Can someone please help me with this? This is happening on production environment too. :(
I have checked other threads here, but they didn't help.
Getting an error after facebook login dialog closes -
"Given URL is not allowed by the Application configuration.: One or more of the given URLs is not allowed by the App's settings. It must match the Website URL or Canvas URL, or the domain must be a subdomain of one of the App's domains."
I'm trying this on localhost. It's not working on production environment either.
It was working on both localhost and production environments 2-3 weeks back.
I have cross-checked all the URLs on facebook app.
Details:
App Domains: localhost
Canvas URL:[http://localhost:8080/app/core/main/public/fb.jsp?fromFB=true]
Secure Canvas URL:[https://localhost:8443/app/core/main/public/fb.jsp?fromFB=true]
Site URL:
[http://localhost:8080/app/core/main/] (tried with [http://localhost:8080] too, doesn't work)
Page Tab URL: [http://localhost:8080/app/core/main/public/fb.jsp?fromFB=true]
Secure Page Tab URL: [https://localhost:8443/app/core/main/public/fb.jsp?fromFB=true]
Have enabled "App on Facebook" under "App Center Listed Platforms".
Same configuration was working earlier.
I'm using JSSDK -
FB.init({appId: 'XXXXXXXX',
status: true, // check login status
cookie: true, // enable cookies to allow the server to access the session
xfbml: true // parse XFBML
});
FB.login(function(response)
{
if (response)
{
if (response.status == 'connected')
{
//showUserPages();
}
else if ('unknown' == response.status && null != response.authResponse)
{
loginIntoFB();
}
}
},
{ scope: 'manage_pages' });
Did facebook add any validations recently for the apps ?
Please let me know if i can provide any more information.
PS: Posting for the first time, please pardon me for any mistakes.
Issue was because of the local referenced facebook js sdk. Missed to notice that caching js sdk on local is against TOS. It is working after referring to updated facebook sdk - connect.facebook.net/en_US/all.js
Thanks!
Related
I have been using facebook login option on my website for about 3 months now. Everything worked fine. But today I am getting the error:
Given URL is not allowed by the Application configuration.: One or
more of the given URLs is not allowed by the App's settings. It must
match the Website URL or Canvas URL, or the domain must be a subdomain
of one of the App's domains.
This happens when the user is already logged into facebook. If the user needs to login the sign in works fine as before. Alternatively clearing out the cookies also works, makes the facebook log in work as before.
This happened by itself without any changes to app settings on facebook. I have gone through the other questions on SO and can't seem to figure this out. Any ideas?
$(function() {
$('body').prepend('<div id="fb-root"></div>');
return $.ajax({
url: "" + window.location.protocol + "//connect.facebook.net/en_US/all.js",
dataType: 'script',
cache: true
});
});
window.fbAsyncInit = function() {
FB.init({
appId: '123456789098765434',
cookie: true
});
$('#sign_in').click(function(e) {
e.preventDefault();
return FB.login((function(response) {
if (response.authResponse) {
return window.location = '/auth/facebook/callback';
}
}), {
scope: 'email,user_likes'
});
});
return $('#sign_out').click(function(e) {
FB.getLoginStatus(response);
return true;
});
};
Are you hosting the Facebook JS locally?
If so, it could be the same issue as I had and you need to change it to source the JS from Facebook, e.g.
src="//connect.facebook.net/en_US/all.js"
I had a same problem (but in PHP sdk) and I found that there was a mismatch in my "redirect_uri" and "Valid OAuth redirect URIs".
In my code, I had set:
redirect_uri = "http://www.website.com/validate.php";
But in my Facebook app I had set Valid OAuth redirect URIs:
http://website.com/validate.php
All I was missing "www". So I added another Valid OAuth redirect URI in my Facebook app:
http://www.website.com/validate.php
I recently integrated the phonegap-facebook-plugin (https://github.com/phonegap/phonegap-facebook-plugin) into both iOS and Android (same app).
