Invalid android_key parameter - Facebook login - facebook

I am trying to use facebook login in my application. The problem is that I am getting the following error:
My settings are:
In the begging I tried to use a key that I generate using the java keytool but it didn't work (same error). Then I saw some post here in Stackoverflow and I changed the key to the one that appears on the error, but the problem remains.
Any idea what I am missing?
Does the = needed at the end of the key?

Related

Blank page after authentication via getAuthenticationInfo

I have created a Shiro Realm to use with x509 certs based on this extension.
The "protected X509AuthenticationInfo doGetX509AuthenticationInfo(X509AuthenticationToken token)" method is executed (i.e. getAuthenticationInfo(token)), validates my user and seems to execute the return X509AuthenticationInfo.
However, after that, the page stays blank! It is not redirected anywhere. If I use instead "anon", or the basic authentication, then my page is displayed correctly (to verify that the page should not be blank). What can be happening?
shiro.ini
[main]
x509Realm = com.flowersforyou.shiro.myRealm
securityManager.realms = $x509Realm
x509 = org.apache.shiro.web.filter.authc.X509AuthenticationFilter
[urls]
/** = x509
EDIT
I tried to use
x509.loginUrl = /err.xhtml
[urls]
/err.xhtml = anon
/** = x509
But it is still showing a blank page so I don't think I was redirected anywhere when the validation failed
EDIT
My answer explains what is possibly happening but now how to fix it. So I suppose that blank page is because something failed (null pointer or whatever). However, I suppose this should raise a 500 error via an Exception, as everything else. When the 500 error is raised, my app will capture it and show a custom error page. This is not happening here. Any solution to capture that error?
I think I have discovered what is happening...
I am missing a Credential Matcher in my .ini:
sha256Matcher = org.apache.shiro.authc.x509.X509CredentialsSha256Matcher
x509Realm.credentialsMatcher = $sha256Matcher
Without this, I suppose the authentication fails (either because there is no matcher set or because it is using a default one that doesn't understand certs but plain passwords) and it is silently finishing with a blank page (perhaps I have to define somewhere where to go if the authentication fails). If someone knows where to do it, or why exactly I am getting a blank page, please tell me to complete the answer.
EDIT
As for the blank page, I found that no exception was being raised. More details here.

ionic with phonegap-facebook-plugin: invalid hash key

It worked ok. I logged in with facebook.
After a while, i don´t know exactly the reason, when I try to login with facebook, it starts to show:
Invalid key hash. The key hash ..... does not match any stored key hashes. Configure your app key hashes at http://developers.facebook.com/apps/...
The hash key that is showing in the error message it´s not the hash key set in the developers facebook and had worked before. I tried to put this hash in the developers.facebook but does not work too.
After hours of research:
deleted the app in Facebook developers
remove cordova plugin from ionic project
Delete the file debug.keystore under C:\Users\yourUserName.android
Generate a new key with "keytools"
Create a new app on developers.facebook.com and add the new hash key
Then it started to work again.
But now, its showing me the same "invalid hash key" again :(
Any help?
Edited:
I deleted just the debug.keystore and ran "ionic run android".
Then showed me the same error but with a new hash key,
I tryeid again to put the hash key that they show in the error message and it is working now. But it´s very strange, because the hash key that I generated with "keytools" and put in developer.facebook for the first time, was just for nothing.
I follow this tutorial: https://ionicthemes.com/tutorials/about/native-facebook-login-with-ionic-framework
Download APK (your_apk_name.apk)
Run Command keytool -list -printcert -jarfile your_apk_name.apk
Copy the SHA1 value
Go to http://tomeko.net/online_tools/hex_to_base64.php
paste SHA1 value & hit convert.
Copy the output(base64) and use this as your facebook hash.
You need to add all key hashes that you see in those error messages to the setting of your Facebook app. Go to developers.facebook.com/yourappid, to settings > basic, scroll down to key hashes and add it there. We've got 4 different hashes for ours now and I'm sure they'll be more going forward.
It seems that having other applications on the users phone that are using Facebook login can change the hash needed by your app in login. So like, if you've got the main Facebook app on your phone, it'll require a different hash for your app's login than if you have just Facebook Messenger. This is our working theory that holds up against all evidence so far.
I'd recommend setting up a logger for client errors so you can get those hashes as they pop up. This obviously isn't the ideal solution so I'd love to hear what others find out about this but, for now at least, it's working.

