erp5_oauth_facebook_login: Implement Facebook Login Support for OAuth

   Changes on ERP5Security: Define getFacebookUserEntry to reduce code duplication
   Add facebook support for login and logout (optional) on erp5_core, xhtml and credentials.

bt5/erp5_credential/SkinTemplateItem/portal_skins/erp5_credential/login_form.zpt

@@ -5,7 +5,8 @@
              global form_id string:login_form;
              available_oauth_login_list python: context.getPortalObject().ERP5Site_getAvailableOAuthLoginList();
              enable_google_login python: 'google' in available_oauth_login_list;
-             css_list python: enable_google_login and ['%s/zocial.min.css' % here.portal_url()] or [];
+             enable_facebook_login python: 'facebook' in available_oauth_login_list;
+             css_list python: (enable_google_login or enable_facebook_login) and ['%s/zocial.min.css' % here.portal_url()] or [];
              js_list python: ['%s/login_form.js' % (here.portal_url(), ), '%s/erp5.js' % (here.portal_url(), )]">
     <tal:block metal:use-macro="here/main_template/macros/master">
       <tal:block metal:fill-slot="main">
@@ -59,6 +60,15 @@
                 </div>
               </div>
             </tal:block>
+            <tal:block tal:condition="enable_facebook_login">
+              <div class="field">
+                <label>&nbsp;</label>
+                <div class="input">
+                  <a tal:attributes="href string:${here/portal_url}/ERP5Site_redirectToFacebookLoginPage"
+                     i18n:translate="" i18n:domain="ui" class="zocial facebook">Login with Facebook</a>
+                </div>
+              </div>
+            </tal:block>
           </fieldset>
           <script type="text/javascript">setFocus()</script>
           <p i18n:translate="" i18n:domain="ui">Having trouble logging in? Make sure to enable cookies in your web browser.</p>

bt5/erp5_oauth_facebook_login/ActionTemplateItem/portal_types/Facebook%20Connector/view.xml

+<?xml version="1.0"?>
+<ZopeData>
+  <record id="1" aka="AAAAAAAAAAE=">
+    <pickle>
+      <global name="ActionInformation" module="Products.CMFCore.ActionInformation"/>
+    </pickle>
+    <pickle>
+      <dictionary>
+        <item>
+            <key> <string>action</string> </key>
+            <value>
+              <persistent> <string encoding="base64">AAAAAAAAAAI=</string> </persistent>
+            </value>
+        </item>
+        <item>
+            <key> <string>categories</string> </key>
+            <value>
+              <tuple>
+                <string>action_type/object_view</string>
+              </tuple>
+            </value>
+        </item>
+        <item>
+            <key> <string>category</string> </key>
+            <value> <string>object_view</string> </value>
+        </item>
+        <item>
+            <key> <string>condition</string> </key>
+            <value> <string></string> </value>
+        </item>
+        <item>
+            <key> <string>description</string> </key>
+            <value>
+              <none/>
+            </value>
+        </item>
+        <item>
+            <key> <string>icon</string> </key>
+            <value> <string></string> </value>
+        </item>
+        <item>
+            <key> <string>id</string> </key>
+            <value> <string>view</string> </value>
+        </item>
+        <item>
+            <key> <string>permissions</string> </key>
+            <value>
+              <tuple>
+                <string>View</string>
+              </tuple>
+            </value>
+        </item>
+        <item>
+            <key> <string>portal_type</string> </key>
+            <value> <string>Action Information</string> </value>
+        </item>
+        <item>
+            <key> <string>priority</string> </key>
+            <value> <float>1.0</float> </value>
+        </item>
+        <item>
+            <key> <string>title</string> </key>
+            <value> <string>View</string> </value>
+        </item>
+        <item>
+            <key> <string>visible</string> </key>
+            <value> <int>1</int> </value>
+        </item>
+      </dictionary>
+    </pickle>
+  </record>
+  <record id="2" aka="AAAAAAAAAAI=">
+    <pickle>
+      <global name="Expression" module="Products.CMFCore.Expression"/>
+    </pickle>
+    <pickle>
+      <dictionary>
+        <item>
+            <key> <string>text</string> </key>
+            <value> <string>string: ${object_url}/FacebookConnector_view</string> </value>
+        </item>
+      </dictionary>
+    </pickle>
+  </record>
+</ZopeData>

bt5/erp5_oauth_facebook_login/ActionTemplateItem/portal_types/Facebook%20Login/view.xml

+<?xml version="1.0"?>
+<ZopeData>
+  <record id="1" aka="AAAAAAAAAAE=">
+    <pickle>
+      <global name="ActionInformation" module="Products.CMFCore.ActionInformation"/>
+    </pickle>
+    <pickle>
+      <dictionary>
+        <item>
+            <key> <string>action</string> </key>
+            <value>
+              <persistent> <string encoding="base64">AAAAAAAAAAI=</string> </persistent>
+            </value>
+        </item>
+        <item>
+            <key> <string>categories</string> </key>
+            <value>
+              <tuple>
+                <string>action_type/object_view</string>
+              </tuple>
+            </value>
+        </item>
+        <item>
+            <key> <string>category</string> </key>
+            <value> <string>object_view</string> </value>
+        </item>
+        <item>
+            <key> <string>condition</string> </key>
+            <value> <string></string> </value>
+        </item>
+        <item>
+            <key> <string>description</string> </key>
+            <value>
+              <none/>
+            </value>
+        </item>
+        <item>
+            <key> <string>icon</string> </key>
+            <value> <string></string> </value>
+        </item>
+        <item>
+            <key> <string>id</string> </key>
+            <value> <string>view</string> </value>
+        </item>
+        <item>
+            <key> <string>permissions</string> </key>
+            <value>
+              <tuple>
+                <string>View</string>
+              </tuple>
+            </value>
+        </item>
+        <item>
+            <key> <string>portal_type</string> </key>
+            <value> <string>Action Information</string> </value>
+        </item>
+        <item>
+            <key> <string>priority</string> </key>
+            <value> <float>1.0</float> </value>
+        </item>
+        <item>
+            <key> <string>title</string> </key>
+            <value> <string>View</string> </value>
+        </item>
+        <item>
+            <key> <string>visible</string> </key>
+            <value> <int>1</int> </value>
+        </item>
+      </dictionary>
+    </pickle>
+  </record>
+  <record id="2" aka="AAAAAAAAAAI=">
+    <pickle>
+      <global name="Expression" module="Products.CMFCore.Expression"/>
+    </pickle>
+    <pickle>
+      <dictionary>
+        <item>
+            <key> <string>text</string> </key>
+            <value> <string>string:${object_url}/Login_view</string> </value>
+        </item>
+      </dictionary>
+    </pickle>
+  </record>
+</ZopeData>

bt5/erp5_oauth_facebook_login/ExtensionTemplateItem/portal_components/extension.erp5.FacebookLoginUtility.py

+import facebook
+from Products.ERP5Security.ERP5ExternalOauth2ExtractionPlugin import getFacebookUserEntry
+
+def getAccessTokenFromCode(self, code, redirect_uri):
+  client_id, secret_key = self.ERP5Site_getFacebookClientIdAndSecretKey()
+  return facebook.GraphAPI(version="2.7").get_access_token_from_code(
+    code=code, redirect_uri=redirect_uri,
+    app_id=client_id, app_secret=secret_key)
+
+def getUserEntry(token):
+  return getFacebookUserEntry(token)

bt5/erp5_oauth_facebook_login/ExtensionTemplateItem/portal_components/extension.erp5.FacebookLoginUtility.xml