I want to do something that I believe to be simple: by-pass the call to native facebook for login/authentication and always use the web dialog. How does one go about accomplishing this?
My login code currently looks like this:
Init code:
//facebook initialization
FB.init({
appId: 'xxxxxxxxxxxx', //'<%#= FB_APP_ID %>',//'',
nativeInterface: CDV.FB,
useCachedDialogs: false
});
And the login call is:
FB.login(function(response) {
if (response.authResponse) {
// connected
me.signInFacebook({
token: response.authResponse.accessToken,
email: response.authResponse.email,
success: function (data) {
// hide login view and show tabview
form.destroy();
// continue whatever action was previously happening
me.continueAction(tabIndexBack, callback);
},
failure: function (response) {
// show errors Ext.Viewport.down('tabscontainerview').setActiveItem(3);
}
});
} else {
//go back
Ext.Viewport.down('tabscontainerview').setActiveItem(3);
alert('fb login error');
}
},{ scope: "email" });
Thanks for your help!!
I created a plugin to facilitate the connection between Facebook and phonegap without using Plugin Native only with Jquery:
https://github.com/studiosoton/faceGap
To bypass native FB login, you can make your own manual facebook authentication flow without using JavaScript SDK of the Facebook (https://developers.facebook.com/docs/facebook-login/manually-build-a-login-flow/v2.3) via inAppBrowser or ChildBrowser plugins.
Your app must initiate a redirect to an endpoint which will display the login dialog:
https://www.facebook.com/dialog/oauth?client_id={app-id}&redirect_uri={redirect-uri}&response_type=token&scope=email
Facebook redirects people to the redirect_uri mentioned above and places an access token along with some other metadata (such as token expiry time) in the URI fragment:
https://www.facebook.com/connect/login_success.html#
access_token=ACCESS_TOKEN...
Your app needs to detect this redirect and then read the access token out of the URI. You can then skip straight to the Inspecting access tokens step.
On the Android version of the plugin, you can force it to use the dialog by modifying the way the plugin calls me.facebook.authorize in the login action of theorg.apache.cordova.facebook.ConnectPlugin class.
You'll need to pass in an additional activityCode parameter with Facebook.FORCE_DIALOG_AUTH:
me.facebook.authorize(cordova.getActivity(), me.permissions, Facebook.FORCE_DIALOG_AUTH, new AuthorizeListener(me));
I'm not entirely sure about iOS, but you might be able to try with openWithBehavior and FBSessionLoginBehaviorForcingWebView
Without any Facebook plugins you can use Facebook functionality,for that use phonegap.facebook.inappbrowser.js using this js you can easily access all Facebook functionality for more information visit this URL : Facebook Integration Step without any plugins
I am running into a problem with logging in to Facebook on Safari and IE. I can login just fine with Chrome and Firefox with the following code:
var appId = 'APP ID';
var uid;
// Initialize the JS SDK
FB.init({
appId: appId,
status: true, // check login status
cookie: true, // enable cookies to allow the server to access the session
xfbml: true, // parse XFBML
channelUrl: '//localhost:8888/photo/channel.html' // Channel File
});
// Get the user's UID
FB.getLoginStatus(function(response) {
uid = response.authResponse.userID ? response.authResponse.userID : null;
console.info(uid);
});
function authUser() {
FB.login(function(response) {
console.info(response);
uid = response.authResponse.userID ? response.authResponse.userID : null;
console.info("called");
}, {scope:'email,publish_actions'});
but when my code gets to FB.getLoginStatus on Safari and IE the response shows
authResponse: undefined
status: "unknown"
Edit: Forgot to mention that the popup that shows the permissions is not popping up in Safari and IE.
If the status is "unknown" that means one of two things:
the user is not logged in, or
third party cookies are disabled
Safari is the only browser to come with third-party cookies disabled by default (Firefox will be following suit shortly). Some of the higher security settings in IE will also turn them off. Since your code is working in Firefox/Chrome I would guess this is the culprit.
