9

I would like to add facebook login option to my website, following this tutorial. I did everything as it is in the tutorial, but I still get this error:

OAuthException: redirect_uri isn't an absolute URI

How is it possible to solve it?

This urls are generated by the facebookOAuthProvider. The website is not on localhost. It runs on a webserver, with https.

This is the relevant code:

    // redirect to Facebook
    $facebookOAuthProvider = $this->get('app.facebook_provider');
    $url = $facebookOAuthProvider->getAuthorizationUrl([
        // these are actually the default scopes
        'scopes' => ['public_profile', 'email'],
    ]);

    return $this->redirect($url);

It redirects to this url:

https://www.facebook.com/v2.3/dialog/oauth?scopes[0]=public_profile&scopes[1]=email&state=...&scope=public_profile,email&response_type=code&approval_prompt=auto&redirect_uri=/connect/facebook-check&client_id=...

The redirect_uri is indeed not an absolute url. But how is it possible to fix it?

Edit

If I add 'redirect_uri' => [$redir] then the url looks like this:

https://www.facebook.com/v2.3/dialog/oauth?scopes%5B0%5D=public_profile&scopes%5B1%5D=email&scopes%5B2%5D=user_location&redirect_uri%5B0%5D=https%3A%2F%2Fexample.com%2Fconnect%2Ffacebook-check&state=...&scope=public_profile%2Cemail&response_type=code&approval_prompt=auto&client_id=...

I can see the absolute redirect_uri in the generated url, but I still get this error, if I navigate to it

Redir is defined as:

$redir = $this->generateUrl('connect_facebook_check', array(), UrlGeneratorInterface::ABSOLUTE_URL);

Edit2

If I replace [$redir] with $redir then facebook redirects me correctly to /connect/facebook-check with a code, but I get a OAuthException: redirect_uri isn't an absolute URI. Check RFC 3986 there.

Iter Ator
  • 8,226
  • 20
  • 73
  • 164
  • 1
    I see you put a bounty on https://stackoverflow.com/q/40537114/1427878 ... does your service configuration look similar to the one used there? I guess you will have to pass `UrlGeneratorInterface::ABSOLUTE_URL` into the URL generation process somehow, otherwise it will create relative URLs by default when the protocol, domain and port match. https://symfony.com/doc/current/routing.html#generating-absolute-urls – CBroe Jul 26 '17 at 12:37
  • 1
    If I add `'redirect_uri' => [$redir]`, then I can see the absolute redirect_uri in the generated url, but I still get this error, if I navigate to it – Iter Ator Jul 26 '17 at 13:13
  • Maybe the url is encoded wrong – Iter Ator Jul 26 '17 at 13:18
  • Can you show what the full generated login dialog URL looks like? – CBroe Jul 26 '17 at 16:11
  • I edited the question – Iter Ator Jul 26 '17 at 16:19
  • _"I can see the absolute redirect_uri in the generated url, but I still get this error, if I navigate to it"_ - is the "original" version of that parameter still present at a later position in the query string? Then it would "overwrite" the one you see. And what's going on with the scopes parameter, that looks weird as well - first using scopes[0], scopes[1] to pass values as an array, followed by just scopes and a comma-separated list of permissions ... – CBroe Jul 26 '17 at 16:54
  • This is the full url. There are two id's in it, which were replaced by `...` – Iter Ator Jul 26 '17 at 17:11
  • @IterAtor Can you double check the error after you have made the absolute URL work? The URL you provide also needs to be registered with the OAuth provider as a valid callback URL before this will work – bly Aug 01 '17 at 16:10

1 Answers1

1

I don't know where you got the example code, but certainly not from the linked tutorial.

Facebook authorization is based on the fact that you generate a link to FB, the user goes to the FB and authorizes himself, and then the FB server redirects it back to you (along with whether or not it is authorized).

FB does not guess where to redirect user after login. You need to give him a full path with http(s) and the server name (and if I remember correctly, it is also compatible with that saved in the FB app)

The attached tutorial requires writing a controller with 2 methods (output and return) and corresponding entries in the configuration.

If you use this, then see how you have configured the provider. What is in redirectUri?

bato3
  • 2,695
  • 1
  • 18
  • 26