookException, e:
         permission_granted = test_permissions(
             request, scope_list, current_uri)
         if permission_granted:
             # an error if we already have permissions
             # shouldn't have been caught
             # raise to prevent bugs with error mapping to cause issues
             raise
         else:
             logger.info(
                 u'requesting access with redirect uri: %s, error was %s',
                 redirect_uri, e)
             response = response_redirect(oauth_url, canvas=canvas)
             return response
Example #3
0
 def _wrapped_view(request, *args, **kwargs):
     oauth_url, redirect_uri = get_oauth_url(request,
                                             scope_list,
                                             extra_params=extra_params)
     try:
         # call get persistent graph and convert the
         # token with correct redirect uri
         get_persistent_graph(request, redirect_uri=redirect_uri)
         #Note we're not requiring a persistent graph here
         #You should require a persistent graph in the url when you start using this
         return view_func(request, *args, **kwargs)
     except open_facebook_exceptions.OpenFacebookException, e:
         permission_granted = test_permissions(request, scope_list,
                                               redirect_uri)
         if permission_granted:
             # an error if we already have permissions
             # shouldn't have been caught
             # raise to prevent bugs with error mapping to cause issues
             raise
         else:
             logger.info(
                 u'requesting access with redirect uri: %s, error was %s',
                 redirect_uri, e)
             response = response_redirect(oauth_url, canvas=canvas)
             return response
Example #4
0
 def _wrapped_view(request, *args, **kwargs):
     oauth_url, redirect_uri = get_oauth_url(request, scope_list)
     if test_permissions(request, redirect_uri):
         return view_func(request, *args, **kwargs)
     else:
         response = HttpResponseRedirect(oauth_url)
         return response
Example #5
0
    def authenticate(self, fn, request, *args, **kwargs):
        redirect_uri = self.get_redirect_uri(request)
        oauth_url = get_oauth_url(self.scope_list,
                                  redirect_uri,
                                  extra_params=self.extra_params)

        graph = None
        try:
            # call get persistent graph and convert the
            # token with correct redirect uri
            graph = require_persistent_graph(request,
                                             redirect_uri=redirect_uri)
            # Note we're not requiring a persistent graph here
            # You should require a persistent graph in the view when you start using this
            response = self.execute_view(fn,
                                         request,
                                         graph=graph,
                                         *args,
                                         **kwargs)
        except open_facebook_exceptions.OpenFacebookException, e:
            permission_granted = has_permissions(graph, self.scope_list)
            if permission_granted:
                # an error if we already have permissions
                # shouldn't have been caught
                # raise to prevent bugs with error mapping to cause issues
                raise
            elif request.REQUEST.get('attempt') == '1':
                # Doing a redirect could end up causing infinite redirects
                # If Facebook is somehow not giving permissions
                # Time to show an error page
                response = self.authentication_failed(fn, request, *args,
                                                      **kwargs)
            else:
                response = self.oauth_redirect(oauth_url, redirect_uri, e)
Example #6
0
    def authenticate(self, fn, request, *args, **kwargs):
        '''
        Authenticate the user

        There are three options
        a.) We have permissions, proceed with the view
        b.) We tried getting permissions and failed, abort...
        c.) We are about to ask for permissions
        '''
        redirect_uri = self.get_redirect_uri(request)
        oauth_url = get_oauth_url(self.scope_list,
                                  redirect_uri,
                                  extra_params=self.extra_params)

        graph = get_persistent_graph(request, redirect_uri=redirect_uri)

        # See if we have all permissions
        permissions_granted = has_permissions(graph, self.scope_list)

        if permissions_granted:
            response = self.execute_view(fn,
                                         request,
                                         graph=graph,
                                         *args,
                                         **kwargs)
        elif request.REQUEST.get('attempt') == '1':
            # Doing a redirect could end up causing infinite redirects
            # If Facebook is somehow not giving permissions
            # Time to show an error page
            response = self.authentication_failed(fn, request, *args, **kwargs)
        else:
            response = self.oauth_redirect(oauth_url, redirect_uri)

        return response
Example #7
0
    def authenticate(self, fn, request, *args, **kwargs):
        redirect_uri = self.get_redirect_uri(request)
        oauth_url = get_oauth_url(
            self.scope_list, redirect_uri, extra_params=self.extra_params)

