Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

facebook error 'Error validating verification code'

Tags:

php

urlencode

facebook

very strange error. i use gide http://developers.facebook.com/docs/authentication/. so i create request to fb and pass redirect_uri. i use test site on localhost. so if i pass

redirect_uri=http://localhost/test_blog/index.php

it works fine, but if i pass

redirect_uri=http://localhost/test_blog/index.php?r=site/oauth2

it don't want work. i try to use

redirect_uri= . urlencode('http://localhost/test_blog/index.php?r=site/oauth2)

but not work. i try to explaine. i success get code, but when i access https://graph.facebook.com/me?access_token i get error 'Error validating verification code'. i checked evering, error is in ?r=site/oauth2 but i need passing some params can somebody help me? i read post http://forum.developers.facebook.net/viewtopic.php?id=70855 but nothing work for me

like image 702
kusanagi Avatar asked Dec 08 '10 11:12

kusanagi

2 Answers

There are presently (as of March 2011) undocumented requirements regarding what makes a valid redirect_uri.

First, both redirect_uri paramaters to authorize and access_token must match.

Apparently Facebook (or rather OAuth2) is using the redirect_uri as a internal key to encode the code returned for the access_token request. It's kinda clever since it verifies back to your site. It explains why the access_token request which wouldn't otherwise need a redirect_uri parameter requires one.

Second, you cannot use many special characters in the redirect_uri.

A lot of discussion rages whether parameters can be passed at all. They can, you're limited which characters are valid but no one has published a list that I know. Traditional methods like url/html encoding will fail because percent(%) is not valid. Slash (/) is not valid either so a nested redirection url will always fail. The ONLY way to overcome the special char limitation is to encode the value of the parameter to base64. If you're using ASP.NET, look up Convert.ToBase64.

Lastly, and this is more of a side-note. There are a lot of programmers passing along misinformation that a simple solution is to pass type=client_cred. This may limit your access to some of the permissions you requested in your authorization. It is inadvisable.

like image 136
Michael Avatar answered Oct 10 '22 01:10

Michael

Had the same problem all day when testing with redirect_uri=http://localhost:8000 (encoded to http%3A%2F%2Flocalhost%3A8000)...

Solution was simply to make sure to put the trailing slash / on the end of the uri. So redirect_uri=http://localhost:8000/ (encoded to http%3A%2F%2Flocalhost%3A8000%2F).

Again, make sure the redirect_uri is identical for both requests.

like image 42
Jason Avatar answered Oct 10 '22 02:10

Jason
Sign in to Comment

Related questions

PHP is_null() and ==null [duplicate]
Is it possible to use xdebug on Ubuntu?
How useful is PHP CodeSniffer? Code Standards Enforcement in General? [closed]
Export MySQL database using PHP [closed]
How to solve a timeout error in Laravel 5
How to access PHP variables in JavaScript or jQuery rather than <?php echo $variable ?> [duplicate]
Remove a child with a specific attribute, in SimpleXML for PHP
Method Illuminate\Translation\Translator::getFromJson does not exist
Adding 1 hour to time variable
PHP How do I round down to two decimal places?
Detect bad json data in PHP json_decode()?
how to use php DateTime() function in Laravel 5
what does mysql_real_escape_string() really do?
glob() - sort array of files by last modified datetime stamp
limit text length in php and provide 'Read more' link
adding 30 minutes to datetime php/mysql
Check if number is decimal
WooCommerce - Remove downloads from menu in my account page
CSV to Associative Array
How to skip the 1st key in an array loop?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!