I was looking for docs on official page but there is no anything helpful, so i build this code and it don't work.
FacebookSession::setDefaultApplication('app-id', 'app-secret');
$helper = new \Facebook\FacebookRedirectLoginHelper('http://my-return-url');
if (isset($_SESSION['token'])) {
$session = new FacebookSession($_SESSION['token']);
if (!$session->validate()) {
$session = null;
}
} else {
try {
$session = $helper->getSessionFromRedirect();
} catch(FacebookRequestException $ex) {
die("Oops! :/");
} catch(Exception $ex) {
die($ex->message());
}
}
if (isset($session)) {
$_SESSION['token'] = $session->getToken();
$session = new FacebookSession($session->getToken());
$request = new FacebookRequest($session, 'GET', '/me');
$response = $request->execute();
$graphObject = $response->getGraphObject()->asArray();
echo '<pre>';
print_r($graphObject);
echo '</pre>';
} else {
echo 'Login';
}
I think the problem is in SDK but i'm not sure. I always get this error:
Fatal error: Uncaught exception 'Facebook\FacebookSDKException' with message 'Session has expired, or is not valid for this app.' in /var/www/html/Facebook/FacebookSession.php:238 Stack trace: #0 /var/www/html/Facebook/FacebookSession.php(216): Facebook\FacebookSession::validateSessionInfo(Object(Facebook\GraphSessionInfo), 'my-app-id', 'app-secret...') #1 /var/www/html/verify.php(98): Facebook\FacebookSession->validate() #2 {main} thrown in /var/www/html/Facebook/FacebookSession.php on line 238
I also tried through incognito mode tried setting up new app but always i get this error.
I agree, FB documentations are pretty bad. Also, they are frequently changing thier SDK versions, a few days back they release v 4.0.5. Try this ->
<?php
// include required files form Facebook SDK
// added in v4.0.5
require_once( 'Facebook/FacebookHttpable.php' );
require_once( 'Facebook/FacebookCurl.php' );
require_once( 'Facebook/FacebookCurlHttpClient.php' );
// added in v4.0.0
require_once( 'Facebook/FacebookSession.php' );
require_once( 'Facebook/FacebookRedirectLoginHelper.php' );
require_once( 'Facebook/FacebookRequest.php' );
require_once( 'Facebook/FacebookResponse.php' );
require_once( 'Facebook/FacebookSDKException.php' );
require_once( 'Facebook/FacebookRequestException.php' );
require_once( 'Facebook/FacebookOtherException.php' );
require_once( 'Facebook/FacebookAuthorizationException.php' );
require_once( 'Facebook/GraphObject.php' );
require_once( 'Facebook/GraphSessionInfo.php' );
// added in v4.0.5
use Facebook\FacebookHttpable;
use Facebook\FacebookCurl;
use Facebook\FacebookCurlHttpClient;
// added in v4.0.0
use Facebook\FacebookSession;
use Facebook\FacebookRedirectLoginHelper;
use Facebook\FacebookRequest;
use Facebook\FacebookResponse;
use Facebook\FacebookSDKException;
use Facebook\FacebookRequestException;
use Facebook\FacebookOtherException;
use Facebook\FacebookAuthorizationException;
use Facebook\GraphObject;
use Facebook\GraphSessionInfo;
// start session
session_start();
// init app with app id and secret
FacebookSession::setDefaultApplication( 'xxx','yyy' );
// login helper with redirect_uri
$helper = new FacebookRedirectLoginHelper( 'http://yourwebsite.com/app/' );
// see if a existing session exists
if ( isset( $_SESSION ) && isset( $_SESSION['fb_token'] ) ) {
// create new session from saved access_token
$session = new FacebookSession( $_SESSION['fb_token'] );
// validate the access_token to make sure it's still valid
try {
if ( !$session->validate() ) {
$session = null;
}
} catch ( Exception $e ) {
// catch any exceptions
$session = null;
}
} else {
// no session exists
try {
$session = $helper->getSessionFromRedirect();
} catch( FacebookRequestException $ex ) {
// When Facebook returns an error
} catch( Exception $ex ) {
// When validation fails or other local issues
echo $ex->message;
}
}
// see if we have a session
if ( isset( $session ) ) {
// save the session
$_SESSION['fb_token'] = $session->getToken();
// create a session using saved token or the new one we generated at login
$session = new FacebookSession( $session->getToken() );
// graph api request for user data
$request = new FacebookRequest( $session, 'GET', '/me' );
$response = $request->execute();
// get response
$graphObject = $response->getGraphObject()->asArray();
// print profile data
echo '<pre>' . print_r( $graphObject, 1 ) . '</pre>';
// print logout url using session and redirect_uri (logout.php page should destroy the session)
echo 'Logout';
} else {
// show login url
echo 'Login';
}
Source
Steps to avoiding PHP facebook SDK 4.0 login error
First install composer in your PC if your are using windows OS.
