expo Facebook.useAuthRequest validation error

Please provide the following:

  1. SDK Version: 45
  2. Platforms(Android/iOS/web/all): expo go and iOS

Hello. I am using expo-auth-session package for login to facebook

import * as React from 'react';
import * as WebBrowser from 'expo-web-browser';
import * as Facebook from 'expo-auth-session/providers/facebook';
import { ResponseType } from 'expo-auth-session';
import { Button } from 'react-native';

WebBrowser.maybeCompleteAuthSession();

export default function App() {
  const [request, response, promptAsync] = Facebook.useAuthRequest({
    clientId: '<YOUR FBID>',
    responseType: ResponseType.Code,
  });

  React.useEffect(() => {
    if (response?.type === 'success') {
      const { code } = response.params;

       const fetchData = async () => {
        
        const requestOptions = {
          method: 'GET',
          headers: {
            "Content-Type": "application/json"
          }
        };

        const link = "https://graph.facebook.com/v7.0/oauth/access_token" +
        "?client_id=*******************" +
        "&redirect_uri=https://auth.expo.io/@********/**********" +
        "&client_secret=*******************" +
        "&code=" + code;
        
        const response = await fetch(link, requestOptions);
        const body = await response.json();
        console.log("fetchData response: => ", body);
      }

      fetchData().catch(console.error);
    }
  }, [response]);

  return (
    <Button
      disabled={!request}
      title="Login"
      onPress={() => {
        promptAsync();
      }}
    />
  );
}

So I am getting “Code” param from the api and then I should change it to “access token” with request like that

        const link = "https://graph.facebook.com/v7.0/oauth/access_token" +
        "?client_id=*******************" +
        "&redirect_uri=https://auth.expo.io/@********/**********" +
        "&client_secret=*******************" +
        "&code=" + code;

the problem is I am getting a response

 {
  "error": Object {
    "code": 1,
    "fbtrace_id": "A2avpevCrHdiCPhfadWl-S3",
    "message": "Invalid code verifier. Code verifier should be a cryptographically random string using the characters A-Z, a-z, 0-9, and the punctuation characters -._~ (hyphen, period, underscore, and tilde), between 43 and 128 characters long.",
    "type": "OAuthException",
  },
}

How come it asking some verifier? Where should I get that param? I do not see anything like that in the manual.

Duke

I found the solution to this. In object request, you can find that “validator” param which was generated automatically. All you need resend it when getting token.

     const link = "https://graph.facebook.com/oauth/access_token" +
    "?client_id=*************" +
    "&redirect_uri=*********************" +
    "&client_secret=***********************" +
    "&grant_type=authorization_code" + 
    "&code_verifier=" + request?.codeVerifier +
    "&code=" + code;