I'm trying to activate Login via Facebook on my website that is built using Yii2 framework, but the Login is always failing, although the facebook app is authorizing the facebook account used in the login.
The response is always this error:
Request failed with code: 400, message: Error validating client
secret.
Im using yii2's authclient:
return [
'class' => 'yii\authclient\Collection',
'clients' => [
'facebook' => [
'class' => 'yii\authclient\clients\Facebook',
'authUrl' => 'facebook.com/dialog/oauth',
//Prod
'clientId' => 'appidhere',
'clientSecret' => 'appsecrethere',
'scope' => 'email, user_friends, public_profile',
.....
The app id and app secret are correct, and the fb app settings are correct as well.
Here's what the request looks like:
yii\httpclient\Request Object ( [_url:yii\httpclient\Request:private]
=> graph.facebook.com/oauth/access_token [_fullUrl:yii\httpclient\Request:private] =>
[_method:yii\httpclient\Request:private] => POST
[_options:yii\httpclient\Request:private] => Array ( [userAgent] => My
Application OAuth 2.0 Client [timeout] => 30 [sslVerifyPeer] => )
[isPrepared:yii\httpclient\Request:private] => [client] =>
yii\httpclient\Client Object ( [baseUrl] => graph.facebook.com
[formatters] => Array ( ) [parsers] => Array ( ) [requestConfig] =>
Array ( ) [responseConfig] => Array ( ) [contentLoggingMaxSize] =>
2000 [_transport:yii\httpclient\Client:private] =>
yii\httpclient\StreamTransport [_events:yii\base\Component:private] =>
Array ( ) [_behaviors:yii\base\Component:private] => )
[_headers:yii\httpclient\Message:private] =>
[_cookies:yii\httpclient\Message:private] =>
[_content:yii\httpclient\Message:private] =>
[_data:yii\httpclient\Message:private] => Array ( [client_id] =>
realappidhere [client_secret] => ​realappsecrethere [code] =>
AQAr0KRC0m4V4lqD8LVcQLNjn76xkZS4skQYAvWf6O_DDeEclaj1LMQm_HoyCoZZezqDn7p9YfJm3qENabU8MKvmH1ffNJotMzgLW2XTbSqQEXlkg_sx7V-ibXRFagpfXTIqCp9Kr54O88bNYGikoOr4TM1ogGjViwS-qKLbvpR_vWgE_FPy9ecpgy86QOITpGrlVJaPAun2bzGaFXmU70Z4Kw3kBWUBPseWc_7ILGymZP-CIbRIIm_YZ8p7t9Vo7jZmieMSd-CMYfG0sgJcBjOgQNvsa3xtHNhPVa5BJNNTy89zulSpTAf3XB6HB_8eql0
[grant_type] => authorization_code [redirect_uri] =>
example.com/site/auth?role=influencer&authclient=facebook )
[_format:yii\httpclient\Message:private] =>
[_events:yii\base\Component:private] => Array ( )
[_behaviors:yii\base\Component:private] => )
And the response is:
yii\httpclient\Response Object ( [client] => yii\httpclient\Client
Object ( [baseUrl] => graph.facebook.com [formatters] => Array
( [urlencoded] => yii\httpclient\UrlEncodedFormatter Object (
[encodingType] => 1 [charset] => ) ) [parsers] => Array ( )
[requestConfig] => Array ( ) [responseConfig] => Array ( )
[contentLoggingMaxSize] => 2000
[_transport:yii\httpclient\Client:private] =>
yii\httpclient\StreamTransport Object (
[_events:yii\base\Component:private] => Array ( )
[_behaviors:yii\base\Component:private] => )
[_events:yii\base\Component:private] => Array ( )
[_behaviors:yii\base\Component:private] => Array ( ) )
[_headers:yii\httpclient\Message:private] => Array ( [0] => HTTP/1.1
400 Bad Request [1] => WWW-Authenticate: OAuth "Facebook Platform"
"invalid_request" "Error validating client secret." [2] =>
Access-Control-Allow-Origin: * [3] => Pragma: no-cache [4] =>
Cache-Control: no-store [5] => facebook-api-version: v2.2 [6] =>
Expires: Sat, 01 Jan 2000 00:00:00 GMT [7] => Content-Type:
text/javascript; charset=UTF-8 [8] => x-fb-trace-id: Ek0PFIJ3B3N [9]
=> x-fb-rev: 2718923 [10] => Vary: Accept-Encoding [11] => X-FB-Debug: yaiIHJkwC4T3UZKrzXOJGJ2DmCTaDr8nIRB3jQnNeEiknx0Ph7i2IR5XmAbxpjM7cBhSEy44AcrglCYEdZEmeg==
[12] => Date: Sun, 04 Dec 2016 11:08:16 GMT [13] => Connection: close
[14] => Content-Length: 115 )
[_cookies:yii\httpclient\Message:private] =>
[_content:yii\httpclient\Message:private] =>
> {"error":{"message":"Error validating client
secret.","type":"OAuthException","code":1,"fbtrace_id":"Ek0PFIJ3B3N"}}
[_data:yii\httpclient\Message:private] =>
[_format:yii\httpclient\Message:private] =>
[_events:yii\base\Component:private] => Array ( )
[_behaviors:yii\base\Component:private] => )
So any idea what's happening in there?