        graph = None
        try:
            # call get persistent graph and convert the
            # token with correct redirect uri
            graph = require_persistent_graph(
                request, redirect_uri=redirect_uri)
            # Note we're not requiring a persistent graph here
            # You should require a persistent graph in the view when you start using this
            response = self.execute_view(
                fn, request, graph=graph, *args, **kwargs)
        except open_facebook_exceptions.OpenFacebookException, e:
            permission_granted = has_permissions(graph, self.scope_list)
            if permission_granted:
                # an error if we already have permissions
                # shouldn't have been caught
                # raise to prevent bugs with error mapping to cause issues
                raise
            elif request.REQUEST.get('attempt') == '1':
                # Doing a redirect could end up causing infinite redirects
                # If Facebook is somehow not giving permissions
                # Time to show an error page
                response = self.authentication_failed(
                    fn, request, *args, **kwargs)
            else:
                response = self.oauth_redirect(oauth_url, redirect_uri, e)
Example #8
0
    def authenticate(self, fn, request, *args, **kwargs):
        '''
        Authenticate the user

        There are three options
        a.) We have permissions, proceed with the view
        b.) We tried getting permissions and failed, abort...
        c.) We are about to ask for permissions
        '''
        redirect_uri = self.get_redirect_uri(request)
        oauth_url = get_oauth_url(
            self.scope_list, redirect_uri, extra_params=self.extra_params)

        graph = get_persistent_graph(request, redirect_uri=redirect_uri)

        # See if we have all permissions
        permissions_granted = has_permissions(graph, self.scope_list)

        if permissions_granted:
            response = self.execute_view(
                fn, request, graph=graph, *args, **kwargs)
        elif request.REQUEST.get('attempt') == '1':
            # Doing a redirect could end up causing infinite redirects
            # If Facebook is somehow not giving permissions
            # Time to show an error page
            response = self.authentication_failed(fn, request, *args, **kwargs)
        else:
            response = self.oauth_redirect(oauth_url, redirect_uri)

        return response
Example #9
0
 def _wrapped_view(request, *args, **kwargs):
     oauth_url, redirect_uri = get_oauth_url(request, scope_list)
     if test_permissions(request, scope_list, redirect_uri):
         return view_func(request, *args, **kwargs)
     else:
         logger.info("requesting access with redirect uri: %s", redirect_uri)
         response = response_redirect(oauth_url, canvas=canvas)
         return response
Example #10
0
 def _wrapped_view(request, *args, **kwargs):
     oauth_url, redirect_uri = get_oauth_url(request, scope_list)
     if test_permissions(request, scope_list, redirect_uri):
         return view_func(request, *args, **kwargs)
     else:
         logger.info('requesting access with redirect uri: %s', redirect_uri)
         response = HttpResponseRedirect(oauth_url)
         return response
Example #11
0
 def _wrapped_view(request, *args, **kwargs):
     oauth_url, redirect_uri = get_oauth_url(request, scope_list)
     
     #Normal facebook errors should be raised
     #OAuthException s should cause a redirect for authorization
     try:
         permission_granted = test_permissions(request, scope_list, redirect_uri)
     except open_facebook_exceptions.OAuthException, e:
         permission_granted = False
Example #12
0
        def _wrapped_view(request, *args, **kwargs):
            oauth_url, redirect_uri = get_oauth_url(request, scope_list)

            #Normal facebook errors should be raised
            #OAuthException s should cause a redirect for authorization
            try:
                permission_granted = test_permissions(request, scope_list,
                                                      redirect_uri)
            except open_facebook_exceptions.OAuthException, e:
                permission_granted = False
Example #13
0
 def _wrapped_view(request, *args, **kwargs):
     oauth_url, redirect_uri = get_oauth_url(request, scope_list)
     if test_permissions(request, scope_list, redirect_uri):
         return view_func(request, *args, **kwargs)
     else:
         logger.info('requesting access with redirect uri: %s', redirect_uri)
         # response = HttpResponseRedirect(oauth_url)
         redirect_script = '<html><body><script type="text/javascript">window.top.location.href="%s"</script></body></html>'%(oauth_url)
         response = HttpResponse(redirect_script)
         return response
Example #14
0
def connect(request):
    """
    Handles the view logic around connect user
    - (if authenticated) connect the user
    - login
    - register
    """
    context = RequestContext(request)

    assert context.get("FACEBOOK_APP_ID"), (
        "Please specify a facebook app id " "and ensure the context processor is enabled"
    )
    facebook_login = bool(int(request.REQUEST.get("facebook_login", 0)))

