All geek questions in one place

Facebook PHP / JS Sdk This authorization code was used

I am using Facebook php js sdk.

I connected to facebook using js sdk. The entrance is working fine.

and i have php part.

private $helper, $api_id, $app_secret, $session; .... FacebookSession::setDefaultApplication($this->api_id, $this->app_secret); $this->helper = new FacebookJavaScriptLoginHelper(); try { $this->session = $this->helper->getSession(); } catch (FacebookRequestException $ex) { log_message('error', 'Facebook e1 :' . $ex->getCode()); log_message('error', 'Facebook e1 :' . $ex->getMessage()); } catch (\Exception $ex) { log_message('error', 'Facebook e2 :' . $ex->getCode()); log_message('error', 'Facebook e2 :' . $ex->getMessage()); } if ($this->session) { $request = (new FacebookRequest($this->session, 'GET', '/me'))->execute(); $user = $request->getGraphObject()->asArray(); return $user; } else { return false; }

when the page loads normally, I get user data without any problems.

But, for example, if I press f5 several times to refresh the page, I get the error message "This authorization code has been used." or "This authorization code has expired." and user data is empty.

The idea is to log in using js, and to use the php part for verification, the user logs in to facebook or not.

I am using the latest php sdk for facebook: https://github.com/facebook/facebook-php-sdk-v4

Thanks.

+6
source share
2 answers

There are several ways to fix this.

1) You must update the access token in the cookie every time, FB does not do this automatically. Therefore, do not forget to specify FB.init with the status: true parameter.

  FB.init({ appId : window.fbId, cookie : true, status : true, version : 'v2.3' });

Then, when you refresh each page, you should call FB.getLoginStatus(); regardless of whether you are already connected to Facebook.

This does not work if your application needs to make some ajax calls - simply because the access token is not updated when you do ajax (unless you call FB.getLoginStatus(); before each ajax call - and this overflows).

2) It is better to store the access token in the session after connecting the user through the FB JS SDK. PHP code might look like this:

  try { $fbToken = isset($_SESSION['fbToken']) ? $_SESSION['fbToken'] : NULL; if ($fbToken !== NULL) { $session = new \Facebook\FacebookSession($fbToken); } else { $helper = new FacebookJavaScriptLoginHelper(); $session = $helper->getSession(); } } catch(\Facebook\FacebookRequestException $ex) { log_message('error', 'Facebook e1 :' . $ex->getCode()); log_message('error', 'Facebook e1 :' . $ex->getMessage()); } catch(\Exception $ex) { log_message('error', 'Facebook e2 :' . $ex->getCode()); log_message('error', 'Facebook e2 :' . $ex->getMessage()); } if ($session) { $accessToken = $session->getAccessToken(); $longLivedAccessToken = $accessToken->extend(); $_SESSION['fbToken'] = $longLivedAccessToken; $request = (new FacebookRequest($session, 'GET', '/me'))->execute(); $user = $request->getGraphObject()->asArray(); return $user; } else { return FALSE; } }

Hope I really helped ... Greetings.

+3
source

Delete browser history, cookies that caused you to test your session before this happened, have some bad values

-1
source

Source: https://habr.com/ru/post/975926/

More articles:


All Articles