Note: I removed the http and https from the facebook links in the quotes because stackoverflow wouldn't let me post more than 2 links.
Try using Yii2 EAuth extension. This is the best extention which provides social login over 14 diff platforms with the easiest way.
reference url:
https://github.com/Nodge/yii2-eauth
demo url : http://nodge.ru/yii-eauth/demo2/login
Related
Working with lumen-passport in lumen 8 I
got client_secret and client_id and make a request with GuzzleHttp\Client and my postman hang forever:
My postman : https://imgur.com/a/LbtUIVi
In routes/web.php :
$router->group(['prefix'=>'api/v1'], function() use($router){
$router->post('/register','AuthController#register');
$router->post('/login', 'AuthController#login');
In my control :
$client = new Client();
try {
$clientResponse = $client->post( 'http://localhost:8000/api/v1/oauth/token' /* config('service.passport.login_endpoint' ) */ , [
"form_params" => [
"client_secret" => 'DfiXey63ABDjgX7upuNaGmGvvASzhGq9kjZTV9nm', //config('service.passport.client_secret'),
"client_id" => 2, //config('service.passport.client_id'),
"grant_type" => "client_credentials",
"username" => $request->email,
"password" => $request->password
]
]);
\Log::info( varDump(-3, ' -3 login $clientResponse::') );
return $clientResponse;
} catch (BadResponseException $e) {
\Log::info( varDump(-4, ' -4 login ::') );
\Log::info( varDump($e->getMessage(), ' -4 login $e->getMessage()::') );
return response()->json(['status' => 'error', 'message' => $e->getMessage()]);
}
In bootstrap/app.php I have :
// Enable auth middleware (shipped with Lumen)
$app->routeMiddleware([
'auth' => App\Http\Middleware\Authenticate::class,
]);
//$app->configure('app');
$app->register(App\Providers\AppServiceProvider::class);
// Enable auth middleware (shipped with Lumen)
$app->routeMiddleware([
'auth' => App\Http\Middleware\Authenticate::class,
]);
//$app->configure('app');
$app->register(App\Providers\AppServiceProvider::class);
// Finally register two service providers - original one and Lumen adapter
$app->register(Laravel\Passport\PassportServiceProvider::class);
$app->register(Dusterio\LumenPassport\PassportServiceProvider::class);
// Finally register two service providers - original one and Lumen adapter
$app->register(Laravel\Passport\PassportServiceProvider::class);
$app->register(Dusterio\LumenPassport\PassportServiceProvider::class);
...
