erp5_oauth_facebook_login: fix test failure, describe the #_=_ hack

/reviewed-on nexedi/erp5!739

bt5/erp5_oauth_facebook_login/SkinTemplateItem/portal_skins/erp5_oauth_facebook_login/ERP5Site_callbackFacebookLogin.py

@@ -40,6 +40,11 @@ elif code is not None:
     if method is not None:
       method(user_reference, user_dict)
 
+    # We intentionnally add this # to the URL because otherwise Facebook adds
+    # #_=_ and it breaks renderjs hash based URL routing.
+    # https://developers.facebook.com/support/bugs/318390728250352/?disable_redirect=0
+    # https://stackoverflow.com/questions/7131909/facebook-callback-appends-to-return-url/33257076#33257076
+    # https://lab.nexedi.com/nexedi/erp5/merge_requests/417#note_64365
     came_from = context.REQUEST.get("came_from",  portal.absolute_url() + "#")
     return context.REQUEST.RESPONSE.redirect(came_from)
 

bt5/erp5_oauth_facebook_login/TestTemplateItem/portal_components/test.erp5.testFacebookLogin.py

@@ -164,7 +164,8 @@ return credential_request
     response = self.portal.ERP5Site_callbackFacebookLogin(code=CODE)
     facebook_hash = self.portal.REQUEST.RESPONSE.cookies.get("__ac_facebook_hash")["value"]
     self.assertEqual("8cec04e21e927f1023f4f4980ec11a77", facebook_hash)
-    self.assertEqual(self.portal.absolute_url(), response)
+    # The # is because we workaround facebook adding #_=_ in return URL
+    self.assertEqual(self.portal.absolute_url() + '#', response)
     cache_dict = self.portal.Base_getBearerToken(facebook_hash, "facebook_server_auth_token_cache_factory")
     self.assertEqual(ACCESS_TOKEN, cache_dict["access_token"])
     self.assertEqual({'reference': getUserId(None)},