Unexpected App Id using Facebook PHP SDK API

Question

This is my login script:

<?php
// session não são nativas, precisa iniciar.
session_start();
date_default_timezone_set('America/Sao_Paulo');
require_once '/home/mywebsite/lab/vendor/autoload.php';

// por algum motivo não está aceitando a referência via __DIR__
//require_once __DIR__ . '/vendor/autoload.php';

$fb = new Facebook\Facebook([
  'app_id' => '999999999999999',
  'app_secret' => 'removed',
  'default_graph_version' => 'v2.4',
]);

$helper = $fb->getRedirectLoginHelper();

$permissions = ['email']; // Optional permissions
//$loginUrl = $helper->getLoginUrl('https://www.mywebsite.com.br/lab/?secao=meusPedidos', $permissions);
$loginUrl = $helper->getLoginUrl('https://www.mywebsite.com.br/lab/fb-callback.php', $permissions);

echo '<a href="' . htmlspecialchars($loginUrl) . '">Log in with Facebook!</a>';

?>

This is my callback script:

<?php
session_start();
date_default_timezone_set('America/Sao_Paulo');
require_once '/home/mywebsite/lab/vendor/autoload.php';

$fb = new Facebook\Facebook([
  'app_id' => '999999999999999',
  'app_secret' => 'removed',
  'default_graph_version' => 'v2.4',
]); 

$helper = $fb->getRedirectLoginHelper();  

try {  
  $accessToken = $helper->getAccessToken();  
} catch(Facebook\Exceptions\FacebookResponseException $e) {  
  // When Graph returns an error  
  echo 'Graph returned an error: ' . $e->getMessage();  
  exit;  
} catch(Facebook\Exceptions\FacebookSDKException $e) {  
  // When validation fails or other local issues  
  echo 'Facebook SDK returned an error: ' . $e->getMessage();  
  exit;  
}  

if (! isset($accessToken)) {  
  if ($helper->getError()) {  
    header('HTTP/1.0 401 Unauthorized');  
    echo "Error: " . $helper->getError() . "\n";
    echo "Error Code: " . $helper->getErrorCode() . "\n";
    echo "Error Reason: " . $helper->getErrorReason() . "\n";
    echo "Error Description: " . $helper->getErrorDescription() . "\n";
  } else {  
    header('HTTP/1.0 400 Bad Request');  
    echo 'Bad request';  
  }  
  exit;  
}  

// Logged in  
echo '<h3>Access Token</h3>';  
var_dump($accessToken->getValue());  

// The OAuth 2.0 client handler helps us manage access tokens  
$oAuth2Client = $fb->getOAuth2Client();  

// Get the access token metadata from /debug_token  
$tokenMetadata = $oAuth2Client->debugToken($accessToken);  
echo '<h3>Metadata</h3>';  
var_dump($tokenMetadata);  

// Validation (these will throw FacebookSDKException's when they fail)  
$tokenMetadata->validateAppId($config['app_id']);  
// If you know the user ID this access token belongs to, you can validate it here  
// $tokenMetadata->validateUserId('123');  
$tokenMetadata->validateExpiration();   

if (! $accessToken->isLongLived()) {  
  // Exchanges a short-lived access token for a long-lived one  
  try {  
    $accessToken = $oAuth2Client->getLongLivedAccessToken($accessToken);  
  } catch (Facebook\Exceptions\FacebookSDKException $e) {  
    echo "<p>Error getting long-lived access token: " . $helper->getMessage() . "</p>";  
    exit;  
  } 
  echo '<h3>Long-lived</h3>';  
  var_dump($accessToken->getValue());  
}

$_SESSION['fb_access_token'] = (string) $accessToken;  

// User is logged in with a long-lived access token.  
// You can redirect them to a members-only page.  
// header('Location: https://example.com/members.php');
?>

I'm trying to use the login with FB-PHP-SDK but a getting this following error:

Access Token

string(213) "my acess token" Metadata

object(Facebook\Authentication\AccessTokenMetadata)#13 (1) { ["metadata":protected]=> array(7) { ["app_id"]=> string(16) "9999999999999999" ["application"]=> string(11) "MYAPPLICATION" ["expires_at"]=> object(DateTime)#17 (3) { ["date"]=> string(26) "2015-12-11 14:22:41.000000" ["timezone_type"]=> int(3) ["timezone"]=> string(17) "America/Sao_Paulo" } ["is_valid"]=> bool(true) ["issued_at"]=> object(DateTime)#18 (3) { ["date"]=> string(26) "2015-10-12 13:22:41.000000" ["timezone_type"]=> int(3) ["timezone"]=> string(17) "America/Sao_Paulo" } ["scopes"]=> array(2) { [0]=> string(5) "email" [1]=> string(14) "public_profile" } ["user_id"]=> string(17) "10155038971395478" } } Fatal error: Uncaught exception 'Facebook\Exceptions\FacebookSDKException' with message 'Access token metadata contains unexpected app ID.' in /home/storage/5/d8/87/mywebsite/lab/vendor/facebook/php-sdk-v4/src/Facebook/Authentication/AccessTokenMetadata.php:329 Stack trace: #0 /home/storage/5/d8/87/mywebsite/public_html/lab/fb-callback.php(53): Facebook\Authentication\AccessTokenMetadata->validateAppId(NULL) #1 {main} thrown in /home/storage/5/d8/87/mywebsitelab/vendor/facebook/php-sdk-v4/src/Facebook/Authentication/AccessTokenMetadata.php on line 329

How do I to fix it?

I noticed that the problem is in:

$tokenMetadata->validateAppId($config['app_id']);

Answer 1

The variable $config['app_id'] is undefined, use the app id directly:

$tokenMetadata->validateAppId(YOU_APP_ID);