\Dusterio\LumenPassport\LumenPassport::routes($app, ['prefix' => 'api/v1/oauth']);
Under console I see :
ProjectName$ php -S localhost:8000 -t public
[Tue Jun 1 07:27:23 2021] PHP 7.4.18 Development Server (http://localhost:8000) started
[Tue Jun 1 07:27:29 2021] 127.0.0.1:45940 Accepted
[Tue Jun 1 07:27:29 2021] 127.0.0.1:45944 Accepted
[Tue Jun 1 07:27:29 2021] 127.0.0.1:45940 [200]: GET /
[Tue Jun 1 07:27:29 2021] 127.0.0.1:45940 Closing
[Tue Jun 1 07:27:31 2021] 127.0.0.1:45948 Accepted
[Tue Jun 1 07:27:31 2021] 127.0.0.1:45944 [200]: GET /
[Tue Jun 1 07:27:31 2021] 127.0.0.1:45944 Closing
[Tue Jun 1 07:27:41 2021] 127.0.0.1:45956 Accepted
I tried to debug guzzle source and found that it hang in file /vendor/guzzlehttp/guzzle/src/Client.php,
in method:
private function transfer(RequestInterface $request, array $options): PromiseInterface
{
$request = $this->applyOptions($request, $options);
/** #var HandlerStack $handler */
$handler = $options['handler'];
\Log::info( varDump(-21, ' -21 transfer::') );
\Log::info( varDump($handler, ' $handler transfer::') );
try {
return P\Create::promiseFor($handler($request, $options)); // I suppose it hang forever here
} catch (\Exception $e) {
return P\Create::rejectionFor($e);
}
}
Checking content of $handler in log file I see :
[2021-06-01 04:54:47] local.INFO: (Object of GuzzleHttp\HandlerStack) : $handler transfer:: : Array
(
[ GuzzleHttp\HandlerStack handler] => Closure Object
(
[static] => Array
(
[default] => Closure Object
(
[static] => Array
(
[default] => GuzzleHttp\Handler\CurlMultiHandler Object
(
[factory:GuzzleHttp\Handler\CurlMultiHandler:private] => GuzzleHttp\Handler\CurlFactory Object
(
[handles:GuzzleHttp\Handler\CurlFactory:private] => Array
(
)
[maxHandles:GuzzleHttp\Handler\CurlFactory:private] => 50
)
[selectTimeout:GuzzleHttp\Handler\CurlMultiHandler:private] => 1
[active:GuzzleHttp\Handler\CurlMultiHandler:private] =>
[handles:GuzzleHttp\Handler\CurlMultiHandler:private] => Array
(
)
[delays:GuzzleHttp\Handler\CurlMultiHandler:private] => Array
(
)
[options:GuzzleHttp\Handler\CurlMultiHandler:private] => Array
(
)
)
[sync] => GuzzleHttp\Handler\CurlHandler Object
(
[factory:GuzzleHttp\Handler\CurlHandler:private] => GuzzleHttp\Handler\CurlFactory Object
(
[handles:GuzzleHttp\Handler\CurlFactory:private] => Array
(
)
[maxHandles:GuzzleHttp\Handler\CurlFactory:private] => 3
)
)
)
[parameter] => Array
(
[$request] => <required>
[$options] => <required>
)
)
[streaming] => GuzzleHttp\Handler\StreamHandler Object
(
[lastHeaders:GuzzleHttp\Handler\StreamHandler:private] => Array
(
)
)
)
[parameter] => Array
(
[$request] => <required>
[$options] => <required>
)
)
[ GuzzleHttp\HandlerStack stack] => Array
(
[0] => Array
(
[0] => Closure Object
(
[static] => Array
(
[bodySummarizer] =>
)
[parameter] => Array
(
[$handler] => <required>
)
)
[1] => http_errors
)
[1] => Array
(
[0] => Closure Object
(
[parameter] => Array
(
[$handler] => <required>
)
)
[1] => allow_redirects
)
[2] => Array
(
[0] => Closure Object
(
[parameter] => Array
(
[$handler] => <required>
)
)
[1] => cookies
)
[3] => Array
(
[0] => Closure Object
(
[parameter] => Array
(
[$handler] => <required>
)
)
[1] => prepare_body
)
)
[ GuzzleHttp\HandlerStack cached] =>
)
Any idea what is wrong? Local server misconfig ?
PHP 7.4.18 under kubuntu
"dusterio/lumen-passport": "^0.3.4",
"guzzlehttp/guzzle": "^7.3",
"laravel/lumen-framework": "^8.0",
Thanks in advance!