Facebook auth serverside calls back 2 times with the same code

On our server-side authentication with Facebook we get a random and weird issue. Facebook calls the call back URL two times with the same code. This is only happening for some users and not on every login.
This is the flow we have implemented on our side: https://developers.facebook.com/…/manually-build-a-login-fl… . We have been using it since the beginning of 2013 and we haven't noticed any issues so far.
And this is the error we get when we are exchanging the code for an access token the second time.
{"error":{"message":"This authorization code has been used.","type":"OAuthException","code":100,"fbtrace_id":"traceID"}}
We tried to log this issue as a bug on https://developers.facebook.com/bugs but unfortunately it doesn't work.
It keeps showing unexpected error. Not to mention that i was unable to find the correct bug category.
Any idea on how we can fix this?
Thanks!
Could it be that users are clicking twice to process auth service? Try disabling the button before calling Facebook auth service
What language are you using?
I just had this problem in Ruby using Devise for Rails. I had created an omniauth.rb initializer file, and added a config line item in the devise.rb initializer file.
If you did this too, you can remove the omniauth.rb initializer file and you should be good to go!

Facebook Login using scribe

I'm using scribe to get user id, however I get this error:
OAuthConnectionException: There was a problem while creating a connection to the remote service.
I follow this example enhanced with javax filters (to get the parameter code correctly)
https://github.com/fernandezpablo85/scribe-java/blob/master/src/test/java/org/scribe/examples/FacebookExample.java
I also tried doing things manually and i got the access token which looks somehow like this ( i changed it a bit ) CAAHZCFE7YllgBAAZAenKbvZBrMZAZBkDGgydU2vAekwsM1V0StpZAgHXukEYWIDSpc5ZCXc4LB6suFeaPagcpj2ju6ayvAgrxYttvCQg9i7ZAdcF2ZCvhMNqTddsDUkNq1c1cX47U9KwutS5t6xpbV0cRabaVpgZCZAo4ZCTEtgckFmMajsb3zYWTH9LEfKj3CgcJ39lD2x1yRoXyAds0lKARmHZC
and while asking for user id like this:
https://graph.facebook.com/me?access_token=CAAHZCFE7YllgBAAZAenKbvZBrMZAZBkDGgydU2vAekwsM1V0StpZAgHXukEYWIDSpc5ZCXc4LB6suFeaPagcsj2ju6aYvYgrxYttvCQg9i7ZAdcF2ZCvhMNqTddsDUkNq1c1cX47U9KwutS5t6xpbV0cRabaVpgZCZAo4ZCTEtgckFmMajsb3zYWTH7LEfKj3CycJ39lD2x1yRoXyAds0lWLRmHZC%20,%20458856e03b909f426ec5d3791f0af466?fields=id,name
I get Malformed access token.
Do you have any suggestions regarding what I am doing wrong?
The URLs are the same, dunno what my mistake is :/

Getting REQUEST_DENIED when calling Google's Autocomplete from a Browser

I have signed up for Google Places Autocomplete API and created a new key by going to following url.
http://code.google.com/apis/console/
I am using the generated key to do some testing on my browser. I am entering following url to search for City names starting with "San".
https://maps.googleapis.com/maps/api/place/autocomplete/json?input=San&types=cities&sensor=false&key=
I keep getting "REQUEST_DENIED" error message. Is there anything I am missing? I can see my usage counter going up every time I try to test this using a browser, but I keep getting REQUEST_DENIED message back. As per the google documentation it says this message is related to "Sensor" parameter. I tried setting this parameter to True/False but get the same results. Please help!
Thanks,