Facebook Ad API PHP : Invalid OAuth access token - php

I am working on the Facebook Ads API and I am totally new for this. I am getting an error to fetch the Ads account. The error is Invalid OAuth access token. After getting this error I came to google and searched a lot like
First Link Another one another one. But didn't find any solution so I decided to come to Stackoverflow so this question is not duplicate
Here is the code how I used the Facebook Ads API
public function login() {
$helper = $this->facebook->getRedirectLoginHelper();
$this->request->session()->write('fb_access_token', false);
$access_token = $this->request->session()->read('fb_access_token');
if ($access_token) {
echo "You are logged in!";
} else {
$permissions = ['email', 'ads_management', 'pages_show_list', 'publish_pages', 'manage_pages', 'ads_read'];
$loginUrl = $helper->getLoginUrl('http://localhost/FacebookManager/Adsmanagement/authenticate', $permissions);
echo 'Log in with Facebook';
}
}
public function authenticate() {
if (isset($_GET['state'])) {
$helper = $this->facebook->getRedirectLoginHelper();
$helper->getPersistentDataHandler()->set('state', $_GET['state']);
$accessToken = $helper->getAccessToken();
if($accessToken) {
echo "got the token";
$this->request->session()->write('fb_access_token', $accessToken);
//echo $accessToken;
$oAuth2Client = $this->facebook->getOAuth2Client();
$longLivedAccessToken = $oAuth2Client->getLongLivedAccessToken($accessToken);
$this->facebook->setDefaultAccessToken($longLivedAccessToken);
}
}
}
And I am getting the adaccount like this
public function getAdsAccount() {
$accesstoken = $this->request->session()->read('fb_access_token');
//$accesstoken = "AQwfmuNgKZCZCiZBuhAMGB8xZBty5dgNR7J9ZBO2ZCDl1SWYxnBLn9ahIn5FQTWxkJ0FPKbemeG0vUAwPsZCN2FFxOFey9BQr8CZBW07IwlZB0FK81SH8ozOil2GllR35BCyxQGhQ7JrtuCdNE6kjEOU0FZCAZDZD";
Api::init(
$this->app_id, // App ID
$this->appsecret,
$accesstoken // Your user access token
);
//*****************
$account = new AdAccount('****************');
$contracts = $account->read();
echo "<pre>"; print_r($contracts->getData());
}
So I am using a developer account, Trying to fetch this with the facebook test user from the APP dashboard-> Roles->Test User. I am setting the proper permissions etc. Don't know where I am wrong.
Update
Now the issue is if I create access token from Graph Explorar It works but if i create with SDK its giving me the error "invalid aouth Tokan"
Please help me. Thanks in advance.


Hello #manoj Kumar Please check with below URL with administrator login for app debug your AccessToken.
https://developers.facebook.com/tools/explorer/
Please check below code from facebook PHP SDK for getting the valid access token with permission ads_management.
require_once __DIR__ . '/vendor/autoload.php';
use Facebook\Facebook;
use Facebook\Exceptions\FacebookResponseException;
use Facebook\Exceptions\FacebookSDKException;
// Init PHP Sessions
session_start();
$fb = new Facebook([
'app_id' => '{your-app-id}',
'app_secret' => '{your-app-secret}',
]);
$helper = $fb->getRedirectLoginHelper();
if (!isset($_SESSION['facebook_access_token'])) {
$_SESSION['facebook_access_token'] = null;
}
if (!$_SESSION['facebook_access_token']) {
$helper = $fb->getRedirectLoginHelper();
try {
$_SESSION['facebook_access_token'] = (string) $helper->getAccessToken();
} catch(FacebookResponseException $e) {
// When Graph returns an error
echo 'Graph returned an error: ' . $e->getMessage();
exit;
} catch(FacebookSDKException $e) {
// When validation fails or other local issues
echo 'Facebook SDK returned an error: ' . $e->getMessage();
exit;
}
}
if ($_SESSION['facebook_access_token']) {
echo "You are logged in!";
} else {
$permissions = ['ads_management'];
$loginUrl = $helper->getLoginUrl('http://localhost:8888/marketing-api/', $permissions);
echo 'Log in with Facebook';
}
After that, You have to get AdAccount so use below code
use FacebookAds\Object\AdUser;
// Add after Api::init()
$me = new AdUser('me');
$my_adaccount = $me->getAdAccounts()->current();