I don't have so experience in lumen, but I am using in environment develop this solution without Guzzle.
public function login(Request $request){
$email = $request->email;
$password = $request->password;
//Check if field is not empty
if (empty($email) or empty($password)) {
return response()->json(['status' => 'error', 'message' => 'You must fill all fields']);
}
$user = User::where('email', '=', $email)->exists();
if ($user === false) {
return response()->json(['status' => 'error', 'message' => 'User doesnt exist']);
}
//$client = new \GuzzleHttp\Client();
try{
$tokenRequest = $request->create(
env('PASSPORT_LOGIN_ENDPOINT'),
'POST'
);
$tokenRequest->request->add([
"grant_type" => "password",
"username" => $request->email,
"password" => $request->password,
"client_id" => env('PASSPORT_CLIENT_ID'),
"client_secret" => env('PASSPORT_CLIENT_SECRET'),
]);
$response = app()->handle($tokenRequest);
return $response;
} catch (\Exception $e) {
return response()->json(['status' => 'error', 'message' => $e->getMessage()]);
}
}
I am trying to post an image to a facebook page from a PHP script on my server. Everything is authenticating my account with admin rights and I have the permissions of manage_pages, publish_pages and publish_actions.
The image is getting uploaded and I can go to my facebook page and click on Notifications and the post is there, but when I go to Page, Posts, or Images I don't see it. Also, when I look at it in the notification section it is showing it posted by me and as a visitor, it should be showing as posted by the Page. I do have this set as live in Facebook Developer as well.
Can anyone help?
When I run the script I am doing this call to facebook:
$response = $fb->post('/'.$agency_permissions['facebook_page'].'/photos', $data, $agency_permissions['facebook_token']);
} catch(Facebook\Exceptions\FacebookResponseException $e) {
echo 'Graph returned an error: ' . $e->getMessage();
} catch(Facebook\Exceptions\FacebookSDKException $e) {
echo 'Facebook SDK returned an error: ' . $e->getMessage();
}
Facebook returns this information: (things labeled '{removed by me}' were removed by me, not returned that way)
Facebook\FacebookResponse Object(
[httpStatusCode:protected] => 200
[headers:protected] => Array
(
[Access-Control-Allow-Origin] => *
[Pragma] => no-cache
[Cache-Control] => private, no-cache, no-store, must-revalidate
[facebook-api-version] => v2.11
[Expires] => Sat, 01 Jan 2000 00:00:00 GMT
[x-fb-rev] => 3698059
[Content-Type] => application/json; charset=UTF-8
[x-fb-trace-id] => H3yiZBKJGQe
[Strict-Transport-Security] => max-age=15552000; preload
[Vary] => Accept-Encoding
[X-FB-Debug] => {removed by me}
[Date] => Tue, 06 Mar 2018 20:43:16 GMT
[Connection] => keep-alive
[Content-Length] => 70
)
[body:protected] => {"id":"1139098132893012","post_id":"335620470144697_1139098132893012"}
[decodedBody:protected] => Array
(
[id] => 1139098132893012
[post_id] => 335620470144697_1139098132893012
)
[request:protected] => Facebook\FacebookRequest Object
(
[app:protected] => Facebook\FacebookApp Object
(
[id:protected] => {removed by me}
[secret:protected] => {removed by me}
)
[accessToken:protected] => {removed by me}
[method:protected] => POST
[endpoint:protected] => /335620470144697/photos
[headers:protected] => Array
(
[Content-Type] => multipart/form-data; boundary=5a9efd619ebd5
)
[params:protected] => Array
(
[message] => test
)
[files:protected] => Array
(
[source] => Facebook\FileUpload\FacebookFile Object
(
[path:protected] => /home/virtual/my_domain/public_html/wp-content///DemoUnitsInternal/7801.jpg
[maxLength:Facebook\FileUpload\FacebookFile:private] => -1
[offset:Facebook\FileUpload\FacebookFile:private] => -1
[stream:protected] => Resource id #26
)
)
[eTag:protected] =>
[graphVersion:protected] => v2.11
)
[thrownException:protected] =>
)
You are using a User Token, that´s why it gets posted as user. Make sure to use a Page Token with manage_pages and publish_pages and it will be posted as Page.