Download facebook SDK 4.0 and rename what ever you want (Like: fbsdk).
Run Command prompt and locate your recently downloaded sdk folder.
Check if there are composer.json file exist or not
if composer.json file exist then type this command:
composer install otherwise you have create new file composer.json in same folder with following code: {
"require" : {
"facebook/php-sdk-v4" : "4.0.*"
}
}
If you will type correct command as above mentioned in line number 5 then you will get this message : Loading composer repositories with package information Installing dependencies (including require-dev).
Create index.php file and include autoload.php top of the file.
For example follow the sample codes for login with facebook
session_start();
require_once('/home3/users/public_html/fbsdk/vendor/autoload.php');
use Facebook\FacebookSession;
use Facebook\FacebookRequest;
use Facebook\GraphUser;
use Facebook\FacebookRequestException;
use Facebook\FacebookRedirectLoginHelper;
FacebookSession::setDefaultApplication(YOUR APP_ID, YOUR SECRET_KEY);
$helper = new FacebookRedirectLoginHelper('http://example.com/fbsdk/login.php');
if(isset($_SESSION['access_token'])) {
$access_token = $_SESSION['access_token'];
$session = new FacebookSession($access_token);
} else {
unset($_SESSION['access_token']);
try {
$session = $helper->getSessionFromRedirect();
if($session)
$_SESSION['access_token'] = $session->getToken();
} catch(FacebookRequestException $ex) {
// When Facebook returns an error
} catch(Exception $ex) {
// When validation fails or other local issues
}
}
if ($session) {
$request = new FacebookRequest($session, 'GET', '/me');
$response = $request->execute();
$graphObject = $response->getGraphObject();
header('Location: ./home.php');
} else {
$loginUrl = $helper->getLoginUrl();
header('Location: ' . $loginUrl);
}
Related
I made my own custom login page then trying to login to that WP user's dashboard using wp_signon() function.
function custom_login()
{
if (isset($_POST['submitlogin'])) {
$login_data = array();
$login_data['user_login'] = sanitize_user($_POST['txtEmail']);
$login_data['user_password'] = $_POST['txtPass'];
$user = wp_signon($login_data, false);
if (is_wp_error($user)) {
echo $user->get_error_message();
} else {
wp_clear_auth_cookie();
do_action('wp_login', $user->ID);
wp_set_current_user($user->ID);
wp_set_auth_cookie($user->ID, true);
$redirect_to = 'https://www.google.com/';
wp_redirect($redirect_to);
exit;
}
}
}
custom_login();
After dumping wp_set_current_user($user->ID); I can see the user's data.
Hook custom_login with init action or template_redirect action. You can redirect the page when content is already loaded.