It was actually my mistake. Facebook API return us an protect object. If you print the variable it will display it as string.
<?php
echo $longLivedAccessToken;
var_dump($longLivedAccessToken);
?>
The output is something like
I tried $longLivedAccessToken->getValue();
$oAuth2Client = $this->facebook->getOAuth2Client();
$longLivedAccessToken = $oAuth2Client->getLongLivedAccessToken($accessToken);
$accesstoken = $longLivedAccessToken->getValue();
$this->request->session()->write('fb_access_token', $accesstoken);
$this->facebook->setDefaultAccessToken($longLivedAccessToken);

Related

Facebook SDK error: Cross-site request forgery validation failed. Required param "state" missing from persistent data

I recently upgraded to the latest version of the facebook SDK and I'm having issues logging users in. I generate the login link just fine, but when facebook sends the user back to my site with the token, I get this error:
fb sdk error: Cross-site request forgery validation failed. Required param "state" missing from persistent data.
I tried to do some trouble shooting. I printed out everything in the session data and everything in the GET request. I see that the GET has a state parameter and the session data has a FBRLH_state parameter. They both have the same value. So how is it telling me that the parameter is missing?
I've tried some suggestions I've seen on other questions (ie, starting the session), but nothing seems to work.
Any help would be greatly appreciated! I'm using the php-graph-sdk-5.5. My facebook connect file is below
if(!class_exists('facebook')){
class facebook{
private $db = null;
private $fb = null;
private $token = null;
private $DEV = null;
private $sdk_error = null;
private $api_error = null;
private $verbose = false;
private $graph_user = null;
private $db_helper = null;
private $errors = null;
public function __construct($db,
$fb_id = FB_APP_ID,
$fb_secret = FB_APP_SECRET,
$fb_version = FB_DEFAULT_GRAPH_VERSION){
if($this->verbose) echo '<pre>';
if($this->verbose) echo 'starting construction'.PHP_EOL;
$this->db = $db;
if(!$this->fb){
$this->log[] = 'no connect found. building..'.PHP_EOL;
$this->fb = new Facebook\Facebook(array(
'app_id' => $fb_id,
'app_secret' => $fb_secret,
'default_graph_version' => $fb_version));
if(!$this->fb){
die('facebook initialization failure');
}
$this->log[] = 'finished building new connection'.PHP_EOL;
}
}
public function get_login_url($callback_uri, $permissions = ['email','user_birthday']){
global $_DEV,$_config;
$helper = $this->fb->getRedirectLoginHelper();
$callback_host = ($_DEV ? $_config['dev_domain'] : $_config['live_domain']);
$callback_url = 'https://'.$callback_host.$callback_uri;
return $helper->getLoginUrl($callback_url, $permissions);
}
public function catch_token(){
if($this->token){
$this->log[] = 'already have token.'.PHP_EOL;
return $this->token;
} else if(!$this->fb){
$this->log[] = $this->error[] = 'no facebook connection in catch token()';
}
$this->log[] = 'starting catch token routine.'.PHP_EOL;
//$_SESSION['state']=$_GET['state'];
echo '<pre>' . var_export($_SESSION, true) . '</pre>';
echo '<BR><BR><pre>' . var_export($_GET, true) . '</pre>';
$helper = $this->fb->getRedirectLoginHelper();
$this->token = $helper->getAccessToken();
$this->log[] = 'caught token: '.$this->token;
$string_token = $this->token.PHP_EOL;
//die($string_token);
try {
$helper = $this->fb->getRedirectLoginHelper();
$this->token = $helper->getAccessToken();
$this->log[] = 'caught token: '.$this->token;
$string_token = $this->token.PHP_EOL;
return $this->user_flush();
} catch(Facebook\Exceptions\FacebookResponseException $e) {
// When Graph returns an error
$this->log[] = $this->errors[] = 'fb api error: ' . $e->getMessage();
return null;
} catch(Facebook\Exceptions\FacebookSDKException $e) {
