I'm trying to implement facebook login for my website using facebook PHP-SDK with codeigniter by following this example: https://shareurcodes.com/blog/facebook%20php%20sdk%20v5%20with%20codeigniter
From what I have seen from other questions on this subject I checked for given answers/common mistakes but http://localhost/fbcallback is already in my app's Valid OAuth redirect URIs and putting/removing '/' from the end of the url is not helping.
I created two controllers the first one: fblogin.php
<?php defined('BASEPATH') OR exit('No direct script access allowed');
class Fblogin extends CI_Controller{
public function index(){
require_once '{path}/Facebook/autoload.php';
$fb = new Facebook\Facebook([
'app_id' => '{app-id}',
'app_secret' => '{app-secret}',
'default_graph_version' => 'v2.5',
]);
$helper = $fb->getRedirectLoginHelper();
$permissions = ['email','user_location','user_birthday','publish_actions'];
// For more permissions like user location etc you need to send your application for review
$loginUrl = $helper->getLoginUrl('http://localhost/fbcallback', $permissions);
header("location: ".$loginUrl);
}
}
second one: fbcallback.php
<?php defined('BASEPATH') OR exit('No direct script access allowed');
class Fbcallback extends CI_Controller{
public function index(){
require_once '{path}/Facebook/autoload.php';
$fb = new Facebook\Facebook([
'app_id' => '{app-id}',
'app_secret' => '{app-secret}',
'default_graph_version' => 'v2.5',
]);
$helper = $fb->getRedirectLoginHelper();
if (isset($_GET['state'])) {
$helper->getPersistentDataHandler()->set('state', $_GET['state']);
}
try {
$accessToken = $helper->getAccessToken();
} catch(Facebook\Exceptions\FacebookResponseException $e) {
// When Graph returns an error
echo 'Graph returned an error: ' . $e->getMessage();
exit;
} catch(Facebook\Exceptions\FacebookSDKException $e) {
// When validation fails or other local issues
echo 'Facebook SDK returned an error: ' . $e->getMessage();
exit;
}
try {
// Get the Facebook\GraphNodes\GraphUser object for the current user.
// If you provided a 'default_access_token', the '{access-token}' is optional.
$response = $fb->get('/me?fields=id,name,email,first_name,last_name,birthday,location,gender', $accessToken);
// print_r($response);
} catch(Facebook\Exceptions\FacebookResponseException $e) {
// When Graph returns an error
echo 'ERROR: Graph ' . $e->getMessage();
exit;
} catch(Facebook\Exceptions\FacebookSDKException $e) {
// When validation fails or other local issues
echo 'ERROR: validation fails ' . $e->getMessage();
exit;
}
// User Information Retrieval begins................................................
$me = $response->getGraphUser();
$location = $me->getProperty('location');
echo "Full Name: ".$me->getProperty('name')."<br>";
echo "First Name: ".$me->getProperty('first_name')."<br>";
echo "Last Name: ".$me->getProperty('last_name')."<br>";
echo "Gender: ".$me->getProperty('gender')."<br>";
echo "Email: ".$me->getProperty('email')."<br>";
echo "location: ".$location['name']."<br>";
echo "Birthday: ".$me->getProperty('birthday')->format('d/m/Y')."<br>";
echo "Facebook ID: <a href='https://www.facebook.com/".$me->getProperty('id')."' target='_blank'>".$me->getProperty('id')."</a>"."<br>";
$profileid = $me->getProperty('id');
echo "</br><img src='//graph.facebook.com/$profileid/picture?type=large'> ";
echo "</br></br>Access Token : </br>".$accessToken;
}
}
When I go to http://localhost/fblogin it asks for necessary permissions (email, user location, user birthday , publish actions) but after I give the permissions and redirected to http://localhost/fbcallback I get the following error:
Graph returned an error: Error validating verification code. Please make sure your redirect_uri is identical to the one you used in the OAuth dialog request.
While I was playing around i realised if I change $loginUrl variables in vendor/facebook/graph-sdk/src/Facebook/Authentication/OAuth2Client.php to http://localhost/fbcallback as shown below everything works as intended. So I suspected maybe there is a problem while passing the $loginUrl parameter, and traced my code but couldn't find anything problematic.
public function getAuthorizationUrl($loginUrl, $state, array $scope = [], array $params = [], $separator = '&')
{
$params += [
'client_id' => $this->app->getId(),
'state' => $state,
'response_type' => 'code',
'sdk' => 'php-sdk-' . Facebook::VERSION,
'redirect_uri' => 'http://localhost/fbcallback', //instead of {$redirectUrl}
'scope' => implode(',', $scope)
];
What really got me confused is if I change DocumentRoot of my server and copy the above two controllers with the facebook-sdk library everything works just fine again in the new directory. So maybe there is a conflict with one of the files in the current directory? I searched for it but couldn't find anything that may conflict.
Thanks in advance!
The getAccessToken method of the FacebookRedirectLoginHelper generates the API request URL to exchange the code for a token, that includes the redirect_uri parameter.
If this is not explicitly specified as parameter when you call the method, it is determined internally and falls back to the current script URL/route.
So this works without specifying the redirect URI as long as you handle generation of the login URL and processing of the resulting code parameter under the same route resp. under the same script URL; but if those two are different, then you need to specify it when calling getAccessToken.