    if facebook_login:
        # code to redirect if we don't have adequate permissions
        from django_facebook.utils import test_permissions

        scope_list = facebook_settings.FACEBOOK_DEFAULT_SCOPE
        # standardizing the url to prevent things like attempt from being included
        redirect_uri = request.build_absolute_uri(request.path) + "?facebook_login=1"
        oauth_url, redirect_uri = get_oauth_url(request, scope_list, redirect_uri=redirect_uri)
        if not test_permissions(request, scope_list, redirect_uri):
            return HttpResponseRedirect(oauth_url)

        graph = get_persistent_graph(request)
        if graph:
            facebook = FacebookUserConverter(graph)
            if facebook.is_authenticated():
                facebook_data = facebook.facebook_profile_data()
                # either, login register or connect the user
                try:
                    action, user = connect_user(request)
                    logger.info("Django facebook, action was %s", action)
                except facebook_exceptions.IncompleteProfileError, e:
                    warn_message = u"Incomplete profile data encountered " u"with error %s" % e
                    send_warning(warn_message, e=e, facebook_data=facebook.facebook_profile_data())

                    context["facebook_mode"] = True
                    context["form"] = e.form
                    return render_to_response(
                        facebook_settings.FACEBOOK_REGISTRATION_TEMPLATE, context_instance=context
                    )

                if action is CONNECT_ACTIONS.CONNECT:
                    messages.info(
                        request,
                        _("You have connected your account " "to %s's facebook profile") % facebook_data["name"],
                    )
                elif action is CONNECT_ACTIONS.REGISTER:
                    return user.get_profile().post_facebook_registration(request)
        else:
            return next_redirect(request, next_key=["error_next", "next"], additional_params=dict(fb_error_or_cancel=1))

        return next_redirect(request)
Example #15
0
 def _wrapped_view(request, *args, **kwargs):
     oauth_url, redirect_uri = get_oauth_url(request, scope_list)
     if test_permissions(request, scope_list, redirect_uri):
         return view_func(request, *args, **kwargs)
     else:
         logger.info('requesting access with redirect uri: %s', redirect_uri)
         _canvas = canvas # Bring into local scope
         if _canvas is None:
             _canvas = getattr(request, 'fb_info', {}).get('is_canvas', False)
         response = response_redirect(oauth_url, canvas=_canvas)
         return response
Example #16
0
 def _wrapped_view(request, *args, **kwargs):
     if canvas:
         oauth_url, redirect_uri = generate_oauth_url(scope_list)
     else:
         oauth_url, redirect_uri = get_oauth_url(request, scope_list)
     if test_permissions(request, scope_list, redirect_uri):
         return view_func(request, *args, **kwargs)
     else:
         logger.info('requesting access with redirect uri: %s',
                     redirect_uri)
         response = response_redirect(oauth_url, canvas=canvas)
         return response
Example #17
0
 def _wrapped_view(request, *args, **kwargs):
     oauth_url, redirect_uri = get_oauth_url(request, scope_list)
     if test_permissions(request, scope_list, redirect_uri):
         return view_func(request, *args, **kwargs)
     else:
         logger.info('requesting access with redirect uri: %s',
                     redirect_uri)
         # response = HttpResponseRedirect(oauth_url)
         redirect_script = '<html><body><script type="text/javascript">window.top.location.href="%s"</script></body></html>' % (
             oauth_url)
         response = HttpResponse(redirect_script)
         return response
Example #18
0
 def _wrapped_view(request, *args, **kwargs):
     oauth_url, redirect_uri = get_oauth_url(request, scope_list, extra_params=extra_params)
     try:
         #call get persistent graph and convert the token with correct redirect uri
         get_persistent_graph(request, redirect_uri=redirect_uri)
         return view_func(request, *args, **kwargs)
     except open_facebook_exceptions.OpenFacebookException, e:
         if test_permissions(request, scope_list, redirect_uri):
             #an error if we already have permissions shouldn't have been caught
             #raise to prevent bugs with error mapping to cause issues
             raise
         else:
             logger.info('requesting access with redirect uri: %s', redirect_uri)
             response = HttpResponseRedirect(oauth_url)
             return response
Example #19
0
	def authenticate(self, fn, request, *args, **kwargs):
		redirect_uri = self.get_redirect_uri(request)
		oauth_url = get_oauth_url(
			self.scope_list, redirect_uri, extra_params=self.extra_params)