I'm trying to connect to suite CRM REST API using Guzzle
$res = $client->request('GET','http://crm.demo.com/service/v4_1/rest.php/login', [ "auth" => [ 'myadmin', md5('mypswd') ]]);
print_r($res);
The result I'm getting is this
GuzzleHttp\Psr7\Response Object
(
[reasonPhrase:GuzzleHttp\Psr7\Response:private] => OK
[statusCode:GuzzleHttp\Psr7\Response:private] => 200
[headers:GuzzleHttp\Psr7\Response:private] => Array
(
[Date] => Array
(
[0] => Mon, 03 Apr 2017 06:26:17 GMT
)
[Content-Type] => Array
(
[0] => text/html; charset=UTF-8
)
[Transfer-Encoding] => Array
(
[0] => chunked
)
[Connection] => Array
(
[0] => keep-alive
)
[Set-Cookie] => Array
(
[0] => __cfduid=daace974785b1e202e7535232346958d111491200776; expires=Tue, 03-Apr-18 06:26:16 GMT; path=/; domain=.demo.com; HttpOnly
)
[X-Powered-By] => Array
(
[0] => PHP/5.4.16
)
[X-Varnish] => Array
(
[0] => 2592144
)
[Age] => Array
(
[0] => 0
)
[Via] => Array
(
[0] => 1.1 varnish-v4
)
[Server] => Array
(
[0] => cloudflare-nginx
)
[CF-RAY] => Array
(
[0] => 3499f497d6bd17a4-SIN
)
)
[headerNames:GuzzleHttp\Psr7\Response:private] => Array
(
[date] => Date
[content-type] => Content-Type
[transfer-encoding] => Transfer-Encoding
[connection] => Connection
[set-cookie] => Set-Cookie
[x-powered-by] => X-Powered-By
[x-varnish] => X-Varnish
[age] => Age
[via] => Via
[server] => Server
[cf-ray] => CF-RAY
)
[protocol:GuzzleHttp\Psr7\Response:private] => 1.1
[stream:GuzzleHttp\Psr7\Response:private] => GuzzleHttp\Psr7\Stream Object
(
[stream:GuzzleHttp\Psr7\Stream:private] => Resource id #73
[size:GuzzleHttp\Psr7\Stream:private] =>
[seekable:GuzzleHttp\Psr7\Stream:private] => 1
[readable:GuzzleHttp\Psr7\Stream:private] => 1
[writable:GuzzleHttp\Psr7\Stream:private] => 1
[uri:GuzzleHttp\Psr7\Stream:private] => php://temp
[customMetadata:GuzzleHttp\Psr7\Stream:private] => Array
(
)
)
)
Its showing the request was successful but I'm not getting the result. Is it really possible to connect it using Guzzle? Is there any other method to pass the login parameters?
I'm using CodeIgniter 3 and Guzzle to achieve this.
First of all, what's the issue? You code is correct, you get the response.
If you want to explore the response body, just do (string) $res->getBody() or $res->getBody()->getContents() (the body is a stream, as you can in your dump, so to get it as a string you have to do additional actions).
BTW, you are trying to access a site under CloudFlare, and usually it's not possible, because CloudFlare rejects robots. Try to get a different entry point (that is not under CloudFlare protection).
I have used PayPal api in which first i do preapproval and then make chained payment using that approval key. Everything works fine on my local server. But as on live its giving me below error.