+<?xml version="1.0"?>
+<ZopeData>
+  <record id="1" aka="AAAAAAAAAAE=">
+    <pickle>
+      <global name="Extension Component" module="erp5.portal_type"/>
+    </pickle>
+    <pickle>
+      <dictionary>
+        <item>
+            <key> <string>_recorded_property_dict</string> </key>
+            <value>
+              <persistent> <string encoding="base64">AAAAAAAAAAI=</string> </persistent>
+            </value>
+        </item>
+        <item>
+            <key> <string>default_reference</string> </key>
+            <value> <string>FacebookLoginUtility</string> </value>
+        </item>
+        <item>
+            <key> <string>description</string> </key>
+            <value>
+              <none/>
+            </value>
+        </item>
+        <item>
+            <key> <string>id</string> </key>
+            <value> <string>extension.erp5.FacebookLoginUtility</string> </value>
+        </item>
+        <item>
+            <key> <string>portal_type</string> </key>
+            <value> <string>Extension Component</string> </value>
+        </item>
+        <item>
+            <key> <string>sid</string> </key>
+            <value>
+              <none/>
+            </value>
+        </item>
+        <item>
+            <key> <string>text_content_error_message</string> </key>
+            <value>
+              <tuple/>
+            </value>
+        </item>
+        <item>
+            <key> <string>text_content_warning_message</string> </key>
+            <value>
+              <tuple/>
+            </value>
+        </item>
+        <item>
+            <key> <string>version</string> </key>
+            <value> <string>erp5</string> </value>
+        </item>
+        <item>
+            <key> <string>workflow_history</string> </key>
+            <value>
+              <persistent> <string encoding="base64">AAAAAAAAAAM=</string> </persistent>
+            </value>
+        </item>
+      </dictionary>
+    </pickle>
+  </record>
+  <record id="2" aka="AAAAAAAAAAI=">
+    <pickle>
+      <global name="PersistentMapping" module="Persistence.mapping"/>
+    </pickle>
+    <pickle>
+      <dictionary>
+        <item>
+            <key> <string>data</string> </key>
+            <value>
+              <dictionary/>
+            </value>
+        </item>
+      </dictionary>
+    </pickle>
+  </record>
+  <record id="3" aka="AAAAAAAAAAM=">
+    <pickle>
+      <global name="PersistentMapping" module="Persistence.mapping"/>
+    </pickle>
+    <pickle>
+      <dictionary>
+        <item>
+            <key> <string>data</string> </key>
+            <value>
+              <dictionary>
+                <item>
+                    <key> <string>component_validation_workflow</string> </key>
+                    <value>
+                      <persistent> <string encoding="base64">AAAAAAAAAAQ=</string> </persistent>
+                    </value>
+                </item>
+              </dictionary>
+            </value>
+        </item>
+      </dictionary>
+    </pickle>
+  </record>
+  <record id="4" aka="AAAAAAAAAAQ=">
+    <pickle>
+      <global name="WorkflowHistoryList" module="Products.ERP5Type.patches.WorkflowTool"/>
+    </pickle>
+    <pickle>
+      <tuple>
+        <none/>
+        <list>
+          <dictionary>
+            <item>
+                <key> <string>action</string> </key>
+                <value> <string>validate</string> </value>
+            </item>
+            <item>
+                <key> <string>validation_state</string> </key>
+                <value> <string>validated</string> </value>
+            </item>
+          </dictionary>
+        </list>
+      </tuple>
+    </pickle>
+  </record>
+</ZopeData>

bt5/erp5_oauth_facebook_login/PathTemplateItem/portal_caches/facebook_server_auth_token_cache_factory.xml

+<?xml version="1.0"?>
+<ZopeData>
+  <record id="1" aka="AAAAAAAAAAE=">
+    <pickle>
+      <global name="Cache Factory" module="erp5.portal_type"/>
+    </pickle>
+    <pickle>
+      <dictionary>
+        <item>
+            <key> <string>_count</string> </key>
+            <value>
+              <persistent> <string encoding="base64">AAAAAAAAAAI=</string> </persistent>
+            </value>
+        </item>
+        <item>
+            <key> <string>_mt_index</string> </key>
+            <value>
+              <persistent> <string encoding="base64">AAAAAAAAAAM=</string> </persistent>
+            </value>
+        </item>
+        <item>
+            <key> <string>_tree</string> </key>
+            <value>
+              <persistent> <string encoding="base64">AAAAAAAAAAQ=</string> </persistent>
+            </value>
+        </item>
+        <item>
+            <key> <string>cache_duration</string> </key>
+            <value> <int>3600</int> </value>
+        </item>
+        <item>
+            <key> <string>description</string> </key>
+            <value>
+              <none/>
+            </value>
+        </item>
+        <item>
+            <key> <string>id</string> </key>
+            <value> <string>facebook_server_auth_token_cache_factory</string> </value>
+        </item>
+        <item>
+            <key> <string>portal_type</string> </key>
+            <value> <string>Cache Factory</string> </value>
+        </item>
+        <item>
+            <key> <string>title</string> </key>
+            <value>
+              <none/>
+            </value>
+        </item>
+      </dictionary>
+    </pickle>
+  </record>
+  <record id="2" aka="AAAAAAAAAAI=">
+    <pickle>
+      <global name="Length" module="BTrees.Length"/>
+    </pickle>
+    <pickle> <int>0</int> </pickle>
+  </record>
+  <record id="3" aka="AAAAAAAAAAM=">
+    <pickle>
+      <global name="OOBTree" module="BTrees.OOBTree"/>
+    </pickle>
+    <pickle>
+      <none/>
+    </pickle>
+  </record>
+  <record id="4" aka="AAAAAAAAAAQ=">
+    <pickle>
+      <global name="OOBTree" module="BTrees.OOBTree"/>
+    </pickle>
+    <pickle>
+      <none/>
+    </pickle>
+  </record>
+</ZopeData>

bt5/erp5_oauth_facebook_login/PathTemplateItem/portal_caches/facebook_server_auth_token_cache_factory/persistent_cache_plugin.xml

+<?xml version="1.0"?>
+<ZopeData>
+  <record id="1" aka="AAAAAAAAAAE=">
+    <pickle>
+      <global name="Distributed Ram Cache" module="erp5.portal_type"/>
+    </pickle>
+    <pickle>
+      <dictionary>
+        <item>
+            <key> <string>categories</string> </key>
+            <value>
+              <tuple>
+                <string>specialise/portal_memcached/default_memcached_plugin</string>
+              </tuple>
+            </value>
+        </item>
+        <item>
+            <key> <string>id</string> </key>
+            <value> <string>persistent_cache_plugin</string> </value>
+        </item>
+        <item>
+            <key> <string>portal_type</string> </key>
+            <value> <string>Distributed Ram Cache</string> </value>
+        </item>
+      </dictionary>
+    </pickle>
+  </record>
+</ZopeData>

bt5/erp5_oauth_facebook_login/PortalTypeAllowedContentTypeTemplateItem/allowed_content_types.xml

+<allowed_content_type_list>
+ <portal_type id="OAuth Tool">
+  <item>Facebook Connector</item>
+ </portal_type>
+ <portal_type id="Person">
+  <item>Facebook Login</item>
+ </portal_type>
+</allowed_content_type_list>
\ No newline at end of file

bt5/erp5_oauth_facebook_login/PortalTypePropertySheetTemplateItem/property_sheet_list.xml

+<property_sheet_list>
+ <portal_type id="Facebook Connector">
+  <item>OAuthClient</item>
+ </portal_type>
+ <portal_type id="Template Tool">
+  <item>TemplateToolERP5FacebookExtractionPluginConstraint</item>
+ </portal_type>
+</property_sheet_list>
\ No newline at end of file

bt5/erp5_oauth_facebook_login/PortalTypeTemplateItem/portal_types/Facebook%20Connector.xml

+<?xml version="1.0"?>
+<ZopeData>
+  <record id="1" aka="AAAAAAAAAAE=">
+    <pickle>
+      <global name="Base Type" module="erp5.portal_type"/>
+    </pickle>
+    <pickle>
+      <dictionary>
+        <item>
+            <key> <string>content_icon</string> </key>
+            <value>
+              <none/>
+            </value>
+        </item>
+        <item>
+            <key> <string>description</string> </key>
+            <value>
+              <none/>
+            </value>
+        </item>
+        <item>
+            <key> <string>id</string> </key>
+            <value> <string>Facebook Connector</string> </value>
+        </item>
+        <item>
+            <key> <string>init_script</string> </key>
+            <value>
+              <none/>
+            </value>
+        </item>
+        <item>
+            <key> <string>permission</string> </key>
+            <value>
+              <none/>
+            </value>
+        </item>
+        <item>
+            <key> <string>portal_type</string> </key>
+            <value> <string>Base Type</string> </value>
+        </item>
+        <item>
+            <key> <string>type_class</string> </key>
+            <value> <string>XMLObject</string> </value>
+        </item>
+        <item>
+            <key> <string>type_interface</string> </key>
+            <value>
+              <tuple/>
+            </value>
+        </item>
+        <item>
+            <key> <string>type_mixin</string> </key>
+            <value>
+              <tuple/>
+            </value>
+        </item>
+      </dictionary>
+    </pickle>
+  </record>
+</ZopeData>

bt5/erp5_oauth_facebook_login/PortalTypeTemplateItem/portal_types/Facebook%20Login.xml

+<?xml version="1.0"?>
+<ZopeData>
+  <record id="1" aka="AAAAAAAAAAE=">
+    <pickle>
+      <global name="Base Type" module="erp5.portal_type"/>
+    </pickle>
+    <pickle>
+      <dictionary>
+        <item>
+            <key> <string>content_icon</string> </key>
+            <value>
+              <none/>
+            </value>
+        </item>
+        <item>
+            <key> <string>description</string> </key>
+            <value>
+              <none/>
+            </value>
+        </item>
+        <item>
+            <key> <string>group_list</string> </key>
+            <value>
+              <tuple>
+                <string>login</string>
+              </tuple>
+            </value>
+        </item>
+        <item>
+            <key> <string>id</string> </key>
+            <value> <string>Facebook Login</string> </value>
+        </item>
+        <item>
+            <key> <string>init_script</string> </key>
+            <value>
+              <none/>
+            </value>
+        </item>
+        <item>
+            <key> <string>permission</string> </key>
+            <value>
+              <none/>
+            </value>
+        </item>
+        <item>
+            <key> <string>portal_type</string> </key>
+            <value> <string>Base Type</string> </value>
+        </item>
+        <item>
+            <key> <string>searchable_text_property_id</string> </key>
+            <value>
+              <tuple>
+                <string>reference</string>
+              </tuple>
+            </value>
+        </item>
+        <item>
+            <key> <string>type_class</string> </key>
+            <value> <string>Login</string> </value>
+        </item>
+        <item>
+            <key> <string>type_interface</string> </key>
+            <value>
+              <tuple/>
+            </value>
+        </item>
+        <item>
+            <key> <string>type_mixin</string> </key>
+            <value>
+              <tuple/>
+            </value>
+        </item>
+      </dictionary>
+    </pickle>
+  </record>
+</ZopeData>

bt5/erp5_oauth_facebook_login/PortalTypeWorkflowChainTemplateItem/workflow_chain_type.xml

