I'm using Parse Server to log in with Facebook on my website, but of course, I have all the code for Facebook PHP SDK to handle login, and it was working fine until a few days ago. ' This is the error I get while trying to login:
URL Blocked: This redirect failed because the redirect URI is not whitelisted in the app’s Client OAuth Settings. Make sure Client and Web OAuth Login are on and add all your app domains as Valid OAuth Redirect URIs.
My Facebook Login settings:
This is my fb-callback.php script:
<?php
require_once 'fb-autoload.php';
include 'Configs.php';
// include 'fbconfig.php';
$fb = new Facebook\Facebook([
'app_id' => $_GLOBALS["FACEBOOK_APP_ID"],
'app_secret' => $_GLOBALS["FACEBOOK_APP_SECRET"],
'default_graph_version' => 'v2.3',
]);
$helper = $fb->getRedirectLoginHelper();
if (isset($_GET['state'])) {
$helper->getPersistentDataHandler()->set('state', $_GET['state']);
}
try {
$accessToken = $helper->getAccessToken();
} catch(Facebook\Exceptions\FacebookResponseException $e) {
// When Graph returns an error
echo 'Graph returned an error: ' . $e->getMessage();
exit;
} catch(Facebook\Exceptions\FacebookSDKException $e) {
// When validation fails or other local issues
echo 'Facebook SDK returned an error: ' . $e->getMessage();
exit;
}
if (! isset($accessToken)) {
if ($helper->getError()) {
header('HTTP/1.0 401 Unauthorized');
echo "Error: " . $helper->getError() . "\n";
echo "Error Code: " . $helper->getErrorCode() . "\n";
echo "Error Reason: " . $helper->getErrorReason() . "\n";
echo "Error Description: " . $helper->getErrorDescription() . "\n";
} else {
header('HTTP/1.0 400 Bad Request');
echo 'Bad request';
}
exit;
}
// Logged in
// echo '<h3>Access Token:</h3>';
// var_dump($accessToken->getValue());
// The OAuth 2.0 client handler helps us manage access tokens
$oAuth2Client = $fb->getOAuth2Client();
// Get the access token metadata from /debug_token
$tokenMetadata = $oAuth2Client->debugToken($accessToken);
// echo '<h3>METADATA:</h3>';
// var_dump($tokenMetadata);
// Validation (these will throw FacebookSDKException's when they fail)
$tokenMetadata->validateAppId($_GLOBALS["FACEBOOK_APP_ID"]); // Replace {app-id} with your app id
// If you know the user ID this access token belongs to, you can validate it here
//$tokenMetadata->validateUserId('123');
$tokenMetadata->validateExpiration();
if (! $accessToken->isLongLived()) {
// Exchanges a short-lived access token for a long-lived one
try {
$accessToken = $oAuth2Client->getLongLivedAccessToken($accessToken);
} catch (Facebook\Exceptions\FacebookSDKException $e) {
echo "<p>Error getting long-lived access token: " . $helper->getMessage() . "</p>\n\n";
exit;
}
//echo '<h3>Long-lived</h3>';
//var_dump($accessToken->getValue());
}
$_SESSION['fb_access_token'] = (string) $accessToken;
// User is logged in with a long-lived access token.
// You can redirect them to a members-only page.
// header('Location: login.php');
// CHECK IF SESSION IS OK, GET GRAPH OBJECT AND GO BACK TO login.php
if (isset($_SESSION)) {
$response = $fb->get('/me?fields=id,name', $accessToken);
$node = $response->getGraphNode();
// Get ID, Name and Email of Facebook user
$fbid = $node->getField('id'); // To Get Facebook ID
$fbfullname = $node->getField('name'); // To Get Facebook full name
$femail = $node->getField('email'); // To Get Facebook email ID
// $token = $session->getToken(); // Get Access Token
$token = $_SESSION['fb_access_token'];
// ---- Session Variables -----
$_SESSION['FBID'] = $fbid;
$_SESSION['FULLNAME'] = $fbfullname;
$_SESSION['EMAIL'] = $femail;
$_SESSION['TOKEN'] = $token;
// ---- GO TO fb-login.php ----
header("Location: fb-login-confirm.php");
} else {
$loginUrl = $helper->getLoginUrl();
header("Location: ".$loginUrl);
}
?>
I don't know if I have to edit/add something else, as I said above, my FB login was working smoothly until a few days ago.