// When validation fails or other local issues
$this->log[] = $this->errors[] = 'fb sdk error: ' . $e->getMessage();
return null;
} catch(Exception $e){
$this->log[] = $this->errors[] = 'unknown error: '.$e->getMessage();
return null;
}
}
public function get_token(){
$this->log[] = 'get token called.'.PHP_EOL;
if($this->token){
$this->log[] = 'token found in object'.PHP_EOL;
//echo '<pre>';
//die(debug_print_backtrace());
return $this->token;
} else {
$this->log[] = $this->errors[] = 'token not found in object.'.PHP_EOL;
return null;
}
}
public function get_user($override = false){
$fields = array(
'first_name',
'last_name',
'email',
'id',
'picture',
'birthday',
'gender',);
$fields = implode(',',$fields);
if($this->graph_user === null){
if($this->fb && $this->get_token()){
try {
// Returns a Facebook\FacebookResponse object
$resp_url = '/me?fields='.$fields.'&debug=all';
$this->log[] = $resp_url;
$response = $this->fb->get($resp_url, $this->get_token());
$this->graph_user = $response->getGraphUser();
return $this->graph_user;
}
catch(Facebook\Exceptions\FacebookResponseException $e) {
// When Graph returns an error
$this->api_error = 'fb api error: ' . $e->getMessage();
$this->errors[] = $this->api_error;
return null;
}
catch(Facebook\Exceptions\FacebookSDKException $e) {
// When validation fails or other local issues
$this->sdk_error = 'fb sdk error: ' . $e->getMessage();
$this->errors[] = $this->sdk_error;
return null;
}
} else {
$this->sdk_error = "get_user(): fb connection or token not set. are you logged in?";
$this->errors[] = $this->sdk_error;
//echo '<pre>';
//debug_print_backtrace();
//die('token: '.$this->token);
return null;
}
} else {
$this->sdk_error = "get_user(): graph_user already set";
$this->errors[] = $this->sdk_error;
return $this->graph_user;
}
}
public function get_user_first_name(){
return $this->get_user()['first_name'];
}
public function get_user_last_name(){
return $this->get_user()['last_name'];
}
public function get_user_id(){
return $this->get_user()['id'];
}
public function get_user_email(){
return $this->get_user()['email'];
}
public function get_user_picture(){
return $this->get_user()['picture']['url'];
}
public function get_user_birthday(){
return $this->get_user()['birthday'];
}
public function user_flush(){
//this is the command function.
// runs the basic functionality of this class
// by adding this user to the database if they're not there
// and logging them in if they are.
$this->graph_user = $this->get_user();
//$this->log['graph_user_at_user_flush'] = $this->graph_user;
$this->build_user();
$this->log['GRAPH_USER'] = $this->get_user();
$this->log['user_input_array#user_flush'] = $this->user_input;
if($return = $this->user->fb_register()){
//die(print_r(debug_backtrace(),true));
//$this->log['success return'] = '. '.$return;
return $return;
} else {
//die('<pre>'.print_r(debug_backtrace(),true));
$this->log['fb_register_fail'] = array('fb_register() (also login) failed.',$this->user->get_errors());
return null;
}
}
public function build_user(){
$this->user_input['first_name'] = $this->get_user_first_name();
//$this->user_input['last_name'] = $this->get_user_last_name();
$this->user_input['facebook_id'] = $this->get_user_id();
$this->user_input['email'] = $this->get_user_email();
$this->user_input['image_url'] = $this->get_user_picture();
$this->user_input['birthday'] = $this->get_user_birthday();
if($this->verbose)
print_r($this->user_input);
$this->user = new user($this->user_input,$this->db);
}
public function logout(){
unset($_SESSION['fb_id']);
unset($this->token);
unset($this->fb);
}
public function get_errors(){
return array_unique($this->errors);
}
public function get_log(){
return array_unique($this->log);
}
}
}
//finally, create the connection.
if(!isset($fb))
$fb = new facebook($db);