+<workflow_chain>
+ <chain>
+  <type>Facebook Connector</type>
+  <workflow>edit_workflow, validation_workflow</workflow>
+ </chain>
+ <chain>
+  <type>Facebook Login</type>
+  <workflow>edit_workflow, validation_workflow</workflow>
+ </chain>
+</workflow_chain>
\ No newline at end of file

bt5/erp5_oauth_facebook_login/PropertySheetTemplateItem/portal_property_sheets/TemplateToolERP5FacebookExtractionPluginConstraint.xml

+<?xml version="1.0"?>
+<ZopeData>
+  <record id="1" aka="AAAAAAAAAAE=">
+    <pickle>
+      <global name="Property Sheet" module="erp5.portal_type"/>
+    </pickle>
+    <pickle>
+      <dictionary>
+        <item>
+            <key> <string>_count</string> </key>
+            <value>
+              <persistent> <string encoding="base64">AAAAAAAAAAI=</string> </persistent>
+            </value>
+        </item>
+        <item>
+            <key> <string>_mt_index</string> </key>
+            <value>
+              <persistent> <string encoding="base64">AAAAAAAAAAM=</string> </persistent>
+            </value>
+        </item>
+        <item>
+            <key> <string>_tree</string> </key>
+            <value>
+              <persistent> <string encoding="base64">AAAAAAAAAAQ=</string> </persistent>
+            </value>
+        </item>
+        <item>
+            <key> <string>description</string> </key>
+            <value>
+              <none/>
+            </value>
+        </item>
+        <item>
+            <key> <string>id</string> </key>
+            <value> <string>TemplateToolERP5FacebookExtractionPluginConstraint</string> </value>
+        </item>
+        <item>
+            <key> <string>portal_type</string> </key>
+            <value> <string>Property Sheet</string> </value>
+        </item>
+      </dictionary>
+    </pickle>
+  </record>
+  <record id="2" aka="AAAAAAAAAAI=">
+    <pickle>
+      <global name="Length" module="BTrees.Length"/>
+    </pickle>
+    <pickle> <int>0</int> </pickle>
+  </record>
+  <record id="3" aka="AAAAAAAAAAM=">
+    <pickle>
+      <global name="OOBTree" module="BTrees.OOBTree"/>
+    </pickle>
+    <pickle>
+      <none/>
+    </pickle>
+  </record>
+  <record id="4" aka="AAAAAAAAAAQ=">
+    <pickle>
+      <global name="OOBTree" module="BTrees.OOBTree"/>
+    </pickle>
+    <pickle>
+      <none/>
+    </pickle>
+  </record>
+</ZopeData>

bt5/erp5_oauth_facebook_login/PropertySheetTemplateItem/portal_property_sheets/TemplateToolERP5FacebookExtractionPluginConstraint/ERP5FacebookExtractionPlugin_existence_constraint.xml

+<?xml version="1.0"?>
+<ZopeData>
+  <record id="1" aka="AAAAAAAAAAE=">
+    <pickle>
+      <global name="Script Constraint" module="erp5.portal_type"/>
+    </pickle>
+    <pickle>
+      <dictionary>
+        <item>
+            <key> <string>_identity_criterion</string> </key>
+            <value>
+              <persistent> <string encoding="base64">AAAAAAAAAAI=</string> </persistent>
+            </value>
+        </item>
+        <item>
+            <key> <string>_range_criterion</string> </key>
+            <value>
+              <persistent> <string encoding="base64">AAAAAAAAAAM=</string> </persistent>
+            </value>
+        </item>
+        <item>
+            <key> <string>categories</string> </key>
+            <value>
+              <tuple>
+                <string>constraint_type/post_upgrade</string>
+              </tuple>
+            </value>
+        </item>
+        <item>
+            <key> <string>description</string> </key>
+            <value>
+              <none/>
+            </value>
+        </item>
+        <item>
+            <key> <string>id</string> </key>
+            <value> <string>ERP5FacebookExtractionPlugin_existence_constraint</string> </value>
+        </item>
+        <item>
+            <key> <string>portal_type</string> </key>
+            <value> <string>Script Constraint</string> </value>
+        </item>
+        <item>
+            <key> <string>script_id</string> </key>
+            <value> <string>TemplateTool_checkFacebookExtractionPluginExistenceConsistency</string> </value>
+        </item>
+      </dictionary>
+    </pickle>
+  </record>
+  <record id="2" aka="AAAAAAAAAAI=">
+    <pickle>
+      <global name="PersistentMapping" module="Persistence.mapping"/>
+    </pickle>
+    <pickle>
+      <dictionary>
+        <item>
+            <key> <string>data</string> </key>
+            <value>
+              <dictionary/>
+            </value>
+        </item>
+      </dictionary>
+    </pickle>
+  </record>
+  <record id="3" aka="AAAAAAAAAAM=">
+    <pickle>
+      <global name="PersistentMapping" module="Persistence.mapping"/>
+    </pickle>
+    <pickle>
+      <dictionary>
+        <item>
+            <key> <string>data</string> </key>
+            <value>
+              <dictionary/>
+            </value>
+        </item>
+      </dictionary>
+    </pickle>
+  </record>
+</ZopeData>

bt5/erp5_oauth_facebook_login/SkinTemplateItem/portal_skins/erp5_oauth_facebook_login.xml

+<?xml version="1.0"?>
+<ZopeData>
+  <record id="1" aka="AAAAAAAAAAE=">
+    <pickle>
+      <global name="Folder" module="OFS.Folder"/>
+    </pickle>
+    <pickle>
+      <dictionary>
+        <item>
+            <key> <string>_objects</string> </key>
+            <value>
+              <tuple/>
+            </value>
+        </item>
+        <item>
+            <key> <string>id</string> </key>
+            <value> <string>erp5_oauth_facebook_login</string> </value>
+        </item>
+        <item>
+            <key> <string>title</string> </key>
+            <value> <string></string> </value>
+        </item>
+      </dictionary>
+    </pickle>
+  </record>
+</ZopeData>

bt5/erp5_oauth_facebook_login/SkinTemplateItem/portal_skins/erp5_oauth_facebook_login/ERP5Site_callbackFacebookLogin.py

+import time
+
+def handleError(error):
+  context.Base_redirect(
+    'login_form',
+    keep_items={"portal_status_message":
+                context.Base_translateString(
+                  "There was problem with Facebook login: ${error}. Please try again later.",
+                  mapping={"error": error})
+               })
+
+if error is not None:
+  return handleError(error)
+
+elif code is not None:
+  portal = context.getPortalObject()
+  response_dict = context.ERP5Site_getFacebookAccessTokenFromCode(
+    code,
+    "{0}/ERP5Site_callbackFacebookLogin".format(context.absolute_url()))
+  if response_dict is not None:
+    access_token = response_dict['access_token'].encode('utf-8')
+    hash_str = context.Base_getHMAC(access_token, access_token)
+
+    context.REQUEST.RESPONSE.setCookie('__ac_facebook_hash', hash_str, path='/')
+    # store timestamp in second since the epoch in UTC is enough
+    response_dict["response_timestamp"] = time.time()
+
+    context.Base_setBearerToken(hash_str,
+                                response_dict,
+                                "facebook_server_auth_token_cache_factory")
+
+    user_dict = context.ERP5Site_getFacebookUserEntry(access_token)
+    user_reference = user_dict["reference"]
+
+    context.Base_setBearerToken(access_token,
+                                {"reference": user_reference},
+                                "facebook_server_auth_token_cache_factory")
+
+    method = getattr(context, "ERP5Site_createFacebookUserToOAuth", None)
+    if method is not None:
+      method(user_reference, user_dict)
+
+    came_from = context.REQUEST.get("came_from",  portal.absolute_url() + "#")
+    return context.REQUEST.RESPONSE.redirect(came_from)
+
+return handleError('')

bt5/erp5_oauth_facebook_login/SkinTemplateItem/portal_skins/erp5_oauth_facebook_login/ERP5Site_callbackFacebookLogin.xml

