EDITS: See this picture: http://trackauthoritymusic.com/wwwroot/images/fb-issue-bug.jpg.
- For snapshots of the Network tab and all HTTPS headers from my page through FB's redirect.
- The windows in the image above show the var_dump's in the code below:
- For an access token I only get default the combined appId|secret.
- When I var_dump $_REQUESTS at the first point of contact from Facebook, I get nothing so know codeigniter is not stripping the values, but i'm definitely not getting an "signed_request" post from Facebook!
- I'm 85.1% sure my Facebook app settings are fine. I've made dozens of tweaks and resets while testing to no success.
- And when I switch the settings to client-side approach with the access token in the browser hash, i DO get a valid token, but am desperately trying to avoid all that javascript on my page and will need the php integrated anyway.
- All of this only happens once you've approved the app, and I can manually look up their membership in Insights, but know they can't access the app without seeing their token.
I had put this bug aside until now, since my ORIGINAL POST below April 24:....
It's been 3 days with trial-n-error and research:
My Environment: LAMP using facebook sdk 3 & CodeIgniter 2
Login Code:
$CI->load->library('facebook', array("appId"=>APP_ID, "secret"=>APP_SECRET));
$this->visitor['access_token'] = $CI->facebook->getAccessToken();
$fb_id = $CI->facebook->getUser();
var_dump($CI->facebook); // see picture above
var_dump($fb_id); // == 0
if ($fb_id && $fb_id > 0) {
$temp = $CI->users->getUserByFb($fb_id);
if (!$temp) {
$this->insertFBUser($fb_id);
$this->visitor['redirect'] = "?prompt=newfb";
} else {
$this->visitor = array_merge($this->visitor, $temp);
if (isset($this->visitor['user_allowed']) && $this->visitor['user_allowed'] == 0) {
$CI->users->updateUser(array("user_allowed" => 1), $this->visitor['user_id']);
}
}
} else {
array_push($this->errors, $CI->input->get_post("error_msg", false));
array_push($this->errors, $CI->input->get_post("error_code", false));
array_push($this->errors, $CI->input->get_post("error_reason", false));
array_push($this->errors, $CI->input->get_post("error", false));
array_push($this->errors, $CI->input->get_post("error_description", false));
if ($CI->input->get_post("autoclose", false) == true) {
array_push($this->errors, "javascript stackoverflow is encoding weird, but basically changes the hashtag of the pop-window, so the parent page automatically closes it");
}
var_dump($this->errors);
die("nada");
}
Research & Debugging:
This post describes my problem as well, but the solution did not work: stackoverflow.com/questions/8587098/suddenly-getuser-became-to-return-0-php-3-1-1-sdk with or without the trailing comma in the DROP_QUERY_PARAMS array on this page.
Facebook is sending me NO error messages in the url, post, or session and scraping my page fine
EVERYTHING worked fine a few days ago and i've changed very little around this code.
The login now fails whether i use http or https
The popup link opens at:
www.facebook.com/dialog/oauth?client_id=222912307731474&redirect_uri=https%3A%2F%2Ftrackauthoritymusic.com%2Fmanage%2Fusers%2Flogin%3Fautoclose%3Dtrue&state=4522cb9da5bf5107d690a22eee6c5a2e&scope=email&display=popup while redirecting successfully to my desired login url with both state and code parameters apparently valid: trackauthoritymusic.com/manage/users/login?autoclose=true&state=4522cb9da5bf5107d690a22eee6c5a2e&code=AQBfSkI4y_VxhCuF3coVvNmjetdGZjugyFv0UsLlKt5sR5MEGdY8KqpDXZKvqHTGaSHhzY4pHXuR_zmilkwmoQ5y6M9jh15GPI6DXz5E2fSBizAVlrlebriNGcNZb4DRaDFK8cxPJoa9xB2ERuimtuizmlZERNa8hwJxLXtztqkWWhkLFCaGjQvAyyf5jJRkuoztmvfKDIZz3W9lslM6fk_m
but at this point, the sdk cannot get any access token or facebook session data.
PLEASE HELP!
redirect_uricoming as/manage/users/login?autoclose=true– I mean, you must have put that in somewhere yourself, right? And the parameters sounds like they are advising your system to destroy any user session … and doing that right after a successful Facebook login of course does not lead to what you want. - CBroe