[英]Facebook login Error. The “state” param from the URL and session do not match
[英]Facebook SDK error. The “state” param from the URL and session do not match, anext time i can log in errorless
首先描述你我得到的奇怪行为,我第一次尝试登录我被重定向到Facebook登录页面,我设置我的用户并通过然后我被送回我的网站,我得到上述错误:
Facebook SDK返回错误:跨站点请求伪造验证失败。 来自URL和会话的“状态”参数不匹配。
然后如果我重新加载页面没有Facebook代码在url( http://www.whateverxxxxxx.com/creartemporada.php- >>我从这里擦除....),并尝试再次登录我得到完美的日志在,通过再次点击de log me in link ....
<?php
session_start();
require_once dirname(__FILE__). '/src/Facebook/autoload.php';
$fb = new Facebook\Facebook([
'app_id' => 'xxxxxxxxxxxxxxxx',
'app_secret' => 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx',
'default_graph_version' => 'v2.9',
]);
$helper = $fb->getRedirectLoginHelper();
$permissions = ['email']; // optional
try {
if (isset($_SESSION['facebook_access_token'])) {
$accessToken = $_SESSION['facebook_access_token'];
} else {
$accessToken = $helper->getAccessToken();
}
} catch(Facebook\Exceptions\FacebookResponseException $e) {
// When Graph returns an error
echo 'Graph returned an error: ' . $e->getMessage();
exit;
} catch(Facebook\Exceptions\FacebookSDKException $e) {
// When validation fails or other local issues
echo 'Facebook SDK returned an error 1: ' . $e->getMessage(); // HERE IS WHERE I AM FIRST THROWN OUT::::
exit;
}
if (isset($accessToken)) {
if (isset($_SESSION['facebook_access_token'])) {
$fb->setDefaultAccessToken($_SESSION['facebook_access_token']);
} else {
// getting short-lived access token
$_SESSION['facebook_access_token'] = (string) $accessToken;
// OAuth 2.0 client handler
$oAuth2Client = $fb->getOAuth2Client();
// Exchanges a short-lived access token for a long-lived one
$longLivedAccessToken = $oAuth2Client->getLongLivedAccessToken($_SESSION['facebook_access_token']);
$_SESSION['facebook_access_token'] = (string) $longLivedAccessToken;
// setting default access token to be used in script
$fb->setDefaultAccessToken($_SESSION['facebook_access_token']);
}
// redirect the user back to the same page if it has "code" GET variable
if (isset($_GET['code'])) {
header('Location: creartemporada.php');
}
// getting basic info about user
try {
$profile_request = $fb->get('/me?fields=name,email,id,picture.width(800).height(800),cover.width(300).height(175)');
$profile = $profile_request->getGraphNode()->asArray();
} catch(Facebook\Exceptions\FacebookResponseException $e) {
// When Graph returns an error
echo 'Graph returned an error: ' . $e->getMessage();
session_destroy();
// redirecting user back to app login page
header("Location: ./");
exit;
} catch(Facebook\Exceptions\FacebookSDKException $e) {
// When validation fails or other local issues
echo 'Facebook SDK returned an error 2: ' . $e->getMessage();
exit;
}
// printing $profile array on the screen which holds the basic info about user
$logOut = $helper->getLogoutUrl($_SESSION['facebook_access_token'], 'http://www.whateverxxxxxx.com/logout.php');
echo "<a href='$logOut'>Log Out!</a>";
// Now you can redirect to another page and use the access token from $_SESSION['facebook_access_token']
} else {
// replace your website URL same as added in the developers.facebook.com/apps e.g. if you used http instead of https and you used non-www version or www version of your website then you must add the same here
$loginUrl = $helper->getLoginUrl('http://www.whateverxxxxxx.com/creartemporada.php', $permissions);
echo '<a href="' . $loginUrl . '">Log in with Facebook!</a>';
}
很抱歉重复我想发布我的代码的问题是错误的...
我发现这里的解决方案是最终的代码:
基本上我添加了$ _SESSION ['FBRLH_state'] = $ _ GET ['state'];
<?php
session_start();
require_once dirname(__FILE__). '/src/Facebook/autoload.php';
$fb = new Facebook\Facebook([
'app_id' => 'xxxxx',
'app_secret' => 'xxxxxx',
'default_graph_version' => 'v2.9',
]);
$helper = $fb->getRedirectLoginHelper();
$_SESSION['FBRLH_state']=$_GET['state'];
$permissions = ['email']; // optional
try {
if (isset($_SESSION['facebook_access_token'])) {
$accessToken = $_SESSION['facebook_access_token'];
} else {
$accessToken = $helper->getAccessToken();
}
} catch(Facebook\Exceptions\FacebookResponseException $e) {
// When Graph returns an error
echo 'Graph returned an error: ' . $e->getMessage();
exit;
} catch(Facebook\Exceptions\FacebookSDKException $e) {
// When validation fails or other local issues
echo 'Facebook SDK returned an error 1: ' . $e->getMessage();
exit;
}
if (isset($accessToken)) {
if (isset($_SESSION['facebook_access_token'])) {
$fb->setDefaultAccessToken($_SESSION['facebook_access_token']);
} else {
// getting short-lived access token
$_SESSION['facebook_access_token'] = (string) $accessToken;
// OAuth 2.0 client handler
$oAuth2Client = $fb->getOAuth2Client();
// Exchanges a short-lived access token for a long-lived one
$longLivedAccessToken = $oAuth2Client->getLongLivedAccessToken($_SESSION['facebook_access_token']);
$_SESSION['facebook_access_token'] = (string) $longLivedAccessToken;
// setting default access token to be used in script
$fb->setDefaultAccessToken($_SESSION['facebook_access_token']);
}
// redirect the user back to the same page if it has "code" GET variable
if (isset($_GET['code'])) {
header('Location: creartemporada.php');
}
// getting basic info about user
try {
$profile_request = $fb->get('/me?fields=name,email,id,picture.width(800).height(800),cover.width(300).height(175)');
$profile = $profile_request->getGraphNode()->asArray();
} catch(Facebook\Exceptions\FacebookResponseException $e) {
// When Graph returns an error
echo 'Graph returned an error: ' . $e->getMessage();
session_destroy();
// redirecting user back to app login page
header("Location: ./");
exit;
} catch(Facebook\Exceptions\FacebookSDKException $e) {
// When validation fails or other local issues
echo 'Facebook SDK returned an error 2: ' . $e->getMessage();
exit;
}
// printing $profile array on the screen which holds the basic info about user
$logOut = $helper->getLogoutUrl($_SESSION['facebook_access_token'], 'http://www.xxxxwhatever.com/logout.php');
echo "<a href='$logOut'>Log Out!</a>";
// Now you can redirect to another page and use the access token from $_SESSION['facebook_access_token']
} else {
// replace your website URL same as added in the developers.facebook.com/apps e.g. if you used http instead of https and you used non-www version or www version of your website then you must add the same here
$loginUrl = $helper->getLoginUrl('http://www.xxxxwhatever.com/creartemporada.php', $permissions);
echo '<a href="' . $loginUrl . '">Log in with Facebook!</a>';
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.