+<?xml version="1.0"?>
+<ZopeData>
+  <record id="1" aka="AAAAAAAAAAE=">
+    <pickle>
+      <global name="PythonScript" module="Products.PythonScripts.PythonScript"/>
+    </pickle>
+    <pickle>
+      <dictionary>
+        <item>
+            <key> <string>Script_magic</string> </key>
+            <value> <int>3</int> </value>
+        </item>
+        <item>
+            <key> <string>_bind_names</string> </key>
+            <value>
+              <object>
+                <klass>
+                  <global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/>
+                </klass>
+                <tuple/>
+                <state>
+                  <dictionary>
+                    <item>
+                        <key> <string>_asgns</string> </key>
+                        <value>
+                          <dictionary>
+                            <item>
+                                <key> <string>name_container</string> </key>
+                                <value> <string>container</string> </value>
+                            </item>
+                            <item>
+                                <key> <string>name_context</string> </key>
+                                <value> <string>context</string> </value>
+                            </item>
+                            <item>
+                                <key> <string>name_m_self</string> </key>
+                                <value> <string>script</string> </value>
+                            </item>
+                            <item>
+                                <key> <string>name_subpath</string> </key>
+                                <value> <string>traverse_subpath</string> </value>
+                            </item>
+                          </dictionary>
+                        </value>
+                    </item>
+                  </dictionary>
+                </state>
+              </object>
+            </value>
+        </item>
+        <item>
+            <key> <string>_params</string> </key>
+            <value> <string>code=None, error=None</string> </value>
+        </item>
+        <item>
+            <key> <string>_proxy_roles</string> </key>
+            <value>
+              <tuple>
+                <string>Auditor</string>
+              </tuple>
+            </value>
+        </item>
+        <item>
+            <key> <string>id</string> </key>
+            <value> <string>ERP5Site_callbackFacebookLogin</string> </value>
+        </item>
+      </dictionary>
+    </pickle>
+  </record>
+</ZopeData>

bt5/erp5_oauth_facebook_login/SkinTemplateItem/portal_skins/erp5_oauth_facebook_login/ERP5Site_getFacebookAccessTokenFromCode.xml

+<?xml version="1.0"?>
+<ZopeData>
+  <record id="1" aka="AAAAAAAAAAE=">
+    <pickle>
+      <global name="ExternalMethod" module="Products.ExternalMethod.ExternalMethod"/>
+    </pickle>
+    <pickle>
+      <dictionary>
+        <item>
+            <key> <string>_function</string> </key>
+            <value> <string>getAccessTokenFromCode</string> </value>
+        </item>
+        <item>
+            <key> <string>_module</string> </key>
+            <value> <string>FacebookLoginUtility</string> </value>
+        </item>
+        <item>
+            <key> <string>id</string> </key>
+            <value> <string>ERP5Site_getFacebookAccessTokenFromCode</string> </value>
+        </item>
+        <item>
+            <key> <string>title</string> </key>
+            <value> <string></string> </value>
+        </item>
+      </dictionary>
+    </pickle>
+  </record>
+</ZopeData>

bt5/erp5_oauth_facebook_login/SkinTemplateItem/portal_skins/erp5_oauth_facebook_login/ERP5Site_getFacebookClientIdAndSecretKey.py

+if REQUEST is not None:
+  raise ValueError("This script can't be called in the URL")
+
+result_list = context.getPortalObject().portal_catalog(
+  portal_type="Facebook Connector",
+  reference=reference,
+  validation_state="validated",
+  limit=2,
+)
+
+assert result_list, "Facebook Connector not found"
+
+if len(result_list) == 2:
+  raise ValueError("Impossible to select one Facebook Connector")
+
+facebook_connector = result_list[0]
+return facebook_connector.getClientId(), facebook_connector.getSecretKey()

bt5/erp5_oauth_facebook_login/SkinTemplateItem/portal_skins/erp5_oauth_facebook_login/ERP5Site_getFacebookClientIdAndSecretKey.xml

+<?xml version="1.0"?>
+<ZopeData>
+  <record id="1" aka="AAAAAAAAAAE=">
+    <pickle>
+      <global name="PythonScript" module="Products.PythonScripts.PythonScript"/>
+    </pickle>
+    <pickle>
+      <dictionary>
+        <item>
+            <key> <string>Script_magic</string> </key>
+            <value> <int>3</int> </value>
+        </item>
+        <item>
+            <key> <string>_bind_names</string> </key>
+            <value>
+              <object>
+                <klass>
+                  <global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/>
+                </klass>
+                <tuple/>
+                <state>
+                  <dictionary>
+                    <item>
+                        <key> <string>_asgns</string> </key>
+                        <value>
+                          <dictionary>
+                            <item>
+                                <key> <string>name_container</string> </key>
+                                <value> <string>container</string> </value>
+                            </item>
+                            <item>
+                                <key> <string>name_context</string> </key>
+                                <value> <string>context</string> </value>
+                            </item>
+                            <item>
+                                <key> <string>name_m_self</string> </key>
+                                <value> <string>script</string> </value>
+                            </item>
+                            <item>
+                                <key> <string>name_subpath</string> </key>
+                                <value> <string>traverse_subpath</string> </value>
+                            </item>
+                          </dictionary>
+                        </value>
+                    </item>
+                  </dictionary>
+                </state>
+              </object>
+            </value>
+        </item>
+        <item>
+            <key> <string>_params</string> </key>
+            <value> <string>reference="default", REQUEST=None</string> </value>
+        </item>
+        <item>
+            <key> <string>_proxy_roles</string> </key>
+            <value>
+              <tuple>
+                <string>Manager</string>
+              </tuple>
+            </value>
+        </item>
+        <item>
+            <key> <string>id</string> </key>
+            <value> <string>ERP5Site_getFacebookClientIdAndSecretKey</string> </value>
+        </item>
+      </dictionary>
+    </pickle>
+  </record>
+</ZopeData>

bt5/erp5_oauth_facebook_login/SkinTemplateItem/portal_skins/erp5_oauth_facebook_login/ERP5Site_getFacebookUserEntry.xml

+<?xml version="1.0"?>
+<ZopeData>
+  <record id="1" aka="AAAAAAAAAAE=">
+    <pickle>
+      <global name="ExternalMethod" module="Products.ExternalMethod.ExternalMethod"/>
+    </pickle>
+    <pickle>
+      <dictionary>
+        <item>
+            <key> <string>_function</string> </key>
+            <value> <string>getUserEntry</string> </value>
+        </item>
+        <item>
+            <key> <string>_module</string> </key>
+            <value> <string>FacebookLoginUtility</string> </value>
+        </item>
+        <item>
+            <key> <string>id</string> </key>
+            <value> <string>ERP5Site_getFacebookUserEntry</string> </value>
+        </item>
+        <item>
+            <key> <string>title</string> </key>
+            <value> <string></string> </value>
+        </item>
+      </dictionary>
+    </pickle>
+  </record>
+</ZopeData>

bt5/erp5_oauth_facebook_login/SkinTemplateItem/portal_skins/erp5_oauth_facebook_login/ERP5Site_redirectToFacebookLoginPage.py

+from ZTUtils import make_query
+
+client_id, _ = context.ERP5Site_getFacebookClientIdAndSecretKey()
+
+query = make_query({
+   # Call at he context of the appropriate web_service.
+   'client_id': client_id,
+   'redirect_uri': "{0}/ERP5Site_callbackFacebookLogin".format(came_from or context.absolute_url()),
+   'scope': 'email'
+})
+
+login_url = "https://www.facebook.com/v2.10/dialog/oauth"
+if "?" not in login_url:
+  login_url += "?"
+
+return context.REQUEST.RESPONSE.redirect("{0}{1}".format(login_url, query))

bt5/erp5_oauth_facebook_login/SkinTemplateItem/portal_skins/erp5_oauth_facebook_login/ERP5Site_redirectToFacebookLoginPage.xml

+<?xml version="1.0"?>
+<ZopeData>
+  <record id="1" aka="AAAAAAAAAAE=">
+    <pickle>
+      <global name="PythonScript" module="Products.PythonScripts.PythonScript"/>
+    </pickle>
+    <pickle>
+      <dictionary>
+        <item>
+            <key> <string>Script_magic</string> </key>
+            <value> <int>3</int> </value>
+        </item>
+        <item>
+            <key> <string>_bind_names</string> </key>
+            <value>
+              <object>
+                <klass>
+                  <global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/>
+                </klass>
+                <tuple/>
+                <state>
+                  <dictionary>
+                    <item>
+                        <key> <string>_asgns</string> </key>
+                        <value>
+                          <dictionary>
+                            <item>
+                                <key> <string>name_container</string> </key>
+                                <value> <string>container</string> </value>
+                            </item>
+                            <item>
+                                <key> <string>name_context</string> </key>
+                                <value> <string>context</string> </value>
+                            </item>
+                            <item>
+                                <key> <string>name_m_self</string> </key>
+                                <value> <string>script</string> </value>
+                            </item>
+                            <item>
+                                <key> <string>name_subpath</string> </key>
+                                <value> <string>traverse_subpath</string> </value>
+                            </item>
+                          </dictionary>
+                        </value>
+                    </item>
+                  </dictionary>
+                </state>
+              </object>
+            </value>
+        </item>
+        <item>
+            <key> <string>_params</string> </key>
+            <value> <string>came_from=None</string> </value>
+        </item>
+        <item>
+            <key> <string>_proxy_roles</string> </key>
+            <value>
+              <tuple>
+                <string>Auditor</string>
+              </tuple>
+            </value>
+        </item>
+        <item>
+            <key> <string>id</string> </key>
+            <value> <string>ERP5Site_redirectToFacebookLoginPage</string> </value>
+        </item>
+      </dictionary>
+    </pickle>
+  </record>
+</ZopeData>

bt5/erp5_oauth_facebook_login/SkinTemplateItem/portal_skins/erp5_oauth_facebook_login/FacebookConnector_view.xml