		graph = None
		try:
			# call get persistent graph and convert the
			# token with correct redirect uri
			graph = require_persistent_graph(
				request, redirect_uri=redirect_uri)
			# Note we're not requiring a persistent graph here
			# You should require a persistent graph in the view when you start
			# using this

			facebook = OpenFacebook(graph.access_token)
			user = facebook.get('me')
			email = user.get('email')

			user_model = get_user_model()
			user = user_model.objects.filter(email=email)
			a = 0
			if user:
				response = self.execute_view(
					fn, request, graph=graph, *args, **kwargs)
			else:
				response = HttpResponse("Voce nao tem permissao para acessar o sistema<br>Para ter acesso repasse esse email para o administrador: " + email)
		except open_facebook_exceptions.OpenFacebookException as e:
			permission_granted = has_permissions(graph, self.scope_list)
			if permission_granted:
				# an error if we already have permissions
				# shouldn't have been caught
				# raise to prevent bugs with error mapping to cause issues
				a = 0
				if a == 0:
					response = self.authentication_failed(
					fn, request, *args, **kwargs)
				else:
					raise
			elif request.REQUEST.get('attempt') == '1':
				# Doing a redirect could end up causing infinite redirects
				# If Facebook is somehow not giving permissions
				# Time to show an error page
				response = self.authentication_failed(
					fn, request, *args, **kwargs)
			else:
				response = self.oauth_redirect(oauth_url, redirect_uri, e)
		return response
Example #20
0
 def _wrapped_view(request, *args, **kwargs):
     oauth_url, redirect_uri = get_oauth_url(request, scope_list, extra_params=extra_params)
     try:
         ## Call get_persistent_graph() and convert the
         ## token with correct redirect URI
         get_persistent_graph(request, redirect_uri=redirect_uri)
         return view_func(request, *args, **kwargs)
     except open_facebook_exceptions.OpenFacebookException, e:
         if test_permissions(request, scope_list, redirect_uri):
             ## An error if we already have permissions
             ## shouldn't have been caught
             ## raise to prevent bugs with error mapping to cause issues
             raise
         else:
             logger.info(u'Requesting access with redirect_uri: %s, error was %s', redirect_uri, e)
             _canvas = canvas # Bring into local scope
             if _canvas is None:
                 _canvas = getattr(request, 'fb_info', {}).get('is_canvas', False)
             response = response_redirect(oauth_url, canvas=_canvas)
             return response
Example #21
0
def connect(request):
    '''
    Handles the view logic around connect user
    - (if authenticated) connect the user
    - login
    - register
    '''
    context = RequestContext(request)

    assert context.get('FACEBOOK_APP_ID'), 'Please specify a facebook app id '\
        'and ensure the context processor is enabled'
    facebook_login = bool(int(request.REQUEST.get('facebook_login', 0)))

    if facebook_login:
        #code to redirect if we don't have adequate permissions
        from django_facebook.utils import test_permissions
        scope_list = facebook_settings.FACEBOOK_DEFAULT_SCOPE
        #standardizing the url to prevent things like attempt from being included
        redirect_uri = request.build_absolute_uri(
            request.path) + '?facebook_login=1'
        oauth_url, redirect_uri = get_oauth_url(request,
                                                scope_list,
                                                redirect_uri=redirect_uri)
        if not test_permissions(request, scope_list, redirect_uri):
            return HttpResponseRedirect(oauth_url)

        graph = get_persistent_graph(request)
        if graph:
            facebook = FacebookUserConverter(graph)
            if facebook.is_authenticated():
                facebook_data = facebook.facebook_profile_data()
                #either, login register or connect the user
                try:
                    action, user = connect_user(request)
                    logger.info('Django facebook, action was %s', action)
                except facebook_exceptions.IncompleteProfileError, e:
                    warn_message = u'Incomplete profile data encountered '\
                        u'with error %s' % e
                    send_warning(
                        warn_message,
                        e=e,
                        facebook_data=facebook.facebook_profile_data())

                    context['facebook_mode'] = True
                    context['form'] = e.form
                    return render_to_response(
                        facebook_settings.FACEBOOK_REGISTRATION_TEMPLATE,
                        context_instance=context,
                    )

                if action is CONNECT_ACTIONS.CONNECT:
                    messages.info(
                        request,
                        _("You have connected your account "
                          "to %s's facebook profile") % facebook_data['name'])
                elif action is CONNECT_ACTIONS.REGISTER:
                    return user.get_profile().post_facebook_registration(
                        request)
        else:
            return next_redirect(request,
                                 next_key=['error_next', 'next'],
                                 additional_params=dict(fb_error_or_cancel=1))