Unfortunately, third-party cookies are required for FB.getLoginStatus to return an appropriate authResponse and status. I think your options are pretty limited:
Let the user log in through PHP or another back-end SDK, and force them to sign in again every 2 hours (I think FB tokens expire every 7600 seconds)
Detect the "unknown" status and display a message to the user asking them to enable third-party cookies for facebook.com
I didn't actually fix the problem I was able to get around it by running the app on Facebook instead of my localhost. I believe this is because when on Facebook I am already logged in.
I have an issue with the Facebook OAuth 2.0 mechanism. In principle all is working well, except for one thing: when a user is redirected to the page where he should authorize/permit the app but is clicking 'Cancel', about half of the time he is redirected to the page I specified in the redirect_uri (correct behaviour - so I redirect him to a page explaining why we need the permissions) and about half the time he is ending up on the FB homepage (wrong behaviour). I just can't figure out what I am doing wrong. This is roughly what I am doing:
window.fbAsyncInit = function()
{
FB.init({
appId : <appid>, // App ID
channelUrl : 'http://www.mydomain.com/channel.html', // Channel File
status : true, // check login status
cookie : true, // enable cookies to allow the server to access the session
oauth : true, // enable OAuth 2.0
xfbml : true // parse XFBML
});
// Additional initialization code here
FB.getLoginStatus(function(response)
{
//console.log('getLoginStatus response: ',response);
if (response.authResponse)
{
//user is already logged in and connected
top.location.href='http://apps.facebook.com/<appname>';
}
else
{
//app is not authorized or user is logged out
var redirectURL = 'http://www.facebook.com/dialog/oauth/?client_id='+client_id+'&scope='+scope+'&redirect_uri='+encodeURIComponent('http://apps.facebook.com/<appname>')+'&response_type=token';
top.location.href = redirectURL;
}
});
};
Any idea what I am doing wrong? As said in the opposite case, where the user does accept to authorize the app al works just fine. I am still working in sandbox mode and have not yet bought an SSL certificate which is why I am still referring everywhere to http instead of https.
Thanks!
P.S. This strange behaviour never happens when the user clicks 'Don\'t allow' when asking for optional permissions the following times the user accesses my app. For example, the user logs in for the first time and authorizes the app, but does not allow for the optional permissions. Facebook then redirects him to the redirect_uri and gives me an access_token, so I redirect the user to the app (so far so good). The next time when the user accesses the app, I detect that he has authorized the app, but that I don't have all the optional permissions I want, so I redirect him again to the OAuth 2.0 mechanism. This time the user AGAIN doesn't allow the optional permissions and Facebook ALWAYS redirects the user to the redirect_uri which is the expected behaviour.
I changed my Facebook App to OAuth 2.0. Now the Login window ignores the user permissions.
The new login button code is as follows:
<fb:login-button show-faces="true" width="400" max-rows="2" scope="read_stream, publish_stream, email"></fb:login-button>
when I use perms instead of scope it works.
I have oauth:true in FB.init(). In the app settings oauth2 is active.
(Everything I did and learned was in an effort to be able to publish to a Facebook Timeline from a 3rd party website. I don't know your motive/goal. It might not be the same as mine.)
I am using JS SDK with javascript commands, not xfbml markup.
I am using the beta version of the JS SDK: set the host to connect.beta.facebook.net instead of connect.facebook.net
I have oauth:true in my FB.init() function.
I have app settings for OAuth 2.0 enabled at developers.facebook.com.
This is my FB.login():
FB.login(
function(response) {
if (response.authResponse) {
// handle a successful login
}
},
{
scope: 'publish_stream' // I need this for publishing to Timeline
}
);
One thing I did to debug this was to check the value of FB._oath. If it is undefined, you have a problem. If it is true, you can proceed to the next challenge.
So after lots of trial and error, I finally got FB._auth===true