I would like to redirect users if they are not administrators, and I do within an add_action('init'... function
However, I would like NOT to redirect users if the URL path is something like /wp-json(v1/... (so not a user but a custom REST API request)
How could I grab the requested URL and decide on that? Should I do this within the init hook?
function redirect_users()
{
global $wp;
// $url = get_url();
// if ($url === 'whatever') {
// return;
// }
if (get_current_user_id()) {
$user = get_userdata(get_current_user_id());
$user_roles = $user->roles;
if (!in_array('administrator', (array) $user_roles)) {
wp_logout();
wp_redirect($url);
exit;
}
}
}
add_action('init', '\kw_signup\redirect_non_admin_users', 15);
From the accepted answer
if (!preg_match('/^wp-json\//', $wp->request)) {
if (!get_current_user_id()) {
wp_redirect($url);
exit();
}
if (get_current_user_id()) {
$user = get_userdata(get_current_user_id());
$user_roles = $user->roles;
if (!in_array('administrator', (array) $user_roles)) {
wp_redirect($url);
exit();
}
}
}
}
add_action('parse_request', '\kw_signup\redirect_non_admin_users', 15);
I works with the hooks parse_request or template_redirect, with the former you receive the wp object as an argument
How could I grab the requested URL and decide on that?
To get the requested URL, you could use the $_SERVER superglobal. Though, in your situation, I'd prefer to use $wp->request, which includes the path part of your URL.
Should I do this within the init hook?
I'd say the most appropriate hook for redirects is template_redirect.
So, putting it all together:
<?php
namespace kw_signup;
add_action( 'template_redirect', __NAMESPACE__ . '\redirect_non_admin_users' );
function redirect_non_admin_users() {
global $wp;
// Check if the requested URL does not start with a specific string
if ( ! preg_match( '/^wp-json\//', $wp->request ) ) {
// URL is not a custom REST API request
// Check if user is an administrator, redirect, …
}
}
I'm using Google Calendar API to display events on fullcalendar (so using a json object in my view). I'm using codeigniter php framework, and I have a few functions in my controller to create a new client then I use that in the oauth2callback() function to exchange my code for an access_token then I start calling the service in gcalendar() and gcalendar_events. I have set the accessType to offline but that doesn't seem to make me access the events offline. It works great except that I'm redirected to log in again every time the session ends. I don't want that, I want them to display all the time after the session ends. I am trying to use a refresh token in case the access_token expires to see if that would fix the problem.
this is the code in my controller
function getClient() {
$client = new Google_Client();
$client->setApplicationName("DL Calendar");
$client->setAuthConfig('application/client_secrets.json');
$client->addScope('profile');
$client->setIncludeGrantedScopes(true);
$client->setAccessType('offline');
return $client;
}
function gcalendar() {
$this->load->add_package_path(APPPATH . 'vendor/autoload');
$client = $this->getClient();
//$client->setRedirectUri(site_url('calendar/index'));
$client->addScope(Google_Service_Calendar::CALENDAR);
if (isset($_SESSION['access_token']) && $_SESSION['access_token']) {
$client->setAccessToken($_SESSION['access_token']);
$access_token = $_SESSION['access_token'];
$service = new ]Google_Service_Calendar($client);
$calendar = new Google_Service_Calendar_Calendar();
//$calendarList = $service->calendarList->listCalendarList();
$calendar = $service->calendars->get('primary');
$params = array(
'owner_id' => get_current_user_id(),
'title' => get_current_user(). ' ' .'Google Calendar',
'type' => 'gcal',
'url' => $calendar->id,
);
$calendar_id = $this->Calendar_model->add_calendar($params);
redirect('calendar/index');
} else {
$redirect_uri = site_url('calendar/oauth2callback');
header('Location: ' . filter_var($redirect_uri, FILTER_SANITIZE_URL));
}
$this->session->set_flashdata('success', 'Event Successfully Added');
}
function oauth2callback() {
//Build the client object
$client = $this->getClient();
$client->addScope(Google_Service_Calendar::CALENDAR);
$service = new Google_Service_Calendar($client);
$url = parse_url($_SERVER['REQUEST_URI']); parse_str($url['query'], $params);
$code = $params['code'];
//To exchange an authorization code for an access token, use the authenticate method:
if (! isset($code)) {
$auth_url = $client->createAuthUrl();
