From 8bb8795216ba4982fcd25102fc2d9aaf82dccdf3 Mon Sep 17 00:00:00 2001
From: Dayne Jones <daynejones@users.noreply.github.com>
Date: Wed, 29 Mar 2017 21:43:07 -0400
Subject: [PATCH] auth: Facebook now returns auth tokens in json instead of
 url-encoded

Fixes #1992
---
 tornado/auth.py           | 4 ++--
 tornado/test/auth_test.py | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/tornado/auth.py b/tornado/auth.py
index 44144061..63be2389 100644
--- a/tornado/auth.py
+++ b/tornado/auth.py
@@ -978,9 +978,9 @@ class FacebookGraphMixin(OAuth2Mixin):
             future.set_exception(AuthError('Facebook auth error: %s' % str(response)))
             return
 
-        args = urlparse.parse_qs(escape.native_str(response.body))
+        args = escape.json_decode(response.body)
         session = {
-            "access_token": args["access_token"][-1],
+            "access_token": args.get("access_token"),
             "expires": args.get("expires")
         }
 
diff --git a/tornado/test/auth_test.py b/tornado/test/auth_test.py
index 92616fa3..154954b7 100644
--- a/tornado/test/auth_test.py
+++ b/tornado/test/auth_test.py
@@ -149,7 +149,7 @@ class FacebookClientLoginHandler(RequestHandler, FacebookGraphMixin):
 
 class FacebookServerAccessTokenHandler(RequestHandler):
     def get(self):
-        self.write('access_token=asdf')
+        self.write(dict(access_token="asdf"))
 
 
 class FacebookServerMeHandler(RequestHandler):