This might be kinda late but I hope it helps others.
I had this problem for a while and I've searched around and have seen a lot of different solutions, many of which disable the CSRF check. So after everything I've read, this is what worked for me.
For what I understand, you get this error when your redirect URL doesn't match the one you have setup on your app settings so my issue was fixed every easily but I have also seen people have issues by not having their session started properly, so I will cover both issues.
Step 1: Ensure your session has started when it needs to.
for example: fb-config.php
session_start();
include_once 'path/to/Facebook/autoload.php';
$fb = new \Facebook\Facebook([
'app_id' => 'your_app_id',
'app_secret' => 'your_secret_app_id',
'default_graph_version' => 'v2.10'
]);
$helper = $fb->getRedirectLoginHelper();
if your facebook callback code is on another file aside from the config, then start the session on that file too.
for example: fb-callback.php
session_start();
include_once 'path/to/fb-config.php';
try {
$accessToken = $helper->getAccessToken();
} catch (\Facebook\Exceptions\FacebookResponseException $e) {
echo "Response Exception: " . $e->getMessage();
exit();
} catch (\Facebook\Exceptions\FacebookSDKException $e) {
echo "SDK Exception: " . $e->getMessage();
exit();
}
/** THE REST OF YOUR CALLBACK CODE **/
Now, what solved my actual issue.
Step 3: Set up your redirect URL in your app settings.
In your Facebook Login app settings, go to the Valid OAuth redirect URIs where you should have added the url that points to your fb-callback.php file.
http://example.com/fb-callback.php
AND ALSO
http://www.example.com/fb-callback.php
then setup your redirect url as follows.
$redirectURL = "http://".$_SERVER['SERVER_NAME']."/fb-callback.php";
$permissions = ['email'];
$fLoginURL = $helper->getLoginUrl($redirectURL, $permissions);
Why both with and without www and why use SERVER_NAME?
because your Valid OAuth redirect URI needs to match your redirect url in your code and if in you app settings you only set your OAuth redirect as http://example.com/fb-callback.php and set up your $redirectURL as http://example.com/fb-bacllback.php to make it match but the user entered your site as http://www.example.com then the user will get the Facebook SDK error: Cross-site request forgery validation failed. Required param “state” missing from persistent data because the URL the user is at, doesn't EXACTLY match what you have setup. Why? I have no freaking idea.
My approach makes it so if the user enters your site as http://example.com or http://www.example.com, it will always match what you setup in your app settings. why? because $_SERVER['SERVER_NAME'] will return the domain with or without the www depending on how the user entered the url in the browser.
This are my findings and this is about the only thing that worked for me without removing the CSRF check and so far, no issues.
I hope this helps.

fb sdk error: Cross-site request forgery validation failed. Required param "state" missing from persistent data.
It has something to do with that you are going through the routine of calling getRedirectLoginHelper and $helper->getAccessToken() twice - once "on their own", and then again inside a try-catch block (copy&paste mistake, or unfortunate debug attempt maybe?)
I'm a bit too lazy to go check the SDK source right now, but I think it deliberately unsets the state parameter inside the session after the code was exchanged for a token, as part of making the whole process more secure - so that when you call getAccessToken a second time, it fails.

If anyone still with this proglem just add a session_start() at the begining of the callback file.

Well I faced the same error today and I got my solution from tutorials point
In your callback file, just add this line and you're good to go
if (isset($_GET['state'])) {
$helper->getPersistentDataHandler()->set('state', $_GET['state']);
}

I know I'm late to the party, but I faced this error, and I don't believe my solution was covered in the above responses, so here it goes:
One reason this error may arise is if you submit the same URL login request to Facebook more than once. For example, a user may impatiently click on a login button more than once, triggering multiple submissions of the URL. In my case, the solution was to intercept all clicks after the first with a JavaScript function.