header('Location: ' . filter_var($auth_url, FILTER_SANITIZE_URL));
} else {
$token = $client->fetchAccessTokenWithAuthCode($code);
$client->setAccessToken($token);
$client->authenticate($code);
$_SESSION['access_token'] = $client->getAccessToken();
$redirect_uri = site_url('calendar/gcalendar');
header('Location: ' . filter_var($redirect_uri, FILTER_SANITIZE_URL));
}
}
function gcalendar_events() {
$client = $this->getClient();
$client->addScope(Google_Service_Calendar::CALENDAR);
// $client->setRedirectUri(site_url('calendar/gcalendar'));
$client->setAccessType('offline'); //need calendar events to appear even if not logged in to google
if (isset($_SESSION['access_token']) && $_SESSION['access_token']) {
$client->setAccessToken($_SESSION['access_token']);
$access_token = $_SESSION['access_token'];
$service = new Google_Service_Calendar($client);
$id = 'primary';
$calendar = new Google_Service_Calendar_Calendar();
$calendar = $service->calendars->get('primary');
$event = new Google_Service_Calendar_Event();
$events = $service->events->listEvents($id);
foreach ($events->getItems() as $event) {
$startTime = strtotime($event->getStart()->dateTime) ;
$endTime = strtotime($event->getEnd()->dateTime);
$start = date('Y-m-d H:i:s', $startTime);
$end = date('Y-m-d H:i:s', $endTime);
$eventsArr[] = array(
'title' => $event->getSummary(),
'start'=> $start,
'end' => $end,
);
}
// Return a single `events` with all the `$eventsArr`
echo json_encode($eventsArr);
}
}
Is the problem in my session ending? or does the access token expire and I need a refresh token? where do I set the refresh token cause I tried putting it in more that one place and I get an error message that refresh token has to be set as part off setAccessToken. I put it all over and still got error messages.
Here is the code I used
if ($client->isAccessTokenExpired()) {
$refresh_token = $client->fetchAccessTokenWithRefreshToken($client->getRefreshToken());
$client->setAccessToken($refresh_token);
$_SESSION['access_token'] = $refresh_token;
$this->load->helper('file');
write_file('application/client_secrets.json', json_encode($client->getAccessToken()));
} else {
$access_token = $_SESSION['access_token'];
}
I just noticed that it once used to say 'grant offline access' in my authorization but now it no longer mentions that while google documentation says
"After a user grants offline access to the requested scopes, you can continue to use the API client to access Google APIs on the user's behalf when the user is offline. The client object will refresh the access token as needed."
During your first authorization with Google, you will receive a token that will expire in 3600 seconds or one hour. So you need to use refresh token to get a new working token.
It is something like this SO question.
$token = $client->getAccessToken();
$authObj = json_decode($token);
if(isset($authObj->refresh_token)) {
save_refresh_token($authObj->refresh_token);
}
Make sure you save this refresh_token.
You can update it with:
$client->refreshToken($your_saved_refresh_token);
And then set your new access token to the session:
$_SESSION['access_token'] = $client->getAccessToken();
I also suggest you to visit this quickstart of Google Calendar for PHP.
For more information, check this related SO question.
How to refresh token with Google API client?
I am the new in Facebook SDK.
my Websites login with facebook account but there's trouble
<?php
session_start();
require_once '../FacebookAPI/autoload.php';
$fb = new Facebook\Facebook([
'app_id' => '{app-id}', // Replace {app-id} with your app id
'app_secret' => '{app-secret}',
'default_graph_version' => 'v2.2',
]);
$helper = $fb->getRedirectLoginHelper();
try {
$accessToken = $helper->getAccessToken();
} catch(Facebook\Exceptions\FacebookResponseException $e) {
// When Graph returns an error
echo 'Graph returned an error: ' . $e->getMessage();
exit;
} catch(Facebook\Exceptions\FacebookSDKException $e) {
// When validation fails or other local issues
echo 'Facebook SDK returned an error: ' . $e->getMessage();
exit;
}
if (! isset($accessToken)) {
echo 'No OAuth data could be obtained from the signed request. User has not authorized your app yet.';
exit;
}
// Logged in
echo '<h3>Signed Request</h3>';
var_dump($helper->getSignedRequest());
echo '<h3>Access Token</h3>';
var_dump($accessToken->getValue());
?>
Why it shows out "No OAuth data could be obtained from the signed request. User has not authorized your app yet."
