I'm not the greatest programmer so sorry if this is a obvious issue but I really hope someone can help me. I am stumped.
I am trying to make my site run solely over https including a basic php Facebook integration, that captures data from the users profile.
The below code works as expected:
require_once __DIR__ . '/vendor/autoload.php';
$fb = new Facebook\Facebook(['app_id' => '','app_secret' => '','default_graph_version' => 'v2.7',]);
$helper = $fb->getRedirectLoginHelper();
$permissions = ['email,user_location']; // Optional permissions
$loginUrl = $helper->getLoginUrl('http://'.$_SERVER['SERVER_NAME'].'/profile.php', $permissions);
echo 'Facebook!';
However, changing the line:
$loginUrl = $helper->getLoginUrl('https://'.$_SERVER['SERVER_NAME'].'/profile.php', $permissions);
Returns the error:
"Can't Load URL: The domain of this URL isn't included in the app's domains. To be able to load this URL, add all domains and subdomains of your app to the App Domains field in your app settings."
I have all the same settings for HTTPS and HTTP in Facebook app settings and the Facebook log in settings. I can't work it out...
Related
my question is the same as this:
Facebook App - The domain of this URL isn't included in the app's domains. Why?
except that my url is: http://ccc.nnn.hhh.hu
The settins on fb, "facebook login":
Client OAuth Login: ON
Web OAuth Login: ON
Valid OAuth Redirect URIs: http://ccc.nnn.hhh.hu/my.php
strict mode is ON (cannot be disabled)
At basic:
App Domains: http://ccc.nnn.hhh.hu
so, when trying to login, the facebook dialogs asks for the username and password, so far so good. And then I get an exception for this:
$fb = new Facebook\Facebook([
'app_id' => aeaeae,
'app_secret' => rrrrr,
'default_graph_version' => 'v2.5'
]);
$helper = $fb->getRedirectLoginHelper();
$accessToken = $helper->getAccessToken();
and I wont get the $accessToken but the execption:
The domain of this URL isn't included in the app's domains.
Right, you have to upgrade the sdk to "5.6.2" to support strict mode.
Facebook is forcing strict mode by default now, and that implies that we should use a standard redirect URL, or declare our old custom URI in the Valid Oauth redirect URIs list. See:
https://developers.facebook.com/blog/post/2017/12/18/strict-uri-matching/
So, apart from upgrading the sdk, you guys want to add your custom URI in the list to support legacy app flows.
ok, solved.
I was using "5.4.2" and upgraded to "5.6.2".
first facebook asks me to click okay to authorize the app then chrome gives me this error. and the I have this endless redirect problem. I have read many cases about this but none clear and simple enough to get me over this obstacle.
The webpage at __________&redirect_uri=http%3A%2F%2Fmizu.net46.net%2Ffacebookpost6.php&state=_________________&sdk=php-sdk-3.2.3&req_perms=user_status%2Cpublish_stream%2Cuser_photos%2Coffline_access%2Cmanage_pages#=">https://www.facebook.com/dialog/oauth?client_id=__________&redirect_uri=http%3A%2F%2Fmizu.net46.net%2Ffacebookpost6.php&state=_________________&sdk=php-sdk-3.2.3&req_perms=user_status%2Cpublish_stream%2Cuser_photos%2Coffline_access%2Cmanage_pages#= has resulted in too many redirects. Clearing your cookies for this site or allowing third-party cookies may fix the problem. If not, it is possibly a server configuration issue and not a problem with your computer.
what I know.
facebook.php is working
the secret and appid are being passed correctly by the script.
I must have configured my app settings on the facebook development site almost correctly
how do I know this?
because when I change those variables in my script or adjust the settings
on facebook development server, I dont even get this far, I dont get asked to click ok or see my facebook profile in chrome.
what I dont know.
How to fix this redirect problem. or complete the authentication process. echo $user always returns 0.
my code looks like this:
require 'src/facebook.php';
$app_id = "xxxxxxxxxxxxxxxxxx";
$app_secret = "xxxxxxxxxxx";
$facebook = new Facebook(array(
'appId' => $app_id,
'secret' => $app_secret,
'cookie' => true
));
$user = $facebook->getUser();
echo $user;
if(($facebook->getUser())==0)
{
header("Location:{$facebook->getLoginUrl(array('req_perms' =>
'user_status,publish_stream,user_photos,offline_access,manage_pages'))}");
exit;
}
thanks for any help
changing the setting to no when asked" is this a desktop app? " in the advanced section of app configuration on developers.facebook.com seem to resolve this issue.
