使用严格和GET参数登录Facebook Oauth
[英]Facebook Oauth login using strict and GET parameters
问题描述
I have done some research and got a specific problem with facebook login SDK. 
我已经进行了一些研究,并使用Facebook登录SDK遇到了特定问题。 I use the PHP SDK. 我使用PHP SDK。 So, as from march 2018 all facebook developers will be seing "Use Strict Mode for Redirect URIs" turned on (and cannot turn it off). 因此,从2018年3月开始,所有Facebook开发人员都将启用“对重定向URI使用严格模式”(并且无法将其关闭)。 My website was working fine before the latesr API update. 在更新latesr API之前,我的网站运行正常。 The basic login logic was this: 基本的登录逻辑是这样的:
Users go to https://my-website.com/take.php?someGetParam=here-goes-the-parameter . 用户访问https://my-website.com/take.php?someGetParam=here-goes-the-parameter 。
If there is no facebook user logged in, the current user will be redirected to the facebook login dialog, will check the permissions and on success the user will be redirected back to the URL above, and then will be redirected to another page. 如果没有Facebook用户登录,则当前用户将被重定向到facebook登录对话框,将检查权限,成功后,该用户将被重定向回上面的URL,然后将被重定向到另一个页面。
As from now, with the newest changes, in order for the login flow with this GET Parameters to work, I have to manually insert them in the "Valid OAuth redirect URIs" field in the facebook developers dashboard of my API like this: 从现在开始,以最新的更改,为了使具有此GET参数的登录流正常工作,我必须手动将其插入API的Facebook开发人员仪表板的“有效OAuth重定向URI”字段中,如下所示:
https://my-website.com/take.php?someGetParam=parameter-1 https://my-website.com/take.php?someGetParam=parameter-1
https://my-website.com/take.php?someGetParam=parameter-2 https://my-website.com/take.php?someGetParam=parameter-2
https://my-website.com/take.php?someGetParam=parameter-3 https://my-website.com/take.php?someGetParam=parameter-3
and so on... 等等...
otherwise I get the error:The domain of this URL isn't included in the app's domains. 否则,我将收到错误消息:该URL的域未包含在应用程序的域中。 To be able to load this URL, add all domains and subdomains of your app to the App Domains field in your app settings. 为了能够加载此URL,请将应用程序的所有域和子域添加到应用程序设置的“应用程序域”字段中。
Is there a way not to include manually this URLs (because there are many) but to insert only one and get the login flow to work. 有没有一种方法不手动包含此URL(因为有很多),而是仅插入一个并获得登录流程。 PS: I am trying to insert: PS:我想插入:
https://my-website.com/take.php https://my-website.com/take.php
OR 要么
https://my-website.com/take.php?someGetParam= https://my-website.com/take.php?someGetParam=
but no effect 但没有效果
2 个解决方案
解决方案1
2 已采纳 2018-03-20 02:39:37
You can add any value that you want in the state parameter. 您可以在state参数中添加所需的任何值。 The most frequent usage for this parameter is to prevent CSRF , but you can pass anything you would want to be sent back, even an encoded JSON. 此参数最常用的用法是防止CSRF ,但是您可以传递任何想要发送回的内容,甚至是编码的JSON。
This parameter will be returned to you and is exempted on the strict URL matching. 此参数将返回给您,并且在严格的URL匹配中将被豁免。
This is documented in Invoking the Login Dialog and Setting the Redirect URL 调用登录对话框和设置重定向URL中对此进行了说明。
state.
解决方案2
0 2018-03-28 11:52:01
I encountered a similar situation, I manged to solve it by setting the Valid " OAuth redirect URIs " as follows: 我遇到了类似的情况,我设法通过设置有效的“ OAuth重定向URIs ”来解决此问题,如下所示:
https://localhost/FacebookLogin/fb-callback.php?client_id=<insert_your_app_id_her>&return_scopes=true
Please note the following 请注意以下事项
Insert you facebook app id in the place holder in the sample url above.
在上面的示例网址中的占位符中插入您的Facebook应用ID。 Make sure you use the latest version of the SDK which is 5.6.2
确保使用最新版本的SDK,即5.6.2
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.