Did I miss something ? I think $accessToken is NULL But why?
i want to make WordPress plugin or if already exists please tell me
i want if user post 15 post on my WordPress site publish post to his Facebook wall with images and level and more than posts with another level
login to WordPress throw Facebook
save the access token to use it to publish offline
on save posts if equal certain number publish the post to user
time line
i do first step and this images the result
but no thing published to timeline and the code is
<?php
session_start();
require_once 'facebook/autoload.php';
$fb = new Facebook\Facebook([
'app_id' => 'xxxxxx',
'app_secret' => 'xxxxxxxxx',
'default_graph_version' => 'v2.5',
]);
$helper = $fb->getCanvasHelper();
$permissions = ['email', 'publish_actions']; // optional
try {
if (isset($_SESSION['facebook_access_token'])) {
$accessToken = $_SESSION['facebook_access_token'];
} else {
$accessToken = $helper->getAccessToken();
}
} catch(Facebook\Exceptions\FacebookResponseException $e) {
// When Graph returns an error
echo 'Graph returned an error: ' . $e->getMessage();
exit;
} catch(Facebook\Exceptions\FacebookSDKException $e) {
// When validation fails or other local issues
echo 'Facebook SDK returned an error: ' . $e->getMessage();
exit;
}
if (isset($accessToken)) {
if (isset($_SESSION['facebook_access_token'])) {
$fb->setDefaultAccessToken($_SESSION['facebook_access_token']);
} else {
$_SESSION['facebook_access_token'] = (string) $accessToken;
// OAuth 2.0 client handler
$oAuth2Client = $fb->getOAuth2Client();
// Exchanges a short-lived access token for a long-lived one
$longLivedAccessToken = $oAuth2Client->getLongLivedAccessToken($_SESSION['facebook_access_token']);
$_SESSION['facebook_access_token'] = (string) $longLivedAccessToken;
$fb->setDefaultAccessToken($_SESSION['facebook_access_token']);
}
// validating the access token
try {
$request = $fb->get('/me');
} catch(Facebook\Exceptions\FacebookResponseException $e) {
// When Graph returns an error
if ($e->getCode() == 190) {
unset($_SESSION['facebook_access_token']);
$helper = $fb->getRedirectLoginHelper();
$loginUrl = $helper->getLoginUrl('https://apps.facebook.com/xxxxxxx/', $permissions);
echo "<script>window.top.location.href='".$loginUrl."'</script>";
exit;
}
} catch(Facebook\Exceptions\FacebookSDKException $e) {
// When validation fails or other local issues
echo 'Facebook SDK returned an error: ' . $e->getMessage();
exit;
}
// posting on user timeline using publish_actins permission
try {
// message must come from the user-end
$data = ['message' => 'testing...'];
$request = $fb->post('/me/feed', $data);
$response = $request->getGraphEdge()->asArray;
} catch(Facebook\Exceptions\FacebookResponseException $e) {
// When Graph returns an error
echo 'Graph returned an error: ' . $e->getMessage();
exit;
} catch(Facebook\Exceptions\FacebookSDKException $e) {
// When validation fails or other local issues
echo 'Facebook SDK returned an error: ' . $e->getMessage();
exit;
}
echo $response['id'];
// Now you can redirect to another page and use the
// access token from $_SESSION['facebook_access_token']
} else {
$helper = $fb->getRedirectLoginHelper();
//$loginUrl = $helper->getLoginUrl('https://apps.facebook.com/xxxxxxxx/', $permissions);
$loginUrl = $helper->getLoginUrl("http://www.xxxxxx.com/facebook/index.php",$permissions);
echo "<script>window.top.location.href='".$loginUrl."'</script>";
}
help :)
i used this tutorial to solve some steps
https://www.youtube.com/watch?v=XYawdJh_mNQ