How to fix 'Facebook has detected MyApp isn't using a secure connection to transfer information.' error in Laravel

Question

I am trying to connect my app to facebook login with Laravel and socialite package.But i don't know why facebook show me this error. I searched internet but i couldn't find anything .How can i fix this error ?

I thought that if i make my connection with https it will work but after making https again error appears.

My code in laravel:

web.php

Route::get('login/{provider}', 'SocialController@redirect');
Route::get('login/{provider}/callback','SocialController@Callback');

SocialController.php

    public function redirect($provider)
    {
        return Socialite::driver($provider)->redirect();
    }

    public function Callback($provider){

        $userSocial =   Socialite::driver($provider)->stateless()->user();
        $users       =   User::where(['email' => $userSocial->getEmail()])->first();
        if($users){
            Auth::login($users);
            return redirect('/');
        }else{$user = User::create([
                'username'          => $userSocial->getName(),
                'email'         => $userSocial->getEmail(),
                'provider_id'   => $userSocial->getId(),
                'provider'      => $provider,
            ]);
            return redirect()->route('home');
        }
    }

So “make connection with https” means what exactly - just accessing the site via `https://`, or did you make additional changes in the configuration? — misorude, Aug 06 '19 at 09:48
@misorude, I think no i made connection with https:// but facebook show error again. Maybe this error mean something different — Ani, Aug 06 '19 at 10:09
So what does the address bar show when you try to call the login dialog - the value of the `redirect_uri` parameter, is that actually an HTTPS URL? — misorude, Aug 06 '19 at 10:12
when i try to login uri is like that https://www.facebook.com/v3.0/dialog/oauth?client_id=469859203797126&redirect_uri=http%3A%2F%2Fstatusco.test%2Flogin%2Ffacebook%2Fcallback&scope=email&response_type=code&state=5SmcNVacBJhR3OiPzSGsr9Urz0KUY7tTmfUmZrdG I think u are right because in the uri http written — Ani, Aug 06 '19 at 11:04
Probably just need to modify the configuration accordingly then, https://laravel.com/docs/5.8/socialite#configuration — misorude, Aug 06 '19 at 11:08
thanks a lot .i change FACEBOOK_URL in .env this error solved . But now i have new error do u know solution of this https://i.imgur.com/7OGEQ1A.png? — Ani, Aug 06 '19 at 11:14
You need to modify your settings in the app dashboard accordingly as well. — misorude, Aug 06 '19 at 11:16
@misorude, thanks bro . Everything works now. U helped me a lot i was searching it two days — Ani, Aug 06 '19 at 11:34
Does this answer your question? [facebook login on localhost without https](https://stackoverflow.com/questions/52712047/facebook-login-on-localhost-without-https) — Leonardo Soares e Silva, Dec 11 '19 at 23:20
@MammadliAnar, but how can you force facebook to use https for redirect instead of http (which it uses now?) — Ruslan Valeev, Jul 02 '20 at 16:30
I think problem was in generated link. Check .env file and correct http in there — Ani, Jul 14 '20 at 18:01

score 35 · Answer 1 · answered Jun 27 '21 at 08:19

35

You can do "Create Test App" and replace your App ID and Secret using the test app.

answered Jun 27 '21 at 08:19

mon

360
3
6

this solved it for me. – puerile Sep 25 '21 at 11:16

score 4 · Answer 2 · answered Oct 05 '20 at 19:50

4

The simple answer is - Facebook will send sensitive data to provided redirect_uri, so it is ensuring this connection is private, by forcing you to use valid SSL.

As long as you do not setup a valid domain with proper certificate, Facebook won't let you use production API.

answered Oct 05 '20 at 19:50

Karol Sobański

435
5
15

1

Where is this redirect_uri defined? I have a https ssl secure domain put in the App Domains, Site URL, Domains and Valid OAuth Redirect URIs in the Facebook console but it still uses `redirect_uri=http://domain` instead of https – Matt Jan 06 '21 at 17:25

score 3 · Answer 3 · edited Nov 16 '21 at 11:39

3

It looks like time expiration. I've just created another Facebook app and it works without that error.

edited Nov 16 '21 at 11:39

Malek Boubakri

820
2
17
36

answered May 30 '21 at 14:04

Vasiliy Shakhunov

370
3
13

score 1 · Answer 4 · answered Oct 01 '20 at 12:08

1

You can use ngrok to make your localthost https. download and run ngrok.exe.

Then run command ngrok.exe http {port}. In most cases, it will be 8000.

answered Oct 01 '20 at 12:08

K.M.S

91
2
8

1

Secure endpoint via ngrok required a paid plan. – imprfekt Jul 15 '21 at 16:49

score -6 · Answer 5 · edited Feb 21 '20 at 13:41

-6

In case of angular : try to serve your app in secured socket layer true mode as Facebook is detecting insecure connection

Use the following command:

ng serve --ssl true

edited Feb 21 '20 at 13:41

Waqar UlHaq

6,144
2
34
42

answered Feb 21 '20 at 10:31

Prakash Khadka

153
2
7

How to fix 'Facebook has detected MyApp isn't using a secure connection to transfer information.' error in Laravel

5 Answers5

Linked