+<?xml version="1.0"?>
+<ZopeData>
+  <record id="1" aka="AAAAAAAAAAE=">
+    <pickle>
+      <global name="ERP5 Form" module="erp5.portal_type"/>
+    </pickle>
+    <pickle>
+      <dictionary>
+        <item>
+            <key> <string>_objects</string> </key>
+            <value>
+              <tuple/>
+            </value>
+        </item>
+        <item>
+            <key> <string>action</string> </key>
+            <value> <string>Base_edit</string> </value>
+        </item>
+        <item>
+            <key> <string>description</string> </key>
+            <value> <string></string> </value>
+        </item>
+        <item>
+            <key> <string>edit_order</string> </key>
+            <value>
+              <list/>
+            </value>
+        </item>
+        <item>
+            <key> <string>encoding</string> </key>
+            <value> <string>UTF-8</string> </value>
+        </item>
+        <item>
+            <key> <string>enctype</string> </key>
+            <value> <string></string> </value>
+        </item>
+        <item>
+            <key> <string>group_list</string> </key>
+            <value>
+              <list>
+                <string>left</string>
+                <string>right</string>
+                <string>center</string>
+                <string>bottom</string>
+                <string>hidden</string>
+              </list>
+            </value>
+        </item>
+        <item>
+            <key> <string>groups</string> </key>
+            <value>
+              <dictionary>
+                <item>
+                    <key> <string>bottom</string> </key>
+                    <value>
+                      <list/>
+                    </value>
+                </item>
+                <item>
+                    <key> <string>center</string> </key>
+                    <value>
+                      <list/>
+                    </value>
+                </item>
+                <item>
+                    <key> <string>hidden</string> </key>
+                    <value>
+                      <list/>
+                    </value>
+                </item>
+                <item>
+                    <key> <string>left</string> </key>
+                    <value>
+                      <list>
+                        <string>my_client_id</string>
+                        <string>my_secret_key</string>
+                      </list>
+                    </value>
+                </item>
+                <item>
+                    <key> <string>right</string> </key>
+                    <value>
+                      <list>
+                        <string>my_reference</string>
+                        <string>my_translated_validation_state_title</string>
+                      </list>
+                    </value>
+                </item>
+              </dictionary>
+            </value>
+        </item>
+        <item>
+            <key> <string>id</string> </key>
+            <value> <string>FacebookConnector_view</string> </value>
+        </item>
+        <item>
+            <key> <string>method</string> </key>
+            <value> <string>POST</string> </value>
+        </item>
+        <item>
+            <key> <string>name</string> </key>
+            <value> <string>FacebookConnector_view</string> </value>
+        </item>
+        <item>
+            <key> <string>pt</string> </key>
+            <value> <string>form_view</string> </value>
+        </item>
+        <item>
+            <key> <string>row_length</string> </key>
+            <value> <int>4</int> </value>
+        </item>
+        <item>
+            <key> <string>stored_encoding</string> </key>
+            <value> <string>UTF-8</string> </value>
+        </item>
+        <item>
+            <key> <string>title</string> </key>
+            <value> <string>Faceook Connector</string> </value>
+        </item>
+        <item>
+            <key> <string>unicode_mode</string> </key>
+            <value> <int>0</int> </value>
+        </item>
+        <item>
+            <key> <string>update_action</string> </key>
+            <value> <string></string> </value>
+        </item>
+        <item>
+            <key> <string>update_action_title</string> </key>
+            <value> <string></string> </value>
+        </item>
+      </dictionary>
+    </pickle>
+  </record>
+</ZopeData>

bt5/erp5_oauth_facebook_login/SkinTemplateItem/portal_skins/erp5_oauth_facebook_login/FacebookConnector_view/my_client_id.xml

+<?xml version="1.0"?>
+<ZopeData>
+  <record id="1" aka="AAAAAAAAAAE=">
+    <pickle>
+      <global name="ProxyField" module="Products.ERP5Form.ProxyField"/>
+    </pickle>
+    <pickle>
+      <dictionary>
+        <item>
+            <key> <string>delegated_list</string> </key>
+            <value>
+              <list>
+                <string>title</string>
+              </list>
+            </value>
+        </item>
+        <item>
+            <key> <string>id</string> </key>
+            <value> <string>my_client_id</string> </value>
+        </item>
+        <item>
+            <key> <string>message_values</string> </key>
+            <value>
+              <dictionary>
+                <item>
+                    <key> <string>external_validator_failed</string> </key>
+                    <value> <string>The input failed the external validator.</string> </value>
+                </item>
+              </dictionary>
+            </value>
+        </item>
+        <item>
+            <key> <string>overrides</string> </key>
+            <value>
+              <dictionary>
+                <item>
+                    <key> <string>field_id</string> </key>
+                    <value> <string></string> </value>
+                </item>
+                <item>
+                    <key> <string>form_id</string> </key>
+                    <value> <string></string> </value>
+                </item>
+              </dictionary>
+            </value>
+        </item>
+        <item>
+            <key> <string>tales</string> </key>
+            <value>
+              <dictionary>
+                <item>
+                    <key> <string>field_id</string> </key>
+                    <value> <string></string> </value>
+                </item>
+                <item>
+                    <key> <string>form_id</string> </key>
+                    <value> <string></string> </value>
+                </item>
+              </dictionary>
+            </value>
+        </item>
+        <item>
+            <key> <string>values</string> </key>
+            <value>
+              <dictionary>
+                <item>
+                    <key> <string>field_id</string> </key>
+                    <value> <string>my_reference</string> </value>
+                </item>
+                <item>
+                    <key> <string>form_id</string> </key>
+                    <value> <string>Base_viewFieldLibrary</string> </value>
+                </item>
+                <item>
+                    <key> <string>title</string> </key>
+                    <value> <string>Client Id</string> </value>
+                </item>
+              </dictionary>
+            </value>
+        </item>
+      </dictionary>
+    </pickle>
+  </record>
+</ZopeData>

bt5/erp5_oauth_facebook_login/SkinTemplateItem/portal_skins/erp5_oauth_facebook_login/FacebookConnector_view/my_reference.xml

+<?xml version="1.0"?>
+<ZopeData>
+  <record id="1" aka="AAAAAAAAAAE=">
+    <pickle>
+      <global name="ProxyField" module="Products.ERP5Form.ProxyField"/>
+    </pickle>
+    <pickle>
+      <dictionary>
+        <item>
+            <key> <string>id</string> </key>
+            <value> <string>my_reference</string> </value>
+        </item>
+        <item>
+            <key> <string>message_values</string> </key>
+            <value>
+              <dictionary>
+                <item>
+                    <key> <string>external_validator_failed</string> </key>
+                    <value> <string>The input failed the external validator.</string> </value>
+                </item>
+              </dictionary>
+            </value>
+        </item>
+        <item>
+            <key> <string>overrides</string> </key>
+            <value>
+              <dictionary>
+                <item>
+                    <key> <string>field_id</string> </key>
+                    <value> <string></string> </value>
+                </item>
+                <item>
+                    <key> <string>form_id</string> </key>
+                    <value> <string></string> </value>
+                </item>
+              </dictionary>
+            </value>
+        </item>
+        <item>
+            <key> <string>tales</string> </key>
+            <value>
+              <dictionary>
+                <item>
+                    <key> <string>field_id</string> </key>
+                    <value> <string></string> </value>
+                </item>
+                <item>
+                    <key> <string>form_id</string> </key>
+                    <value> <string></string> </value>
+                </item>
+              </dictionary>
+            </value>
+        </item>
+        <item>
+            <key> <string>values</string> </key>
+            <value>
+              <dictionary>
+                <item>
+                    <key> <string>field_id</string> </key>
+                    <value> <string>my_reference</string> </value>
+                </item>
+                <item>
+                    <key> <string>form_id</string> </key>
+                    <value> <string>Base_viewFieldLibrary</string> </value>
+                </item>
+              </dictionary>
+            </value>
+        </item>
+      </dictionary>
+    </pickle>
+  </record>
+</ZopeData>

bt5/erp5_oauth_facebook_login/SkinTemplateItem/portal_skins/erp5_oauth_facebook_login/FacebookConnector_view/my_secret_key.xml