Change version to v2.10 Check graph you are using in configuration php file
// Call Facebook API

Both the things didn't work for me for v14.
Adding that small code just before $helper = $fb->getRedirectLoginHelper(); worked.
Here's the code that actually worked -
$helper->getPersistentDataHandler()->set('state', $_GET['state']);

Still got this error after clicking login..
SDK Exception: Cross-site request forgery validation failed. Required
param "state" missing from persistent data.
I'll just follow and read the previous topic and comments above. And double check URL of Valid OAuth redirect URI.
Here's what id done. Well appreciated if you can share some thoughts and correct me..
create-acc.php
///FACEBOOK SIGNUP
session_start();
include_once 'config-facebook.php';
try {
$accessToken = $helper->getAccessToken();
} catch (\Facebook\Exceptions\FacebookResponseException $e) {
echo "Response Exception: " . $e->getMessage();
exit();
} catch (\Facebook\Exceptions\FacebookSDKException $e) {
echo "SDK Exception: " . $e->getMessage();
exit();
}
$redirectURL = "http://".$_SERVER['SERVER_NAME']."/create-acc.php";
$permissions = ['email'];
$fLoginURL = $helper->getLoginUrl($redirectURL, $permissions);
$facebook_button ='
<div style="background-color:white; color:#4b5563; cursor:pointer;" class="inline-flex border-2 py-1.5 px-5 rounded text-lg border-gray-300">
<div style="margin-top:5px;">
<img style="width:25px;" src="./assets/apps/facebook-logo-2019.png"/>
</div>
<b>Sign up with Facebook</b>
</div>
';
config-facebook.php
include_once 'Facebook/autoload.php';
$fb = new \Facebook\Facebook([
'app_id' => '**************',
'app_secret' => '*************',
'default_graph_version' => 'v2.10'
]);
$helper = $fb->getRedirectLoginHelper();
I'm literally new on this programming and still learning. So if you help it really save my time and learn on provided codes.And if I tried to add some callback codes to get a data, it looks like this on my work
create-acc.php add ons callback codes
///FACEBOOK SIGNUP
session_start();
include_once 'config-facebook.php';
if (isset($accessToken))
{
if (!isset($_SESSION['facebook_access_token']))
{
//get short-lived access token
$_SESSION['facebook_access_token'] = (string) $accessToken;
//OAuth 2.0 client handler
$oAuth2Client = $fb->getOAuth2Client();
//Exchanges a short-lived access token for a long-lived one
$longLivedAccessToken = $oAuth2Client->getLongLivedAccessToken($_SESSION['facebook_access_token']);
$_SESSION['facebook_access_token'] = (string) $longLivedAccessToken;
//setting default access token to be used in script
$fb->setDefaultAccessToken($_SESSION['facebook_access_token']);
}
else
{
$fb->setDefaultAccessToken($_SESSION['facebook_access_token']);
}
if (isset($_GET['code']))
{
header('Location: ./');
}
try {
$fb_response = $fb->get('/me?fields=name,first_name,last_name,email');
$fb_response_picture = $fb->get('/me/picture?redirect=false&height=200');
$fb_user = $fb_response->getGraphUser();
$picture = $fb_response_picture->getGraphUser();
$_SESSION['fb_user_id'] = $fb_user->getProperty('id');
$_SESSION['fb_user_name'] = $fb_user->getProperty('name');
$_SESSION['fb_user_email'] = $fb_user->getProperty('email');
$_SESSION['fb_user_pic'] = $picture['url'];
} catch(Facebook\Exceptions\FacebookResponseException $e) {
echo 'Facebook API Error: ' . $e->getMessage();
session_destroy();
header("Location: ./");
exit;
} catch(Facebook\Exceptions\FacebookSDKException $e) {
echo 'Facebook SDK Error: ' . $e->getMessage();
exit;
}
}
else
{
$redirectURL = "http://".$_SERVER['SERVER_NAME']."/create-acc.php";
$permissions = ['email'];
$fLoginURL = $helper->getLoginUrl($redirectURL, $permissions);
$facebook_button ='
<div style="background-color:white; color:#4b5563; cursor:pointer;" class="inline-flex border-2 py-1.5 px-5 rounded text-lg border-gray-300">
<div style="margin-top:5px;">
<img style="width:25px;" src="./assets/apps/facebook-logo-2019.png"/>
</div>
<b>Sign up with Facebook</b>
</div>
';
}
and the config-facebook.php
session_start();
include_once 'Facebook/autoload.php';
$fb = new \Facebook\Facebook([
'app_id' => '************',
'app_secret' => '************',
'default_graph_version' => 'v2.10'
]);
$helper = $fb->getRedirectLoginHelper();
try {
if(isset($_SESSION['facebook_access_token']))
{$accessToken = $_SESSION['facebook_access_token'];}
else
{$accessToken = $helper->getAccessToken();}
} catch(FacebookResponseException $e) {
echo 'Facebook API Error: ' . $e->getMessage();
exit;
} catch(FacebookSDKException $e) {
echo 'Facebook SDK Error: ' . $e->getMessage();
exit;
}
and the result here
Fatal error: Uncaught Facebook\Exceptions\FacebookSDKException: Cross-site request forgery validation failed. Required param "state" missing from persistent data. in /www/wwwroot/fruitask.com/Facebook/Helpers/FacebookRedirectLoginHelper.php:244 Stack trace: #0 /www/wwwroot/fruitask.com/Facebook/Helpers/FacebookRedirectLoginHelper.php(221): Facebook\Helpers\FacebookRedirectLoginHelper->validateCsrf() #1 /www/wwwroot/fruitask.com/config-facebook.php(20): Facebook\Helpers\FacebookRedirectLoginHelper->getAccessToken() #2 /www/wwwroot/fruitask.com/create-acc.php(162): include_once('/www/wwwroot/fr...') #3 {main} thrown in /www/wwwroot/fruitask.com/Facebook/Helpers/FacebookRedirectLoginHelper.php on line 244
Please do share some thoughts or any alternative way I can implement Facebook login on my website using PHP. Thanks in advance