This question already has answers here:
Closed 10 years ago.
Possible Duplicate:
Facebook API error 191
I am getting the following error with some code that I am using. The error is
API Error Code: 191
API Error Description: The specified URL is not owned by the application
Error Message: redirect_uri is not owned by the application.
<?php
$facebook = new Facebook(array('appId' => $app_id,'secret' => $app_secret,'cookie' => true));
if($facebook->getUser() < 1)
{
$red_url = $page_url.'?sk=app_'.$app_id;
$redir = $facebook->getLoginUrl(array('redirect_uri'=>$red_url,'next'=>$red_url,'scope'=>'offline_access,publish_stream,status_update,photo_upload,user_birthday'));
echo "<script>top.location.href='".$redir."';</script>";
exit;
}
$user = $facebook->api('/me');
Can any one explain how to get around this and why this happens?
When you open a Facebook application you need to set the domain/s under which your application is intended to run - and (almost) every place that your app gets in contact with facebook (especially client side) must be from a url from the same domain (or a subdomain of it)
in your case you told asked facebook to authorize the app for the user and then redirect him to $red_url which I understand to be the page where your app is installed - BUT this link is not under the domain of your application (unless you registered facebook.com as your app domain in the application dashboard
if you want to redirect the user to that specific tab - you may create a proxy file under the domain of your application that will redirect the user to the tab, for example:
lets say you registered mydomain.com as your app domain in the app dashboard . then - create a file named redirect.php for example that will conatin the following script and put it under http://www.mydomain.com/my_directory/redirect.php :
<?php
$app_id ="ENTER_YOUR_APP_ID_HERE";
$page_url = "ENTER_THE_PAGE_URL_HERE"; //for example: http://www.facebook.com/techmarketing.co.il
$red_url = $page_url.'?sk=app_'.$app_id;
header("Location: {$red_url}");
and your script will change to be:
<?php
$facebook = new Facebook(array('appId' => $app_id,'secret' => $app_secret,'cookie' => true));
if($facebook->getUser()==0)
{
$red_url = "http://www.mydomain.com/my_directory/redirect.php";
$redir = $facebook->getLoginUrl(array('redirect_uri'=>$red_url,'next'=>$red_url,'scope'=>'offline_access,publish_stream,status_update,photo_upload,user_birthday'));
echo "<script>top.location.href='".$redir."';</script>";
exit;
}
$user = $facebook->api('/me');
Can you say "cross site scripting" ;)?
WORKAROUND:
Browser, Edit Setting, Web Site
<= add site URL to the app settings
Here's a bit more background:
*
http://techblog.hybris.com/2012/06/05/oauth2-the-implicit-flow-aka-as-the-client-side-flow/
redirect_uri: The server configured a redirect_uri (which we strongly recommend)
which needs to match the settings for the client_id. Client_id and
redirect_uri are both server-side settings that the app developer
needs to get at beforehand.
You need to tell Facebook that your app is allowed access to that website.
Edit your app settings (via the FB developer dashboard). On the basic settings page, click on 'Website with Facebook Login' and enter your site address.
I created an App (inside a Page Tab).
Now I check if the App has all permissions, if not I ask for them:
//$app_url = Url to Page Tab
'<script>top.location.href = "'.$facebook->getLoginUrl('next' => $app_url, 'scope' => $scope).'";</script>'
Now I want that it redirect to the Page Tab (App) after asking for permissions, but it always redirects to my domain.
Tried it first with 'redirect_uri', but that throws errors (outdated), and also with 'next'.