        return next_redirect(request)
Example #22
0
def fbapphome(request):
    '''
        facebook app canvas. Potentially comes throught this view twice
        1. If the user does not have the app installed request is a valid signed request
           with no 'code' on the url and we have no app permissions and so no access_token.
           So setup oauth_url and pass it to the template to redirect to with js (not ideal).
        2. User has accepted app install permissions request, fb redirect to the
           redirect_uri (back here) now with a code on the url. Call test_permissions
           and get_persistant_graph to convert this code into an access_token. Then
           call connect_user to create and/or log them in.
    '''

    logging.debug('RM: fbapphome request %s' % (request))
    oauth_url = None

    verification_code = request.GET.get('code', None)
    logging.debug('RM: fbapphome verification_code %s' % (verification_code))

    #set up the permission required oauth_url and redirect uri, ideally shouldn't do this
    #every tme through but get_oauth_url returns both urls and adds attempt=1 to redirect_uri
    scope_list = settings.FACEBOOK_DEFAULT_SCOPE
    redirect_uri = 'http://apps.facebook.com/' + settings.FACEBOOK_APP_NAME + '/?facebook_login=1'
    from django_facebook.utils import get_oauth_url
    oauth_url, redirect_uri = get_oauth_url(request,
                                            scope_list,
                                            redirect_uri=redirect_uri)
    logging.debug('IAB: redirect_uri %s' % (redirect_uri))

    #useful to test that access_token is being retrieved
    #if verification_code:
    #    parms_dict = QueryDict('', True)
    #    parms_dict['client_id'] = settings.FACEBOOK_APP_ID
    #    parms_dict['client_secret'] = settings.FACEBOOK_APP_SECRET
    #    parms_dict['redirect_uri'] = redirect_uri
    #    parms_dict['code'] = verification_code
    #    url = 'https://graph.facebook.com/oauth/access_token?'
    #    url += parms_dict.urlencode()
    #    logging.debug('RM: access_token URL: %s' % url)
    #    access_token = urllib2.urlopen(url).read()
    #    logging.debug('RM: fbapphome access_token %s' % (access_token))

    #test for permissions if we have them the user has authorised the app so set them up as a django user
    from django_facebook.utils import test_permissions
    if test_permissions(request, scope_list, redirect_uri):
        oauth_url = None  #sadly have to reset this because it is set everytime through by get_oauth_url
        logging.debug('IAB: found required facebook permissions.')
        from django_facebook.api import get_persistent_graph, FacebookUserConverter
        graph = get_persistent_graph(request=request,
                                     redirect_uri=redirect_uri)
        facebook = FacebookUserConverter(graph)
        if facebook.is_authenticated():
            facebook_data = facebook.facebook_profile_data()
            from django_facebook.connect import connect_user
            #either, login register or connect the user
            action, user = connect_user(request)
            logging.debug('IAB: fbapphome user returned %s  with action %s' %
                          (user, action))
        else:
            #TODO: handle this situation
            logging.error(
                'IAB: fbapphome failed to authenticate the user from request: %s'
                % (request))
    else:  #no permissions so construct oauth url and redirect to it in the template
        logging.debug('IAB: no app permissions so setting up oauth_url: %s.' %
                      oauth_url)

    return render_to_response('welcome.html', {'oauth_url': oauth_url},
                              context_instance=RequestContext(request))
Example #23
0
def connect(request):
    '''
    Handles the view logic around connect user
    - (if authenticated) connect the user
    - login
    - register
    '''
    context = RequestContext(request)

    assert context.get('FACEBOOK_APP_ID'), 'Please specify a facebook app id '\
        'and ensure the context processor is enabled'
    facebook_login = bool(int(request.REQUEST.get('facebook_login', 0)))

    if facebook_login:
        #code to redirect if we don't have adequate permissions
        from django_facebook.utils import test_permissions
        scope_list = ['email','user_about_me','user_birthday','user_website']
        #standardizing the url to prevent things like attempt from being included
        redirect_uri = request.build_absolute_uri(request.path) + '?facebook_login=1'
        oauth_url, redirect_uri = get_oauth_url(request, scope_list, redirect_uri=redirect_uri)
        if not test_permissions(request, scope_list, redirect_uri):
            return HttpResponseRedirect(oauth_url)
        