How to get Long live access token for Graph Api For PHP facebook SDK?

I have tried to following way
but i got Error "The access token does not belong to application "
i have checked lot of time in my app id and secrt id, app id is correct but This error shown again and again I didn't peridict this Error? and also i have tried following way also
https://graph.facebook.com/v2.2/oauth/access_token?grant_type=fb_exchange_token&client_id=CLIENT_ID
&client_secret=SECRED CODE&fb_exchange_token=EAACEdEose0cBAJRZCZBIaDmW3oOO6SHaOkQLKdgyjp1evGoQ19mYcZCXu5wWLwZABJUbV77tjPjiE2pac2fDEmjM1tZAZB8hflSyERXFWIZB2DtzZAGSgVX6Ukb0ZAZAzd6pohnZBXU0T2aqYwf1umUxsfgHQXBNmM15yhdZBG2Br

PHPsdk 5 and v2.8
$fb = new Facebook\Facebook([
'app_id' => 'xxxxxxxxx',
'app_secret' => 'xxxxxxxxxxxxxxxxxxxxxxxxxxx',
'default_graph_version' => 'v2.8',
]);
$helper = $fb->getRedirectLoginHelper();
try {
$accessToken = $helper->getAccessToken();
} catch(Facebook\Exceptions\FacebookSDKException $e) {
// There was an error communicating with Graph
echo $e->getMessage();
exit;
}
$client = $fb->getOAuth2Client();
try {
// Returns a long-lived access token
$accessTokenLong = $client->getLongLivedAccessToken($accessToken);
} catch(Facebook\Exceptions\FacebookSDKException $e) {
// There was an error communicating with Graph
echo $e->getMessage();
exit;
}
if (isset($accessTokenLong)) {
// Logged in.
$_SESSION['facebook_access_token'] = (string) $accessTokenLong;
}
Reference url :https://www.sammyk.me/upgrading-the-facebook-php-sdk-from-v4-to-v5

What to place in header to use the Facebook PHP web SDK properly?

I have a website with a working user signup and login system. Recently, I decided that I should add Facebook signup option. I wish to add a Facebook sign in button in the signup page and get their email, first name and last name on sign in so they don't have to insert their details.
I read though most of the Facebook developer help docs including:
https://developers.facebook.com/docs/php/howto/example_facebook_login
https://developers.facebook.com/docs/php/howto/example_retrieve_user_profile
Those links tells me how to let a user to login and how to get user data from their profile.
I understand how all those parts work but I don't know how to put them together. Can anyone please teach me how to do so? Thank you soooo much!

