I've been trying to implement the Facebook OAuth SDK for the past couple of days but keep running into a weird broken link error.
I have followed their instructions on the facebook SDK and used this code for login.php (???? to censor app ID and secret)
$fb = new Facebook\Facebook ([
'app_id' => '????????????????',
'app_secret' => '????????????????',
'default_graph_version' => 'v.2.4'
]);
$helper = $fb->getRedirectLoginHelper();
$loginUrl = $helper->getLoginUrl('http://url.ca/login-callback.php');
This redirects to the login-callback.php file which is what Facebook recommends. Using their provided template code for login-callback.php, mine looks like this:
<?php
session_start();
require_once 'src/Facebook/autoload.php';
//Create the Facebook service
$fb = new Facebook\Facebook ([
'app_id' => '????????????????',
'app_secret' => '????????????????',
'default_graph_version' => 'v.2.4'
]);
$helper = $fb->getRedirectLoginHelper();
try {
$accessToken = $helper->getAccessToken();
} catch(Facebook\Exceptions\FacebookResponseException $e) {
// When Graph returns an error
echo 'Graph returned an error: ' . $e->getMessage();
exit;
} catch(Facebook\Exceptions\FacebookSDKException $e) {
// When validation fails or other local issues
echo 'Facebook SDK returned an error: ' . $e->getMessage();
exit;
}
if (isset($accessToken)) {
// Logged in!
$_SESSION['facebook_access_token'] = (string) $accessToken;
// Now you can redirect to another page and use the
// access token from $_SESSION['facebook_access_token']
}
?>
But after being redirected from login.php (clicking on the a href element), I arrive at this:
Sorry, this page isn't available
The link you followed may be broken, or the page may have been removed.
On the Facebook page, no prompt to login, no nothing. I've made my app public already and added this Url to the app as well as ensuring OAuth is enabled, but nothing seems to be working. Does anyone with experience using Facebook OAuth have any idea what's going on?
Is that 'v.2.4' a typo in your question?
The string used in the API should be v2.4 - if you have an extra '.' it's linking you to a URL similar to the real URL of the login dialog, but with an invalid version number in the path
Related
I have a website with a working user signup and login system. Recently, I decided that I should add Facebook signup option. I wish to add a Facebook sign in button in the signup page and get their email, first name and last name on sign in so they don't have to insert their details.
I read though most of the Facebook developer help docs including:
https://developers.facebook.com/docs/php/howto/example_facebook_login
https://developers.facebook.com/docs/php/howto/example_retrieve_user_profile
Those links tells me how to let a user to login and how to get user data from their profile.
I understand how all those parts work but I don't know how to put them together. Can anyone please teach me how to do so? Thank you soooo much!
Ok, I finally found how to do it...
So, the first part is to set up files correctly. Here is how you do it:
Download the php sdk kit from fb (here)
Place the files in the "src" folder to your website main directory
The second part is to make the page where you want to link with fb:
Include the fb autoload page in your php page by doing
require_once 'autoload.php'; at the top of the file
Authorize fb to use your app by placing
$fb = new Facebook\Facebook([
'app_id' => 'XXXXXXXXXXXXXXXX',
'app_secret' => 'XXXXXXXXXXXXXXXXXXXXXXXXXX',
'default_graph_version' => 'v2.6',
]);
right after the code in 1st step
This is basicly how you should start your code to link with fb user profile. The following code is what i used to get a user's name, email and profile image.
<?php
session_start();
require_once 'Facebook/autoload.php';
$fb = new Facebook\Facebook([
'app_id' => 'XXXXXXXXXXXXXXXX',
'app_secret' => 'XXXXXXXXXXXXXXXXXXXXXXXXXX',
'default_graph_version' => 'v2.6',
]);
$helper = $fb->getRedirectLoginHelper();
$permissions = ['email']; // optional
try {
if (isset($_SESSION['facebook_access_token'])) {
$accessToken = $_SESSION['facebook_access_token'];
} else {
$accessToken = $helper->getAccessToken();
}
} catch(Facebook\Exceptions\FacebookResponseException $e) {
// When Graph returns an error
echo 'Graph returned an error: ' . $e->getMessage();
exit;
} catch(Facebook\Exceptions\FacebookSDKException $e) {
// When validation fails or other local issues
echo 'Facebook SDK returned an error: ' . $e->getMessage();
exit;
}
if (isset($accessToken)) {
if (isset($_SESSION['facebook_access_token'])) {
$fb->setDefaultAccessToken($_SESSION['facebook_access_token']);
} else {
// getting short-lived access token
$_SESSION['facebook_access_token'] = (string) $accessToken;
// OAuth 2.0 client handler
$oAuth2Client = $fb->getOAuth2Client();
// Exchanges a short-lived access token for a long-lived one
$longLivedAccessToken = $oAuth2Client->getLongLivedAccessToken($_SESSION['facebook_access_token']);
$_SESSION['facebook_access_token'] = (string) $longLivedAccessToken;
// setting default access token to be used in script
$fb->setDefaultAccessToken($_SESSION['facebook_access_token']);
