1

According to new facebook policy. You cannot redirect to URLs that are not stated in **Valid OAth Redirect URI** from March onwards.

In March, we're making a security update to your app settings that will invalidate calls from URIs not listed in the Valid OAuth redirect URIs field below.This update comes in response to malicious activity we saw on our platform, and we want to protect your app or website by requiring a new strict mode for redirect URIs. Learn More

Here are 5 out of the 8 of your URIs that will be invalidated by this change.

But my problem is that my uris are dynamic. It has get parameters after it.

http://www.website.com/fb/login.php?redirect=http%3A%2F%2Fwww.website.com%2Fapps%2F456

http://www.website.com/fb/login.php?redirect=http%3A%2F%2Fwww.website.com%2Fapps%2F123

http://www.website.com/fb/login.php // This alone does not seem to work
click_twice
  • 191
  • 2
  • 12
  • Weird. Our two FbApps have not given us this new warning (and our redirects are dynamic due to login procedures sending the user back to where they were when they tried to login). hmm.... will have to look into this more...... Oh wait, nevermind... I totally forgot, all our redirect logic is on OUR side, as we just land the fb user on the exact same URL when they are done. It then smartly sends them where they should go from there. – IncredibleHat Feb 14 '18 at 15:37

1 Answers1

1

I -too- had the same problem. I solved it by adding my OAuth redirect URI as a argument to the getAccessToken function call:

$redirectLoginHelper->getAccessToken("https://www.example.com/myfacebookcallback")

If no argument is sent into that function the SDK generates the redirect URI by itself which should work but in my case it didn't.

Hope this helps someone.

source: https://stackoverflow.com/a/39051948/4872547

Mahmoud Eidarous
  • 185
  • 1
  • 2
  • 17