1

I have created a class that generates a URL that authorized my users with Facebook. Here it is: https://www.facebook.com/dialog/oauth?response_type=code&client_id=...&scope=email%2Cuser_about_me%2Cuser_friends%2Cuser_hometown%2Cuser_location%2Cuser_work_history%2Cuser_education_history%2Cpublish_actions&state=...&redirect_uri=http%3a%2f%2flocalhost%3a53016%2fsocial%2fcallback%3fvariables%3dY2FsbGJhY2tfdXJsOi9MYW5kaW5nO2ZhbGxiYWNrX3VybDovQ29uc3VsdGFudC9TaWduVXA7bWV0aG9kOjE7cHJvdmlkZXI6MQ%3d%3d

This URL works just fine and returns back to my callback function. I'm able to convert the base64 string to my variables that I pass along with my URL. The trouble that I am facing is that Facebook doesn't recognize the URL to give me the access_token. This the return URL that I send to Facebook for the access_token. https://graph.facebook.com/oauth/access_token?client_id=...&client_secret=...&code=...&redirect_uri=http%3a%2f%2flocalhost%3a53016%2fsocial%2fcallback%3fvariables%3dY2FsbGJhY2tfdXJsOi9MYW5kaW5nO2ZhbGxiYWNrX3VybDovQ29uc3VsdGFudC9TaWduVXA7bWV0aG9kOjE7cHJvdmlkZXI6MQ%3d%3d

(I have cleared out the client_id and client_secret for obvious reasons.)

Can anyone notice what I am doing wrong here?

Whymarrh
  • 13,139
  • 14
  • 57
  • 108
sroye98
  • 173
  • 2
  • 11

2 Answers2

1

Perry thank you for your help. I was able to figure out what the problem was on my project. When I was encoding my parameters to Base64 I wasn't using the proper methods to convert it to String. This answer on stackoverflow helped me figure out what I was doing wrong.

C# Method like Base64String, but only alphanumeric (no plus or slash)

The answer in particular is from Mason G. Zhwiti. I was just doing Convert.Base64String instead of HttpServerUtility.UrlTokenEncode(byte[] b). After I did that I was able to get my response. I seemed that my URL had two equal symbols at the end. That was throwing off Facebooks URL validation. Once I did the appropriate method it started working.

I hope this helps anyone else who is struggling with this type of problem.

Community
  • 1
  • 1
sroye98
  • 173
  • 2
  • 11
0

What is the specific error message - was it unauthorized redirect_uri?

I'm kind of oblivious to the variables - what are they for?

It doesn't seem like you should be doing the callback to a querystring URL, but maybe that's OK. When I first implemented OAuth2, I had the API calls originate from and callback to specific URLs for each provider, such as mysite.com/login-google.php or mysite.com/login-facebook.php, but now I have the callbacks point to the main site URL (mysite.com). Since we have index.php at the main site URL, we can intercept the callback in index.php and route them to the desired provider script (login-google.php or login-facebook.php) which cleans up the callback URLs and makes them a no-brainer for end-users to work with.

Your callback URL:

http://localhost:53016/social/callback?variables=Y2FsbGJhY2tfdXJsOi9MYW5kaW5nO2ZhbGxiYWNrX3VybDovQ29uc3VsdGFudC9TaWduVXA7bWV0aG9kOjE7cHJvdmlkZXI6MQ==

Can you access that callback URL in a browser? Code it up to throw an error or output a debug message so you know the callback URL is working.

I've documented the OAuth2 flow for Facebook quite cleanly in this code: https://github.com/perrybutler/WP-OAuth/blob/master/login-facebook.php

Hope it all helps...

perry
  • 266
  • 1
  • 6
  • Thank perry for your response. I am able to call that URL in the browser. When I receive the proper code from Facebook and I try to exchange the code for the access_token this is the error message that I get: {"error":{"message":"Error validating verification code. Please make sure your redirect_uri is identical to the one you used in the OAuth dialog request","type":"OAuthException","code":100}} Any help on this is greatly appreciated. – sroye98 Oct 14 '14 at 16:15
  • I forgot to mention, during the Facebook App setup you also must click Add Platform and then supply your site URL. See: https://www.facebook.com/help/community/question/?id=542958419109491 – perry Oct 14 '14 at 16:30
  • Take note of Jim Hunter's comment in this question which states that Facebook seems to require a trailing slash in your Redirect URL: http://stackoverflow.com/questions/13440076/oauth-facebook-access-token-not-working-need-oauth-expert – perry Oct 14 '14 at 16:33
  • This might be relevant as well: http://stackoverflow.com/questions/3707738/facebook-oauth-redirect-uri-problem-given-url-is-not-permitted-by-the-applicati?rq=1 – perry Oct 14 '14 at 17:25
  • Since I can't add comments to your post (lack of rep) I'm responding here. Nice job figuring that out. I had a feeling those two equal signs were bad news, thanks for confirming! I have to say this was a pretty obscure issue... – perry Oct 14 '14 at 18:33