Preapproval
Error
PreapprovalResponse Object
(
[responseEnvelope] => ResponseEnvelope Object
(
[timestamp] => 2015-05-01T08:38:40.374-07:00
[ack] => Failure
[correlationId] => 88fffca2a737c
[build] => 15743565
)
[preapprovalKey] =>
[error] => Array
(
[0] => ErrorData Object
(
[errorId] => 580001
[domain] => PLATFORM
[subdomain] => Application
[severity] => Error
[category] => Application
[message] => Invalid request: Data validation warning(line -1, col 0): null
[exceptionId] =>
[parameter] => Array
(
[0] => ErrorParameter Object
(
[name] =>
[value] => Data validation warning(line -1, col 0): null
)
[1] => ErrorParameter Object
(
[name] =>
[value] => Data validation warning(line -1, col 0): null
)
)
)
)
)
My request is
requestEnvelope.errorLanguage=en_US&cancelUrl=http%3A%2F%2Fredesignbox.com%2Fopendemo%2Fhappyfund%2Fcheckout¤cyCode=RUB&maxAmountPerPayment=1%2C032.00&maxNumberOfPayments=1&maxTotalAmountOfAllPayments=1%2C032.00&returnUrl=http%3A%2F%2Fredesignbox.com%2Fopendemo%2Fhappyfund%2Fcheckout_action%2Faction%2FafterApproval&startingDate=2015-05-01&feesPayer=PRIMARYRECEIVER
Response is
responseEnvelope.timestamp=2015-05-01T08%3A38%3A40.374-07%3A00&responseEnvelope.ack=Failure&responseEnvelope.correlationId=88fffca2a737c&responseEnvelope.build=15743565&error(0).errorId=580001&error(0).domain=PLATFORM&error(0).subdomain=Application&error(0).severity=Error&error(0).category=Application&error(0).message=Invalid+request%3A+Data+validation+warning%28line+-1%2C+col+0%29%3A+null&error(0).parameter(0)=Data+validation+warning%28line+-1%2C+col+0%29%3A+null&error(0).parameter(1)=Data+validation+warning%28line+-1%2C+col+0%29%3A+null
What's wrong i cannot understand.
EDIT
On local my ssl version is
OpenSSL/0.9.8y and
on live its NSS/3.16.2.3 Basic ECC
$maxpaymentss = floor(2000/68.50);
$data = array(
'ClientDetails' => array(
'applicationId' => 'My_APP',
),
'returnUrl' => 'http://www.yourdomain.com/success.html',
'cancelUrl' => 'http://www.yourdomain.com/cancel.html',
'startingDate' => gmdate("Y-m-d\TH:i:s\Z"),
'endingDate' => gmdate("Y-m-d\TH:i:s\Z"),
'maxAmountPerPayment' => 68.50,
'maxNumberOfPayments' => $maxpaymentss,
'maxTotalAmountOfAllPayments' => 2000.00,
'maxNumberOfPaymentsPerPeriod' => 1,
'currencyCode' => 'USD',
'requestEnvelope' => array(
'errorLanguage' => 'en_US',
'detailLevel' => 'ReturnAll'
)
);
these are the required fields for the live mode of PayPal adaptive preapproval.
Remove the "," in the "maxAmountPerPayment" and "maxTotalAmountOfAllPayments" field and try again . It should work fine
I'm trying the following to post custom action on to my timeline. The same effect has been achieved with the Graph API Explorer.
$facebook = new Facebook(array('appId' => '123456789',
'secret' => '123456789',
'cookie' => true));
$access_token = $facebook->getAccessToken();
if($access_token != "")
{
$user = $facebook->getUser();
if($user != 0)
{
$queries = array(array("method" => "POST", "relative_url" => "/me/namespace:action?object=http://www.mysite.com/url/parameters"));
try
{
$postResponseA = $facebook->api("?batch=".json_encode($queries), "POST");
} catch (FacebookApiException $e)
{
echo 'AF error: '.$e;
}
}
}
No errors are thrown. Nothing is ever posted though.
print_r($postResponseA) shows the following:
Array ( [0] => Array ( [code] => 400 [headers] => Array ( [0] => Array ( [name] => Access-Control-Allow-Origin [value] => * ) [1] => Array ( [name] => Cache-Control [value] => no-store ) [2] => Array ( [name] => Connection [value] => close ) [3] => Array ( [name] => Content-Type [value] => text/javascript; charset=UTF-8 ) [4] => Array ( [name] => Expires [value] => Sat, 01 Jan 2000 00:00:00 GMT ) [5] => Array ( [name] => Pragma [value] => no-cache ) [6] => Array ( [name] => WWW-Authenticate [value] => OAuth "Facebook Platform" "invalid_request" "An active access token must be used to query information about the current user." ) ) [body] => {"error":{"message":"An active access token must be used to query information about the current user.","type":"OAuthException","code":2500}} ) )