}
// redirect the user back to the same page if it has "code" GET variable
if (isset($_GET['code'])) {
header('Location: ./');
}
// getting basic info about user
try {
$profile_request = $fb->get('/me?fields=name,first_name,last_name,email');
$requestPicture = $fb->get('/me/picture?redirect=false&height=300');
$picture = $requestPicture->getGraphUser();
$profile = $profile_request->getGraphNode()->asArray();
} catch(Facebook\Exceptions\FacebookResponseException $e) {
// When Graph returns an error
echo 'Graph returned an error: ' . $e->getMessage();
session_destroy();
// redirecting user back to app login page
header("Location: ./");
exit;
} catch(Facebook\Exceptions\FacebookSDKException $e) {
// When validation fails or other local issues
echo 'Facebook SDK returned an error: ' . $e->getMessage();
exit;
}
// printing $profile array on the screen which holds the basic info about user
// Now you can redirect to another page and use the access token from $_SESSION['facebook_access_token']
} else {
// replace your website URL same as added in the developers.facebook.com/apps e.g. if you used http instead of https and you used non-www version or www version of your website then you must add the same here
$loginUrl = $helper->getLoginUrl('http://xxxxx', $permissions);
echo '<META HTTP-EQUIV="refresh" content="0;URL=' . $loginUrl . '">';}
?>
I wish that this could help anyone who is also stuck like me, bye~
So I posted a question the other day about a bug I was having while trying to implement facebook login using the facebook php-sdk on my site: After changing website domain, facebook login returns error "This authorization code has been used" . I've been getting an error message "This authorization code has been used" on my callback page (see below).
However, I set up a counter (see code below) using a session on the page to see how often it was being loaded. In fact, I found the page was being loaded twice each time I clicked the login button, and therefore the authorisation code is being loaded twice on two pages, resulting in the error. My problem now is solving why the page loads twice. If anyone can tell me I would be very grateful.
If it helps, here is my code.
/index.php
<?php
$fb = new Facebook\Facebook([
'app_id' => '{APP ID}',
'app_secret' => '{APP SECRET}',
'default_graph_version' => 'v2.1',
]);
$helper = $fb->getRedirectLoginHelper();
$permissions = ['email']; // Optional permissions
$fbLink = $helper->getLoginUrl('http://{domain}/facebook-callback.php', $permissions);
?>
Login
/facebook-callback.php
<?php
session_start();
//session counter (note: this increments 2 each time, when it should only increment 1)
if (isset($_SESSION["counter"])) {
$_SESSION["counter"] = $_SESSION["counter"]+1;
} else {
$_SESSION["counter"] = 0;
}
echo $_SESSION["counter"];
if (($loader = require_once '/var/www/html/vendor/autoload.php') == null) {
die('Vendor directory not found, Please run composer install.');
}
$fb = new Facebook\Facebook([
'app_id' => '{app id}',
'app_secret' => '{app secret}'
]);
$helper = $fb->getRedirectLoginHelper();
try {
$accessToken = $helper->getAccessToken();
} catch(Facebook\Exceptions\FacebookResponseException $e) {
echo 'Graph returned an error: ' . $e->getMessage();
} catch(Facebook\Exceptions\FacebookSDKException $e) {
echo 'Facebook SDK returned an error: ' . $e->getMessage();
}
...
//My code is longer than this but I get the error from the try statement above, so I did not think it necessary to add it here.
?>
Hope I've given enough information. I will praise whoever finds an answer to this, as I've been struggling with it for days now.
I'm implementing a new app that uses Facebook login:
On developers.facebook.com I set the Settings:
App Domains: (empty)
Site URL: http://localhost/site/
Client OAuth Login: Yes
Web OAuth Login: Yes
Force Web OAuth Reauthentication: No
Embedded Browser OAuth Login: No
Valid OAuth redirect URIs: http://localhost/site/externallogin/
And in my app the login link:
$facebook = new Facebook\Facebook([
'app_id' => FB_APP_ID,
'app_secret' => FB_APP_SECRET,
'default_graph_version' => 'v2.5',
]);
$helper = $facebook->getRedirectLoginHelper();
$permissions = ['email', 'public_profile', 'user_friends'];
$loginUrl = $helper->getLoginUrl("http://localhost/site/externallogin", $permissions);
echo 'Log in with Facebook!<hr>';
And my externallogin page:
$helper = $facebook->getRedirectLoginHelper();
try {
$accessToken = $helper->getAccessToken();
} catch(Facebook\Exceptions\FacebookResponseException $e) {
// When Graph returns an error
echo 'Graph returned an error: ' . $e->getMessage();
exit;
} catch(Facebook\Exceptions\FacebookSDKException $e) {
// When validation fails or other local issues
echo 'Facebook SDK returned an error: ' . $e->getMessage();
exit;
}
But When I'm redirect I got the following error:
Graph returned an error: Error validating verification code. Please
make sure your redirect_uri is identical to the one you used in the
OAuth dialog request
I've tried to change default_graph_version to 2.2, change the Valid OAuth redirect URIs and the return url to all kinds, but nothing, the same.