+<?xml version="1.0"?>
+<ZopeData>
+  <record id="1" aka="AAAAAAAAAAE=">
+    <pickle>
+      <global name="ProxyField" module="Products.ERP5Form.ProxyField"/>
+    </pickle>
+    <pickle>
+      <dictionary>
+        <item>
+            <key> <string>delegated_list</string> </key>
+            <value>
+              <list>
+                <string>title</string>
+              </list>
+            </value>
+        </item>
+        <item>
+            <key> <string>id</string> </key>
+            <value> <string>my_secret_key</string> </value>
+        </item>
+        <item>
+            <key> <string>message_values</string> </key>
+            <value>
+              <dictionary>
+                <item>
+                    <key> <string>external_validator_failed</string> </key>
+                    <value> <string>The input failed the external validator.</string> </value>
+                </item>
+              </dictionary>
+            </value>
+        </item>
+        <item>
+            <key> <string>overrides</string> </key>
+            <value>
+              <dictionary>
+                <item>
+                    <key> <string>field_id</string> </key>
+                    <value> <string></string> </value>
+                </item>
+                <item>
+                    <key> <string>form_id</string> </key>
+                    <value> <string></string> </value>
+                </item>
+              </dictionary>
+            </value>
+        </item>
+        <item>
+            <key> <string>tales</string> </key>
+            <value>
+              <dictionary>
+                <item>
+                    <key> <string>field_id</string> </key>
+                    <value> <string></string> </value>
+                </item>
+                <item>
+                    <key> <string>form_id</string> </key>
+                    <value> <string></string> </value>
+                </item>
+              </dictionary>
+            </value>
+        </item>
+        <item>
+            <key> <string>values</string> </key>
+            <value>
+              <dictionary>
+                <item>
+                    <key> <string>field_id</string> </key>
+                    <value> <string>my_reference</string> </value>
+                </item>
+                <item>
+                    <key> <string>form_id</string> </key>
+                    <value> <string>Base_viewFieldLibrary</string> </value>
+                </item>
+                <item>
+                    <key> <string>title</string> </key>
+                    <value> <string>Secret Key</string> </value>
+                </item>
+              </dictionary>
+            </value>
+        </item>
+      </dictionary>
+    </pickle>
+  </record>
+</ZopeData>

bt5/erp5_oauth_facebook_login/SkinTemplateItem/portal_skins/erp5_oauth_facebook_login/FacebookConnector_view/my_translated_validation_state_title.xml

+<?xml version="1.0"?>
+<ZopeData>
+  <record id="1" aka="AAAAAAAAAAE=">
+    <pickle>
+      <global name="ProxyField" module="Products.ERP5Form.ProxyField"/>
+    </pickle>
+    <pickle>
+      <dictionary>
+        <item>
+            <key> <string>delegated_list</string> </key>
+            <value>
+              <list/>
+            </value>
+        </item>
+        <item>
+            <key> <string>id</string> </key>
+            <value> <string>my_translated_validation_state_title</string> </value>
+        </item>
+        <item>
+            <key> <string>message_values</string> </key>
+            <value>
+              <dictionary>
+                <item>
+                    <key> <string>external_validator_failed</string> </key>
+                    <value> <string>The input failed the external validator.</string> </value>
+                </item>
+              </dictionary>
+            </value>
+        </item>
+        <item>
+            <key> <string>overrides</string> </key>
+            <value>
+              <dictionary>
+                <item>
+                    <key> <string>field_id</string> </key>
+                    <value> <string></string> </value>
+                </item>
+                <item>
+                    <key> <string>form_id</string> </key>
+                    <value> <string></string> </value>
+                </item>
+              </dictionary>
+            </value>
+        </item>
+        <item>
+            <key> <string>tales</string> </key>
+            <value>
+              <dictionary>
+                <item>
+                    <key> <string>field_id</string> </key>
+                    <value> <string></string> </value>
+                </item>
+                <item>
+                    <key> <string>form_id</string> </key>
+                    <value> <string></string> </value>
+                </item>
+              </dictionary>
+            </value>
+        </item>
+        <item>
+            <key> <string>values</string> </key>
+            <value>
+              <dictionary>
+                <item>
+                    <key> <string>field_id</string> </key>
+                    <value> <string>my_translated_workflow_state_title</string> </value>
+                </item>
+                <item>
+                    <key> <string>form_id</string> </key>
+                    <value> <string>Base_viewFieldLibrary</string> </value>
+                </item>
+              </dictionary>
+            </value>
+        </item>
+      </dictionary>
+    </pickle>
+  </record>
+</ZopeData>

bt5/erp5_oauth_facebook_login/SkinTemplateItem/portal_skins/erp5_oauth_facebook_login/TemplateTool_checkFacebookExtractionPluginExistenceConsistency.py

+acl_users = context.getPortalObject().acl_users
+plugin_id = 'erp5_facebook_extraction'
+error_list = []
+if plugin_id not in acl_users.objectIds():
+  error_list.append(
+    'ERP5 Facebook Extraction Plugin does not exist as %s/%s' % (acl_users.getPath(), plugin_id))
+  if fixit:
+    acl_users.manage_addProduct['ERP5Security'].addERP5FacebookExtractionPlugin(plugin_id)
+    getattr(acl_users, plugin_id).manage_activateInterfaces([
+      'IExtractionPlugin',
+    ])
+return error_list

bt5/erp5_oauth_facebook_login/SkinTemplateItem/portal_skins/erp5_oauth_facebook_login/TemplateTool_checkFacebookExtractionPluginExistenceConsistency.xml

+<?xml version="1.0"?>
+<ZopeData>
+  <record id="1" aka="AAAAAAAAAAE=">
+    <pickle>
+      <global name="PythonScript" module="Products.PythonScripts.PythonScript"/>
+    </pickle>
+    <pickle>
+      <dictionary>
+        <item>
+            <key> <string>Script_magic</string> </key>
+            <value> <int>3</int> </value>
+        </item>
+        <item>
+            <key> <string>_bind_names</string> </key>
+            <value>
+              <object>
+                <klass>
+                  <global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/>
+                </klass>
+                <tuple/>
+                <state>
+                  <dictionary>
+                    <item>
+                        <key> <string>_asgns</string> </key>
+                        <value>
+                          <dictionary>
+                            <item>
+                                <key> <string>name_container</string> </key>
+                                <value> <string>container</string> </value>
+                            </item>
+                            <item>
+                                <key> <string>name_context</string> </key>
+                                <value> <string>context</string> </value>
+                            </item>
+                            <item>
+                                <key> <string>name_m_self</string> </key>
+                                <value> <string>script</string> </value>
+                            </item>
+                            <item>
+                                <key> <string>name_subpath</string> </key>
+                                <value> <string>traverse_subpath</string> </value>
+                            </item>
+                          </dictionary>
+                        </value>
+                    </item>
+                  </dictionary>
+                </state>
+              </object>
+            </value>
+        </item>
+        <item>
+            <key> <string>_params</string> </key>
+            <value> <string>fixit=False</string> </value>
+        </item>
+        <item>
+            <key> <string>id</string> </key>
+            <value> <string>TemplateTool_checkFacebookExtractionPluginExistenceConsistency</string> </value>
+        </item>
+      </dictionary>
+    </pickle>
+  </record>
+</ZopeData>

bt5/erp5_oauth_facebook_login/TestTemplateItem/portal_components/test.erp5.testFacebookLogin.py

