I saw someone post about fixing their facebook login with a proxy script. Here are the url's in the liferay instance settings:

1. Graph URL https://graph.facebook.com
2. OAuth Authentication URL https://graph.facebook.com/oauth/authorize
3. OAuth Token URL https://graph.facebook.com/oauth/access_token
4. Redirect URL http://www.mysite.org/c/login/facebook_connect_oauth

I don't know oauth so I had to reverse engineer it, but it seems the flow is liferay does a popup to number 2 then comes back on number 4, which does a server-to-server call as number 3. At that point you will have the "code" and "access_token" from facebook for that user. Then it redirects to a predefined path (a param from 2 (and 3, bloody hell)). That location closes the popup and forwards the original login page to something that does something, and I don't know, because that's where I'm stuck.

How I got here is I replaced all of the above urls with my own scripts to see which ones get activity. Number 1 and 3 never got any action, so I left them alone. #2 is just a patch I used to get number 4 working. Seems like I should be able to leave #2 alone as well. It just does a dumb forward to /oauth/authorize and repasses the same variables it took in. Number 4 is where the magic happens. It does a synchronous http request to #3 and passes the "code" it got from the return from #2, and it receives back the access_token from facebook, but I don't know what to do with it. I tried doing another dumb forward to the url's liferay provides during instantiation, but no luck. Is there any way to shove this data back into facebook_connect_oauth somehow? What does facebook_connect_oauth do with the client token? Re-pass it, set a cookie, store it in the users table? Is there more to the oauth process?

I've put in a lot of time on this with no luck. I sure would appreciate any help.