9

I got a notification from Facebook saying that they will invalidate calls from URIs not listed in the Valid OAuth redirect URIs this coming March 2018 and I think they are requiring us to Enable Strict Mode for Redirect URIs. Link about this can be found here.

I have been using their PHP SDK with Strict Mode disabled for a year now without any problem however when I do enable strict mode and place there the redirect url which is: https://nino-dot-dynamic-osprey-93721.appspot.com/admin/fb-callback_admin.php - it returns an error as seen below each time I try to Login with Facebook:

Graph returned an error: Can't Load URL: The domain of this URL isn't included in the app's domains. To be able to load this URL, add all domains and subdomains of your app to the App Domains field in your app settings.

Note that I'm simply using FB's default PHP SDK Login code (https://developers.facebook.com/docs/php/howto/example_facebook_login) which have login.php and fb-callback.php links and I'm not using any custom OAuth workflows.

I noticed that the redirect URL generated contains the code and state parameters:

site.com/admin/fb-callback_admin.php?code=somecode&state=somestate

I think this is the reason why I'm getting the error because it only expects a redirect URL of https://nino-dot-dynamic-osprey-93721.appspot.com/admin/fb-callback_admin.php without any trailing parameters.

How do you guys think of getting around this issue of Enabling Strict Mode given that the response of the redirect URL through the below code:

$helper = $fb->getRedirectLoginHelper();
$permissions = ['email']; // Optional permissions
$loginUrl = $helper->getLoginUrl('https://nino-dot-dynamic-osprey-93721.appspot.com/admin/fb-callback_admin.php', $permissions);
echo htmlspecialchars($loginUrl);

is generated from FB's PHP SDK by default?

pmichael16
  • 93
  • 1
  • 4
  • The error message says you're trying to use a redirect URI with a domain part that does not match the app settings. – CBroe Dec 20 '17 at 10:22

2 Answers2

27

Change 

$accessToken = $helper->getAccessToken()

to 

$accessToken = $helper->getAccessToken('http://www.example.com/admin/fb-callback_admin.php');

I had the same issue and found this answer in this thread, which seems to resolve the problem for me:

Graph returned an error: Can't Load URL: The domain of this URL isn't included in the app's domains

Not sure why this works, though, but glad it did.

Simon Lenaerts
  • 286
  • 3
  • 5
  • 1
    Wow, that did the trick. Thank you so much! If you are using **Codeigniter**, you can find that line of code in **application/libraries/Facebook.php** under the function **authenticate**. Just change this: `$access_token = $this->helper->getAccessToken();` To this: `$access_token = $this->helper->getAccessToken(site_url('your callback url'));` – Sorin Haidau Dec 20 '17 at 21:07
  • 1
    Thank you! That worked for me too! I also found the same solution in one of the issues raised in FB's PHP SDK GitHub (https://github.com/facebook/php-graph-sdk/issues/877). Apparently they're planning to have a bug fix on the SDK itself to strip the 'code' param from the callback URL. – pmichael16 Dec 21 '17 at 02:22
  • After Searching and doing a lot of tries to fix the issue I tried your solution and it worked. But this fix does not look recommended. because most people have multiple servers e.g. dev, staging and production. so they will have to do some extra checks to provide correct callback uri. Thanks – Afraz Ahmad May 16 '18 at 06:08
4

I was facing the same issue, Actually, this comes from the facebook graph sdk.

I got this information from here

Also, a quick and dirty change that seemed to fix this error for me was adding 'code' to the list of params to remove in FacebookRedirectLoginHelper

later facebook itself released the updated package which seems fixed the issue.

make sure you have the latest version of facebook-graph-sdk at the time of this answer, the version is 5.6.2

Shobi
  • 10,374
  • 6
  • 46
  • 82