+##############################################################################
+#
+# Copyright (c) 2002-2016 Nexedi SA and Contributors. All Rights Reserved.
+#
+# WARNING: This program as such is intended to be used by professional
+# programmers who take the whole responsibility of assessing all potential
+# consequences resulting from its eventual inadequacies and bugs
+# End users who are looking for a ready-to-use solution with commercial
+# guarantees and support are strongly adviced to contract a Free Software
+# Service Company
+#
+# This program is Free Software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation; either version 2
+# of the License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+#
+##############################################################################
+
+import uuid
+from Products.ERP5Type.tests.ERP5TypeTestCase import ERP5TypeTestCase
+from erp5.component.extension import FacebookLoginUtility
+from Products.ERP5Type.tests.utils import createZODBPythonScript
+
+CLIENT_ID = "a1b2c3"
+SECRET_KEY = "3c2ba1"
+ACCESS_TOKEN = "EAAF10h0gIiQZDZD"
+CODE = "1235"
+
+def getUserId(access_token):
+  return "1234567890123456"
+
+def getAccessTokenFromCode(code, redirect_uri):
+  assert code == CODE, "Invalid code"
+  # This is an example of a Facebook response
+  return  {u'access_token': u'EAAF10h0gIiQZDZD',
+           u'token_type': u'bearer',
+           u'expires_in': 5138578}
+
+def getUserEntry(access_token):
+  return {'name': 'John Doe',
+          'reference': getUserId(None),
+          'email': "dummy@example.org"}
+
+FacebookLoginUtility_getAccessTokenFromCode = FacebookLoginUtility.getAccessTokenFromCode
+FacebookLoginUtility_getUserEntry = FacebookLoginUtility.getUserEntry
+
+class TestFacebookLogin(ERP5TypeTestCase):
+
+  def getTitle(self):
+    return "Test Facebook Login"
+
+  def beforeTearDown(self):
+    FacebookLoginUtility.getAccessTokenFromCode = FacebookLoginUtility_getAccessTokenFromCode
+    FacebookLoginUtility.getUserEntry = FacebookLoginUtility_getUserEntry
+
+  def afterSetUp(self):
+    """
+    This is ran before anything, used to set the environment
+    """
+    self.login()
+    self.portal.TemplateTool_checkFacebookExtractionPluginExistenceConsistency(fixit=True)
+    # Patch extension to avoid external connection
+    FacebookLoginUtility.getUserId = getUserId
+    FacebookLoginUtility.getAccessTokenFromCode = getAccessTokenFromCode
+    FacebookLoginUtility.getUserEntry = getUserEntry
+
+    self.dummy_connector_id = "test_facebook_connector"
+    person_module = self.portal.person_module
+    portal_catalog = self.portal.portal_catalog
+    for obj in portal_catalog(portal_type=["Facebook Login", "Person"],
+                              reference=getUserId(None),
+                              validation_state="validated"):
+      obj.getObject().invalidate()
+      uuid_str = uuid.uuid4().hex
+      obj.setReference(uuid_str)
+      obj.setUserId(uuid_str)
+    for connector in portal_catalog(portal_type="Facebook Connector",
+                                    validation_state="validated",
+                                    id="NOT %s" % self.dummy_connector_id,
+                                    reference="default"):
+      connector.invalidate()
+
+    if getattr(self.portal.portal_oauth, self.dummy_connector_id, None) is None:
+      connector = self.portal.portal_oauth.newContent(id=self.dummy_connector_id,
+                                                      portal_type="Facebook Connector",
+                                                      reference="default",
+                                                      client_id=CLIENT_ID,
+                                                      secret_key=SECRET_KEY)
+      connector.validate()
+    self.tic()
+    self.logout()
+
+  def test_redirect(self):
+    """
+      Check URL generate to redirect to Facebook
+    """
+    self.logout()
+    self.portal.ERP5Site_redirectToFacebookLoginPage()
+    location = self.portal.REQUEST.RESPONSE.getHeader("Location")
+    self.assertIn("https://www.facebook.com/v2.10/dialog/oauth?", location)
+    self.assertIn("scope=email&redirect_uri=", location)
+    self.assertIn("client_id=%s" % CLIENT_ID, location)
+    self.assertNotIn("secret_key=", location)
+    self.assertIn("ERP5Site_callbackFacebookLogin", location)
+
+  def test_create_user_in_ERP5Site_createFacebookUserToOAuth(self):
+    """
+      Check if ERP5 set cookie properly after receive code from external service
+    """
+    self.login()
+    id_list = []
+    for result in self.portal.portal_catalog(portal_type="Credential Request",
+                                                         reference=getUserId(None)):
+      id_list.append(result.getObject().getId())
+    self.portal.credential_request_module.manage_delObjects(ids=id_list)
+    skin = self.portal.portal_skins.custom
+    createZODBPythonScript(skin, "CredentialRequest_createUser", "", """
+person = context.getDestinationDecisionValue(portal_type="Person")
+
+login_list = [x for x in person.objectValues(portal_type='Facebook Login') \
+              if x.getValidationState() == 'validated']
+
+if len(login_list):
+  login = login_list[0]
+else:
+  login = person.newContent(portal_type='Facebook Login')
+
+reference = context.getReference()
+if not login.hasReference():
+  if not reference:
+    raise ValueError("Impossible to create an account without login")
+  login.setReference(reference)
+  if not person.Person_getUserId():
+    person.setUserId(reference)
+
+  if login.getValidationState() == 'draft':
+    login.validate()
+
+return reference, None
+""")
+
+    createZODBPythonScript(skin, "ERP5Site_createFacebookUserToOAuth", "user_reference, user_dict", """
+module = context.getPortalObject().getDefaultModule(portal_type='Credential Request')
+credential_request = module.newContent(
+  portal_type="Credential Request",
+  first_name=user_dict["name"],
+  reference=user_reference,
+  default_email_text=user_dict["email"],
+)
+credential_request.submit()
+context.portal_alarms.accept_submitted_credentials.activeSense()
+return credential_request
+""")
+    self.logout()
+    response = self.portal.ERP5Site_callbackFacebookLogin(code=CODE)
+    facebook_hash = self.portal.REQUEST.RESPONSE.cookies.get("__ac_facebook_hash")["value"]
+    self.assertEqual("8cec04e21e927f1023f4f4980ec11a77", facebook_hash)
+    self.assertEqual(self.portal.absolute_url(), response)
+    cache_dict = self.portal.Base_getBearerToken(facebook_hash, "facebook_server_auth_token_cache_factory")
+    self.assertEqual(ACCESS_TOKEN, cache_dict["access_token"])
+    self.assertEqual({'reference': getUserId(None)},
+      self.portal.Base_getBearerToken(ACCESS_TOKEN, "facebook_server_auth_token_cache_factory")
+    )
+    self.portal.REQUEST["__ac_facebook_hash"] = facebook_hash
+    erp5_facebook_extractor = self.portal.acl_users.erp5_facebook_extraction
+    self.assertEqual({'external_login': getUserId(None),
+      'login_portal_type': 'Facebook Login',
+      'remote_host': '',
+      'remote_address': ''}, erp5_facebook_extractor.extractCredentials(self.portal.REQUEST))
+    self.tic()
+    self.login()
+    credential_request = self.portal.portal_catalog(portal_type="Credential Request",
+                                                    reference=getUserId(None))[0].getObject()
+    if credential_request.getValidationState() != "accepted":
+      credential_request.accept()
+    person = credential_request.getDestinationDecisionValue()
+    facebook_login = person.objectValues(portal_types="Facebook Login")[0]
+    self.assertEqual(getUserId(None), facebook_login.getReference())

bt5/erp5_oauth_facebook_login/TestTemplateItem/portal_components/test.erp5.testFacebookLogin.xml

+<?xml version="1.0"?>
+<ZopeData>
+  <record id="1" aka="AAAAAAAAAAE=">
+    <pickle>
+      <global name="Test Component" module="erp5.portal_type"/>
+    </pickle>
+    <pickle>
+      <dictionary>
+        <item>
+            <key> <string>_recorded_property_dict</string> </key>
+            <value>
+              <persistent> <string encoding="base64">AAAAAAAAAAI=</string> </persistent>
+            </value>
+        </item>
+        <item>
+            <key> <string>default_reference</string> </key>
+            <value> <string>testFacebookLogin</string> </value>
+        </item>
+        <item>
+            <key> <string>description</string> </key>
+            <value>
+              <none/>
+            </value>
+        </item>
+        <item>
+            <key> <string>id</string> </key>
+            <value> <string>test.erp5.testFacebookLogin</string> </value>
+        </item>
+        <item>
+            <key> <string>portal_type</string> </key>
+            <value> <string>Test Component</string> </value>
+        </item>
+        <item>
+            <key> <string>sid</string> </key>
+            <value>
+              <none/>
+            </value>
+        </item>
+        <item>
+            <key> <string>text_content_error_message</string> </key>
+            <value>
+              <tuple/>
+            </value>
+        </item>
+        <item>
+            <key> <string>text_content_warning_message</string> </key>
+            <value>
+              <tuple>
+                <string>W: 77,  4: Unused variable \'person_module\' (unused-variable)</string>
+              </tuple>
+            </value>
+        </item>
+        <item>
+            <key> <string>version</string> </key>
+            <value> <string>erp5</string> </value>
+        </item>
+        <item>
+            <key> <string>workflow_history</string> </key>
+            <value>
+              <persistent> <string encoding="base64">AAAAAAAAAAM=</string> </persistent>
+            </value>
+        </item>
+      </dictionary>
+    </pickle>
+  </record>
+  <record id="2" aka="AAAAAAAAAAI=">
+    <pickle>
+      <global name="PersistentMapping" module="Persistence.mapping"/>
+    </pickle>
+    <pickle>
+      <dictionary>
+        <item>
+            <key> <string>data</string> </key>
+            <value>
+              <dictionary/>
+            </value>
+        </item>
+      </dictionary>
+    </pickle>
+  </record>
+  <record id="3" aka="AAAAAAAAAAM=">
+    <pickle>
+      <global name="PersistentMapping" module="Persistence.mapping"/>
+    </pickle>
+    <pickle>
+      <dictionary>
+        <item>
+            <key> <string>data</string> </key>
+            <value>
+              <dictionary>
+                <item>
+                    <key> <string>component_validation_workflow</string> </key>
+                    <value>
+                      <persistent> <string encoding="base64">AAAAAAAAAAQ=</string> </persistent>
+                    </value>
+                </item>
+              </dictionary>
+            </value>
+        </item>
+      </dictionary>
+    </pickle>
+  </record>
+  <record id="4" aka="AAAAAAAAAAQ=">
+    <pickle>
+      <global name="WorkflowHistoryList" module="Products.ERP5Type.patches.WorkflowTool"/>
+    </pickle>
+    <pickle>
+      <tuple>
+        <none/>
+        <list>
+          <dictionary>
+            <item>
+                <key> <string>action</string> </key>
+                <value> <string>validate</string> </value>
+            </item>
+            <item>
+                <key> <string>validation_state</string> </key>
+                <value> <string>validated</string> </value>
+            </item>
+          </dictionary>
+        </list>
+      </tuple>
+    </pickle>
+  </record>
+</ZopeData>