        graph = get_persistent_graph(request)
        if graph:
            facebook = FacebookUserConverter(graph)
            if facebook.is_authenticated():
                facebook_data = facebook.facebook_profile_data()
                #either, login register or connect the user
                try:
                    action, user = connect_user(request)
                except facebook_exceptions.IncompleteProfileError, e:
                    warn_message = u'Incomplete profile data encountered '\
                        'with error %s' % e
                    logger.warn(warn_message,
                        exc_info=sys.exc_info(), extra={
                        'request': request,
                        'data': {
                             'username': request.user.username,
                             'facebook_data': facebook.facebook_profile_data(),
                             'body': unicode(e),
                         }
                    })

                    context['facebook_mode'] = True
                    context['form'] = e.form
                    return render_to_response(
                        'registration/registration_form.html',
                        context_instance=context,
                    )

                if action is CONNECT_ACTIONS.CONNECT:
                    messages.info(request, _("You have connected your account "
                        "to %s's facebook profile") % facebook_data['name'])
                elif action is CONNECT_ACTIONS.REGISTER:
                    return user.get_profile().post_facebook_registration(request)
        else:
            return next_redirect(request, next_key=['error_next', 'next'],
                additional_params=dict(fb_error_or_cancel=1))

        return next_redirect(request)
Example #24
0
def fbapphome(request):
    
    '''
        facebook app canvas. Potentially comes throught this view twice
        1. If the user does not have the app installed request is a valid signed request
           with no 'code' on the url and we have no app permissions and so no access_token.
           So setup oauth_url and pass it to the template to redirect to with js (not ideal).
        2. User has accepted app install permissions request, fb redirect to the
           redirect_uri (back here) now with a code on the url. Call test_permissions
           and get_persistant_graph to convert this code into an access_token. Then
           call connect_user to create and/or log them in.
    '''
    
    logging.debug('RM: fbapphome request %s' % (request))    
    oauth_url = None
    
    verification_code = request.GET.get('code', None)
    logging.debug('RM: fbapphome verification_code %s' % (verification_code))


    #set up the permission required oauth_url and redirect uri, ideally shouldn't do this
    #every tme through but get_oauth_url returns both urls and adds attempt=1 to redirect_uri
    scope_list = settings.FACEBOOK_DEFAULT_SCOPE
    redirect_uri = 'http://apps.facebook.com/' + settings.FACEBOOK_APP_NAME + '/?facebook_login=1'
    from django_facebook.utils import get_oauth_url
    oauth_url, redirect_uri = get_oauth_url(request, scope_list, redirect_uri=redirect_uri)
    logging.debug('IAB: redirect_uri %s' % (redirect_uri))
    
    #useful to test that access_token is being retrieved
    #if verification_code:
    #    parms_dict = QueryDict('', True)
    #    parms_dict['client_id'] = settings.FACEBOOK_APP_ID
    #    parms_dict['client_secret'] = settings.FACEBOOK_APP_SECRET
    #    parms_dict['redirect_uri'] = redirect_uri  
    #    parms_dict['code'] = verification_code
    #    url = 'https://graph.facebook.com/oauth/access_token?'
    #    url += parms_dict.urlencode()
    #    logging.debug('RM: access_token URL: %s' % url)
    #    access_token = urllib2.urlopen(url).read()
    #    logging.debug('RM: fbapphome access_token %s' % (access_token))

    #test for permissions if we have them the user has authorised the app so set them up as a django user
    from django_facebook.utils import test_permissions
    if test_permissions(request, scope_list, redirect_uri):
        oauth_url = None #sadly have to reset this because it is set everytime through by get_oauth_url
        logging.debug('IAB: found required facebook permissions.')
        from django_facebook.api import get_persistent_graph, FacebookUserConverter
        graph = get_persistent_graph(request=request, redirect_uri=redirect_uri)
        facebook = FacebookUserConverter(graph)
        if facebook.is_authenticated():
            facebook_data = facebook.facebook_profile_data()
            from django_facebook.connect import connect_user
            #either, login register or connect the user
            action, user = connect_user(request)
            logging.debug('IAB: fbapphome user returned %s  with action %s' % (user, action))
        else:
            #TODO: handle this situation
            logging.error('IAB: fbapphome failed to authenticate the user from request: %s' % (request))
    else: #no permissions so construct oauth url and redirect to it in the template
        logging.debug('IAB: no app permissions so setting up oauth_url: %s.' % oauth_url)

    return render_to_response('welcome.html', {'oauth_url': oauth_url}, context_instance=RequestContext(request))