Ok, I finally found how to do it...
So, the first part is to set up files correctly. Here is how you do it:
Download the php sdk kit from fb (here)
Place the files in the "src" folder to your website main directory
The second part is to make the page where you want to link with fb:
Include the fb autoload page in your php page by doing
require_once 'autoload.php'; at the top of the file
Authorize fb to use your app by placing
$fb = new Facebook\Facebook([
'app_id' => 'XXXXXXXXXXXXXXXX',
'app_secret' => 'XXXXXXXXXXXXXXXXXXXXXXXXXX',
'default_graph_version' => 'v2.6',
]);
right after the code in 1st step
This is basicly how you should start your code to link with fb user profile. The following code is what i used to get a user's name, email and profile image.
<?php
session_start();
require_once 'Facebook/autoload.php';
$fb = new Facebook\Facebook([
'app_id' => 'XXXXXXXXXXXXXXXX',
'app_secret' => 'XXXXXXXXXXXXXXXXXXXXXXXXXX',
'default_graph_version' => 'v2.6',
]);
$helper = $fb->getRedirectLoginHelper();
$permissions = ['email']; // optional
try {
if (isset($_SESSION['facebook_access_token'])) {
$accessToken = $_SESSION['facebook_access_token'];
} else {
$accessToken = $helper->getAccessToken();
}
} catch(Facebook\Exceptions\FacebookResponseException $e) {
// When Graph returns an error
echo 'Graph returned an error: ' . $e->getMessage();
exit;
} catch(Facebook\Exceptions\FacebookSDKException $e) {
// When validation fails or other local issues
echo 'Facebook SDK returned an error: ' . $e->getMessage();
exit;
}
if (isset($accessToken)) {
if (isset($_SESSION['facebook_access_token'])) {
$fb->setDefaultAccessToken($_SESSION['facebook_access_token']);
} else {
// getting short-lived access token
$_SESSION['facebook_access_token'] = (string) $accessToken;
// OAuth 2.0 client handler
$oAuth2Client = $fb->getOAuth2Client();
// Exchanges a short-lived access token for a long-lived one
$longLivedAccessToken = $oAuth2Client->getLongLivedAccessToken($_SESSION['facebook_access_token']);
$_SESSION['facebook_access_token'] = (string) $longLivedAccessToken;
// setting default access token to be used in script
$fb->setDefaultAccessToken($_SESSION['facebook_access_token']);
}
// redirect the user back to the same page if it has "code" GET variable
if (isset($_GET['code'])) {
header('Location: ./');
}
// getting basic info about user
try {
$profile_request = $fb->get('/me?fields=name,first_name,last_name,email');
$requestPicture = $fb->get('/me/picture?redirect=false&height=300');
$picture = $requestPicture->getGraphUser();
$profile = $profile_request->getGraphNode()->asArray();
} catch(Facebook\Exceptions\FacebookResponseException $e) {
// When Graph returns an error
echo 'Graph returned an error: ' . $e->getMessage();
session_destroy();
// redirecting user back to app login page
header("Location: ./");
exit;
} catch(Facebook\Exceptions\FacebookSDKException $e) {
// When validation fails or other local issues
echo 'Facebook SDK returned an error: ' . $e->getMessage();
exit;
}
// printing $profile array on the screen which holds the basic info about user
// Now you can redirect to another page and use the access token from $_SESSION['facebook_access_token']
} else {
// replace your website URL same as added in the developers.facebook.com/apps e.g. if you used http instead of https and you used non-www version or www version of your website then you must add the same here
$loginUrl = $helper->getLoginUrl('http://xxxxx', $permissions);
echo '<META HTTP-EQUIV="refresh" content="0;URL=' . $loginUrl . '">';}
?>
I wish that this could help anyone who is also stuck like me, bye~

'Invalid OAuth access token' while getting adAccount detail.