bt5/erp5_oauth_facebook_login/bt/dependency_list

+erp5_bearer_token
+erp5_oauth
\ No newline at end of file

bt5/erp5_oauth_facebook_login/bt/template_action_path_list

+Facebook Connector | view
+Facebook Login | view
\ No newline at end of file

bt5/erp5_oauth_facebook_login/bt/template_extension_id_list

+extension.erp5.FacebookLoginUtility
\ No newline at end of file

bt5/erp5_oauth_facebook_login/bt/template_format_version

+1
\ No newline at end of file

bt5/erp5_oauth_facebook_login/bt/template_path_list

+portal_caches/facebook_server_auth_token_cache_factory
+portal_caches/facebook_server_auth_token_cache_factory/**
\ No newline at end of file

bt5/erp5_oauth_facebook_login/bt/template_portal_type_allowed_content_type_list

+OAuth Tool | Facebook Connector
+Person | Facebook Login
\ No newline at end of file

bt5/erp5_oauth_facebook_login/bt/template_portal_type_id_list

+Facebook Connector
+Facebook Login
\ No newline at end of file

bt5/erp5_oauth_facebook_login/bt/template_portal_type_property_sheet_list

+Facebook Connector | OAuthClient
+Template Tool | TemplateToolERP5FacebookExtractionPluginConstraint
\ No newline at end of file

bt5/erp5_oauth_facebook_login/bt/template_portal_type_workflow_chain_list

+Facebook Connector | edit_workflow
+Facebook Connector | validation_workflow
+Facebook Login | edit_workflow
+Facebook Login | validation_workflow
\ No newline at end of file

bt5/erp5_oauth_facebook_login/bt/template_property_sheet_id_list

+TemplateToolERP5FacebookExtractionPluginConstraint
\ No newline at end of file

bt5/erp5_oauth_facebook_login/bt/template_skin_id_list

+erp5_oauth_facebook_login
\ No newline at end of file

bt5/erp5_oauth_facebook_login/bt/template_test_id_list

+test.erp5.testFacebookLogin

bt5/erp5_oauth_facebook_login/bt/test_dependency_list

+erp5_full_text_myisam_catalog
\ No newline at end of file

bt5/erp5_oauth_facebook_login/bt/title

+erp5_oauth_facebook_login
\ No newline at end of file

product/ERP5/bootstrap/erp5_core/SkinTemplateItem/portal_skins/erp5_auto_logout/logout.py

@@ -15,4 +15,7 @@ REQUEST.RESPONSE.expireCookie('__ac', path='/')
 if getattr(portal.portal_skins, "erp5_oauth_google_login", None):
   REQUEST.RESPONSE.expireCookie('__ac_google_hash', path='/')
 
+if getattr(portal.portal_skins, "erp5_oauth_facebook_login", None):
+  REQUEST.RESPONSE.expireCookie('__ac_facebook_hash', path='/')
+
 return REQUEST.RESPONSE.redirect(REQUEST.URL1 + '/logged_out')

product/ERP5/bootstrap/erp5_core/SkinTemplateItem/portal_skins/erp5_core/ERP5Site_getAvailableOAuthLoginList.py

@@ -5,4 +5,8 @@ portal_skin = context.getPortalObject().portal_skins
 if getattr(portal_skin, "erp5_oauth_google_login", None) is not None:
   oauth_login_list.append("google")
 
+if getattr(portal_skin, "erp5_oauth_facebook_login", None) is not None:
+  oauth_login_list.append("facebook")
+
+
 return oauth_login_list

product/ERP5/bootstrap/erp5_xhtml_style/SkinTemplateItem/portal_skins/erp5_xhtml_style/login_form.zpt

@@ -5,7 +5,8 @@
              global form_id string:login_form;
              available_oauth_login_list python: context.getPortalObject().ERP5Site_getAvailableOAuthLoginList();
              enable_google_login python: 'google' in available_oauth_login_list;
-             css_list python: enable_google_login and ['%s/zocial.min.css' % here.portal_url()] or [];
+             enable_facebook_login python: 'facebook' in available_oauth_login_list;
+             css_list python: (enable_google_login or enable_facebook_login) and ['%s/zocial.min.css' % here.portal_url()] or [];
              js_list python: ['%s/login_form.js' % (here.portal_url(), ), '%s/erp5.js' % (here.portal_url(), )]">
     <tal:block metal:use-macro="here/main_template/macros/master">
       <tal:block metal:fill-slot="main">
@@ -58,6 +59,15 @@
                 </div>
               </div>
             </tal:block>
+            <tal:block tal:condition="enable_facebook_login">
+              <div class="field">
+                <label>&nbsp;</label>
+                <div class="input">
+                  <a tal:attributes="href string:${here/portal_url}/ERP5Site_redirectToFacebookLoginPage"
+                     i18n:translate="" i18n:domain="ui" class="zocial facebook">Login with Facebook</a>
+                </div>
+              </div>
+            </tal:block>
           </fieldset>
           <script type="text/javascript">setFocus()</script>
           <p i18n:translate="" i18n:domain="ui">Having trouble logging in? Make sure to enable cookies in your web browser.</p>

product/ERP5Security/ERP5ExternalOauth2ExtractionPlugin.py

@@ -226,12 +226,41 @@ class ERP5ExternalOauth2ExtractionPlugin:
       creds['remote_address'] = request.get('REMOTE_ADDR', '')
     return creds
 
+def getFacebookUserEntry(token):
+  if facebook is None:
+    LOG('ERP5FacebookExtractionPlugin', INFO,
+        'No facebook module, install facebook-sdk package. '
+          'Authentication disabled.')
+    return None
+  timeout = socket.getdefaulttimeout()
+  args = {'fields' : 'id,name,email', }
+  try:
+    # require really fast interaction
+    socket.setdefaulttimeout(5)
+    facebook_entry = facebook.GraphAPI(token).get_object("me", **args)
+  finally:
+    socket.setdefaulttimeout(timeout)
+
+  user_entry = {}
+  if facebook_entry is not None:
+    # sanitise value
+    for k in ('name', 'id'):
+      try:
+        if k == 'id':
+          user_entry['reference'] = facebook_entry[k].encode('utf-8')
+        else:
+          user_entry[k] = facebook_entry[k].encode('utf-8')
+      except KeyError:
+        raise ValueError(facebook_entry)
+  return user_entry
+
 class ERP5FacebookExtractionPlugin(ERP5ExternalOauth2ExtractionPlugin, BasePlugin):
   """
   Plugin to authenicate as machines.
   """
 
   meta_type = "ERP5 Facebook Extraction Plugin"
+  login_portal_type = "Facebook Login"
   cookie_name = "__ac_facebook_hash"
   cache_factory_name = "facebook_server_auth_token_cache_factory"
 
@@ -239,33 +268,7 @@ class ERP5FacebookExtractionPlugin(ERP5ExternalOauth2ExtractionPlugin, BasePlugi
     return cache_value
 
   def getUserEntry(self, token):
-    if facebook is None:
-      LOG('ERP5FacebookExtractionPlugin', INFO,
-          'No facebook module, install facebook-sdk package. '
-            'Authentication disabled.')
-      return None
-    timeout = socket.getdefaulttimeout()
-    try:
-      # require really fast interaction
-      socket.setdefaulttimeout(5)
-      facebook_entry = facebook.GraphAPI(token).get_object("me")
-    except Exception:
-      facebook_entry = None
-    finally:
-      socket.setdefaulttimeout(timeout)
-
-    user_entry = {}
-    if facebook_entry is not None:
-      # sanitise value
-      try:
-        for k in ('first_name', 'last_name', 'id', 'email'):
-          if k == 'id':
-            user_entry['reference'] = facebook_entry[k].encode('utf-8')
-          else:
-            user_entry[k] = facebook_entry[k].encode('utf-8')
-      except KeyError:
-        user_entry = None
-    return user_entry
+    return getFacebookUserDict(token)
 
 class ERP5GoogleExtractionPlugin(ERP5ExternalOauth2ExtractionPlugin, BasePlugin):
   """