I've read everything related with this and tried all the approach, but still the same.
I don't know what can be causing this error.
My question is: How can I fix this error I get the the access token correctly.
print 1
print 2
The page $helper->getAccessToken() runs on must be the exact same URL you provide to $helper->getLoginUrl(). As you've indicated http://localhost/site/externallogin redirects to http://localhost/site/externallogin/ on your webserver, add the / when you make $loginUrl:
$loginUrl = $helper->getLoginUrl("http://localhost/site/externallogin/", $permissions);
I have followed this tutorial https://www.sammyk.me/upgrading-the-facebook-php-sdk-from-v4-to-v5 and so far I have managed to integrate the SDK into codeignitor etc
In my controller I have
function facebook(){
require_once __DIR__ . '/../vendor/autoload.php';
$fb = new Facebook\Facebook([
'app_id' => 'xxx',
'app_secret' => 'xxx',
'default_graph_version' => 'v2.5',
]);
$helper = $fb->getRedirectLoginHelper();
$permissions = ['email', 'user_posts']; // optional
$callback = 'http://localhost/project/api/index.php/social/facebook-callback';
$loginUrl = $helper->getLoginUrl($callback, $permissions);
echo $loginUrl;
}
And this generates a url for me. I then follow this link and it takes me to facebook I click ok then it goes to a redirect page.
On that page i have
function facebook_callback(){
require_once __DIR__ . '/../vendor/autoload.php';
$fb = new Facebook\Facebook([
'app_id' => 'xxx',
'app_secret' => 'xxx',
'default_graph_version' => 'v2.5',
]);
$helper = $fb->getRedirectLoginHelper();
try {
$accessToken = $helper->getAccessToken();
} catch(Facebook\Exceptions\FacebookSDKException $e) {
// There was an error communicating with Graph
echo $e->getMessage();
exit;
}
if (isset($accessToken)) {
// User authenticated your app!
// Save the access token to a session and redirect
$_SESSION['facebook_access_token'] = (string) $accessToken;
// Log them into your web framework here . . .
// Redirect here . . .
exit;
} elseif ($helper->getError()) {
// The user denied the request
// You could log this data . . .
var_dump($helper->getError());
var_dump($helper->getErrorCode());
var_dump($helper->getErrorReason());
var_dump($helper->getErrorDescription());
// You could display a message to the user
// being all like, "What? You don't like me?"
exit;
}
// If they've gotten this far, they shouldn't be here
http_response_code(400);
exit;
}
When I land on the page I get as an error
Cross-site request forgery validation failed. Required param "state" missing.
Why does this happen? Is this to do with the sessions? I have followed the tutorial and nothing seems to work. Any other documents I have found I have tried to for example session_start(); and Overwriting Persistent Data but to no avail!
Any point in the right direction will be very much appreciated. I have googled this loads and there are no clear answers.
Best regards
Ok answer found!
Pay special attention to the Overwriting Persistent Data in the tutorial! So it is a session related issue. Also doing it late at night is ill-advised.
What I missed was that you have to start the process from scratch, ie facebook route and get a brand new url link, then paste that link in the url, and you will be redirected to the facebook_callback. And you will then get the data you require.
Answer here incase someone else falls in the "what the hell is going on (when late at night trap)!"
I am use this code from Facebook
https://developers.facebook.com/docs/php/gettingstarted/5.0.0
But now its show Facebook SDK returned an error: Cross-site request forgery validation failed. The "state" param from the URL and session do not match.
I cant understand whats wrong
my login callback page code
session_start();
require_once __DIR__ . '/facebook-php-sdk-v4-5.0-dev/src/Facebook/autoload.php';
$fb = new Facebook\Facebook([
'app_id' => 'xxxx',
'app_secret' => 'xxxxxxxx',
'default_graph_version' => 'v2.2',
]);
$helper = $fb->getRedirectLoginHelper();
try {
$accessToken = $helper->getAccessToken();
} catch(Facebook\Exceptions\FacebookResponseException $e) {
// When Graph returns an error
echo 'Graph returned an error: ' . $e->getMessage();
exit;
} catch(Facebook\Exceptions\FacebookSDKException $e) {
// When validation fails or other local issues
echo 'Facebook SDK returned an error: ' . $e->getMessage();
exit;
}
if (isset($accessToken)) {
// Logged in!
$_SESSION['facebook_access_token'] = (string) $accessToken;
// Now you can redirect to another page and use the
// access token from $_SESSION['facebook_access_token']
$_SESSION['facebook_access_token'];
}
Insert this code after: $helper = $fb->getRedirectLoginHelper();
$_SESSION['FBRLH_state']=$_GET['state'];
and it will work or for more detail visit facebook login apps
You are likely not accessing your server using the domain registered to the app. Are you running your webserver on localhost? If so, edit your /etc/hosts file to include something like
127.0.0.1 local.<yourdomain>.com
and then go to local..com and that should take care of it