I am using FB Ads API, following steps described in documentation and created my PHP file as bellow. It gives me
Fatal error: Uncaught exception 'FacebookAds\Http\Exception\AuthorizationException' with message 'Invalid OAuth access token.' in /project/root/vendor/facebook/php-ads-sdk/src/FacebookAds/Http/Exception/RequestException.php on line 137
and
FacebookAds\Http\Exception\AuthorizationException: Invalid OAuth access token. in /project/root/vendor/facebook/php-ads-sdk/src/FacebookAds/Http/Exception/RequestException.php on line 137
My PHP code snippet is
<?php
require_once DIR . '/vendor/autoload.php';
use Facebook\Facebook;
use Facebook\Exceptions\FacebookResponseException;
use Facebook\Exceptions\FacebookSDKException;
use FacebookAds\Api;
use FacebookAds\Object\AdUser;
// Init PHP Sessions
session_start();
$fb = new Facebook([
'app_id' => 'your-app-id',
'app_secret' => 'your-app-secret',
]);
$helper = $fb->getRedirectLoginHelper();
if (!isset($_SESSION['facebook_access_token'])) {
$_SESSION['facebook_access_token'] = null;
}
if (!$_SESSION['facebook_access_token']) {
$helper = $fb->getRedirectLoginHelper();
try {
$_SESSION['facebook_access_token'] = (string) $helper->getAccessToken();
} catch (FacebookResponseException $e) {
// When Graph returns an error
echo 'Graph returned an error: ' . $e->getMessage();
exit;
} catch (FacebookSDKException $e) {
// When validation fails or other local issues
echo 'Facebook SDK returned an error: ' . $e->getMessage();
exit;
}
}
if ($_SESSION['facebook_access_token']) {
echo "You are logged in!";
$app = Api::init(
'your-app-id', // App ID
'your-app-secret', $_SESSION['facebook_access_token'] // Your user access token
);
$me = new AdUser('me');
$my_adaccount = $me->getAdAccounts()->current();
print_r($my_adaccount->getData());
} else {
$permissions = ['ads_management'];
$loginUrl = $helper->getLoginUrl('http://localhost:8888/marketing-api/', $permissions);
echo 'Log in with Facebook';
}

You should also check that the access token you have has not expired as this will also cause an authentication exception to be thrown. This access token object has the function isExpired which you can use to test this.
You can extend the access token by using Oauth2Client and calling getLongLivedAccessToken.
$long_lived_token =
$fb->getOauth2Client()->getLongLivedAccessToken($access_token);
If you want to see why the token has become invalid, you can use the Developer Debug Tool:
https://developers.facebook.com/tools/debug/

SDK Error The "state" param from the URL and session do not match

I am use this code from Facebook
https://developers.facebook.com/docs/php/gettingstarted/5.0.0
But now its show Facebook SDK returned an error: Cross-site request forgery validation failed. The "state" param from the URL and session do not match.
I cant understand whats wrong
my login callback page code
session_start();
require_once __DIR__ . '/facebook-php-sdk-v4-5.0-dev/src/Facebook/autoload.php';
$fb = new Facebook\Facebook([
'app_id' => 'xxxx',
'app_secret' => 'xxxxxxxx',
'default_graph_version' => 'v2.2',
]);
$helper = $fb->getRedirectLoginHelper();
try {
$accessToken = $helper->getAccessToken();
} catch(Facebook\Exceptions\FacebookResponseException $e) {
// When Graph returns an error
echo 'Graph returned an error: ' . $e->getMessage();
exit;
} catch(Facebook\Exceptions\FacebookSDKException $e) {
// When validation fails or other local issues
echo 'Facebook SDK returned an error: ' . $e->getMessage();
exit;
}
if (isset($accessToken)) {
// Logged in!
$_SESSION['facebook_access_token'] = (string) $accessToken;
// Now you can redirect to another page and use the
// access token from $_SESSION['facebook_access_token']
$_SESSION['facebook_access_token'];
}

Insert this code after: $helper = $fb->getRedirectLoginHelper();
$_SESSION['FBRLH_state']=$_GET['state'];
and it will work or for more detail visit facebook login apps

You are likely not accessing your server using the domain registered to the app. Are you running your webserver on localhost? If so, edit your /etc/hosts file to include something like
127.0.0.1 local.<yourdomain>.com
and then go to local..com and that should take care of it

Categories