Any ideas, except checking in the APP if the User is on Facebook?
ps. couldn't find a up to date solution.
edit:
Just saw when I try the app as a admin the following error is displayed:
API Error Code: 191
API Error Description: The specified URL is not owned by the application
For redirect to your app Tab, if you use PHP Facebook SDK you can do:
$signedRequest = $facebook->getSignedRequest();
if(!empty($signedRequest) && !empty($signedRequest['page']['id'])){
$page = $facebook->api($signedRequest['page']);
}
$redirect_uri = $page['link'] . '?sk=app_' . $facebook->getAppId();
$loginUrl = $facebook->getLoginUrl(array(
'scope' => 'publish_actions',
'redirect_uri' => $redirect_uri
));
And then, in your HTML you put:
<script>top.location.href = "<?php echo $loginUrl; ?>";</script>
Also, in your APP configuration you have to point (Page Tab URL & Secure Page Tab URL) to your domain and folder where is your application.
I'm upgrading my existing FB apps, and going absolutely bonkers trying to get a simple PHP iframe canvas app to authorize and authenticate (as well as use SSL). Never looked through so many examples...
Here's where I'm stuck: After the user authorizes the app, and the app authenticates the user (I am able to make a graph request with the token OK), the redirect_uri happens, and the whole page refreshes, leaving Facebook and thenjust shows me the contents of my "Canvas URL" page (with my server's domain), rather than iframed on Facebook.
I currently have this as a crude two step process...
Here's what my code looks like on the first page (index.php):
<?php
require('src/facebook.php');
$app_id = '123456789';
$app_secret = '1234secrets1234';
$canvas_page = "https://apps.facebook.com/123456789/";
$canvas_url = "https://myserver.com/apptest/";
$code = $_REQUEST['code'];
if(!$code){
$display= 'page';
$scope= 'manage_pages, offline_access, read_insights, publish_stream, user_about_me, user_likes, email';
$redirect_url = 'https://myserver.com/apptest/step2.php';
$oauth_url = 'https://www.facebook.com/dialog/oauth?canvas=1&client_id='.$app_id.'&display='.$display.'&redirect_uri='.urlencode($redirect_url).'&scope='.$scope;
$config = array('appId' => $app_id,'secret' => $app_secret,'cookie' => true,'domain' => true);
$facebook_client = new Facebook($config);
echo "<script type=\"text/javascript\">top.location.href = \"".$oauth_url."\";</script>";
}
?>
and the second page (step2.php):
<?php
require('src/facebook.php');
$app_id = '123456789';
$app_secret = '1234secrets1234';
$canvas_page = "https://apps.facebook.com/123456789/";
$canvas_url = "https://myserver.com/apptest/";
if($_REQUEST['code']){
$code=$_REQUEST['code'];
$redirect_url = 'https://myserver.com/apptest/step2.php';
$link="https://graph.facebook.com/oauth/access_token?canvas=1&client_id=".$app_id."&redirect_uri=".urlencode($redirect_url)."&client_secret=".$app_secret."&code=".$code;
$string = file_get_contents($link);
$auth_token=substr($string, 13, 150);
$graph_url = "https://graph.facebook.com/me?access_token=".$auth_token;
$user = json_decode(file_get_contents($graph_url));
echo("Hello " . $user->name);
}
Again, once the user has authorized the app, and the app has authenticated the user, the graph call works.
Any ideas?
When navigating to the OAuth dialog the web page (not the frame your app is in) is navigated to the OAuth URL. To get back into the Facebook iframe after authentication you need to set the OAuth redirect URL to the canvas_page URL. The code shown above is navigating to the URL of myserver when redirected so your app takes up the entire page (because you left the Facebook iframe when navigating to the OAuth dialog). Your code at canvas_url needs to determine if it is being entered from authorization (success or failure) or if it is being entered with a valid access token after authentication.
Also your canvas_page URL appears to be comprised of the facebook apps host and your application ID. It should be the facebook apps host and your application name (the redirect URL should be the same as the "Canvas Page" URL on your app's developer page).
Well I did get this working. On the app > settings > basic I hadn't set a namespace, so the URL it gave me for the app on facebook was like this: https://apps.facebook.com/123456789/ and now with the namespace they changed it to: https://apps.facebook.com/myappname. So that may have been it. I tried to carefully follow the simple PHP autorization demo on this page: https://developers.facebook.com/docs/appsonfacebook/tutorial/ and it seems to work ok now.
Thanks for the help!