发表新帖
发表新帖

Facebook SDK returned an error: Cross-site request forgery validation failed. The “state” param from the URL and session do not match

后端 未结
关注
25 865
南方客
南方客 2020-12-01 01:37

i\'m trying to get Facebook user id using the php sdk like this 

$fb = new Facebook\\Facebook([
    \'app_id\' => \'11111111111\',
    \'app_secret\' =>
相关标签:
25条回答
  • 梦毁少年i
    2020-12-01 02:17

    Might help someone, who is using Javascript Helper in frontend for authenticating the user and in PHP one is trying to to extract access_token from Redirect Login Helper. So use following

    getJavaScriptHelper();

    instead of

    getRedirectLoginHelper();
    0 讨论(0)
  • 忘掉有多难
    2020-12-01 02:17

    I am playing around with Symfony and was having this problem one attempt yes and the next one no. I solved this problem by storing the facebookRedirectLoginHelper object into session, and retrieving it later on from the session instead of asking the Facebook object for it again.

    The documentation (Symfony 4.3 at the time of this writing) states the following:

    Make sure your PHP session isn't already started before using the Session class. If you have a legacy session system that starts your session, see Legacy Sessions.

    Symfony sessions are designed to replace several native PHP functions. Applications should avoid using session_start(), session_regenerate_id(), session_id(), session_name(), and session_destroy() and instead use the APIs in the following section.

    While it is recommended to explicitly start a session, a session will actually start on demand, that is, if any session request is made to read/write session data.

    So I think that retrieving the object from the session inherently starts the php session.

    If you are using some php framework, keep that in mind.

    0 讨论(0)
  • 情书的邮戳
    2020-12-01 02:18

    Lots of great answers already mentioned, here is the one which helped for me,

    I found that the problem is Cross-site request forgery validation failed. Required param “state” missing in FB code and here is the solution

    After this line

    $helper = $fb->getRedirectLoginHelper();

    Add the below code,

    if (isset($_GET['state'])) {
    $helper->getPersistentDataHandler()->set('state', $_GET['state']);
}
    0 讨论(0)
  • 执笔经年
    2020-12-01 02:22

    insert this code after $helper = $fb->getRedirectLoginHelper();

      $_SESSION['FBRLH_state']=$_GET['state'];
    0 讨论(0)
  • 旧巷少年郎
    2020-12-01 02:22

    For me setting the session state worked

    Complete code ( in the redirect url php ) 

    $accessToken = '';

$helper = $fb->getRedirectLoginHelper();

if(isset($_GET['state'])){

    $_SESSION['FBRLH_state']=$_GET['state'];
}


try {
    $accessToken = $helper->getAccessToken();
} catch ( Facebook\Exceptions\FacebookResponseException $e ) {
    // When Graph returns an error
    echo 'Graph returned an error: ' . $e->getMessage();

}
    0 讨论(0)
  • 囚心锁ツ
    2020-12-01 02:25

    I had the same error, because I forgot to add "www." to the sender address. In the Client-OAuth Settings there has to be the correct name.

    0 讨论(0)
 看不清?
提交回复
热议问题