Login/Register
OAuthException: redirect_uri isn't an absolute URI. Check RFC 3986 (Symfony)
Asked Answered
phpfacebooksymfonyoauthsymfony-3.2
H

1

9

I would like to add facebook login option to my website, following this tutorial. I did everything as it is in the tutorial, but I still get this error:

OAuthException: redirect_uri isn't an absolute URI

How is it possible to solve it?

This urls are generated by the facebookOAuthProvider. The website is not on localhost. It runs on a webserver, with https.

This is the relevant code:

    // redirect to Facebook
    $facebookOAuthProvider = $this->get('app.facebook_provider');
    $url = $facebookOAuthProvider->getAuthorizationUrl([
        // these are actually the default scopes
        'scopes' => ['public_profile', 'email'],
    ]);

    return $this->redirect($url);

It redirects to this url:

https://www.facebook.com/v2.3/dialog/oauth?scopes[0]=public_profile&scopes[1]=email&state=...&scope=public_profile,email&response_type=code&approval_prompt=auto&redirect_uri=/connect/facebook-check&client_id=...

The redirect_uri is indeed not an absolute url. But how is it possible to fix it?

Edit

If I add 'redirect_uri' => [$redir] then the url looks like this:

https://www.facebook.com/v2.3/dialog/oauth?scopes%5B0%5D=public_profile&scopes%5B1%5D=email&scopes%5B2%5D=user_location&redirect_uri%5B0%5D=https%3A%2F%2Fexample.com%2Fconnect%2Ffacebook-check&state=...&scope=public_profile%2Cemail&response_type=code&approval_prompt=auto&client_id=...

I can see the absolute redirect_uri in the generated url, but I still get this error, if I navigate to it

Redir is defined as:

$redir = $this->generateUrl('connect_facebook_check', array(), UrlGeneratorInterface::ABSOLUTE_URL);

Edit2

If I replace [$redir] with $redir then facebook redirects me correctly to /connect/facebook-check with a code, but I get a OAuthException: redirect_uri isn't an absolute URI. Check RFC 3986 there.

Heer answered 26/7, 2017 at 11:43 Comment(8)
I see you put a bounty on https://mcmap.net/q/1320504/-symfony3-facebook-login-redirect_uri-url-gets-converted-to-relative/1427878 ... does your service configuration look similar to the one used there? I guess you will have to pass UrlGeneratorInterface::ABSOLUTE_URL into the URL generation process somehow, otherwise it will create relative URLs by default when the protocol, domain and port match. symfony.com/doc/current/routing.html#generating-absolute-urlsElnoraelnore
If I add 'redirect_uri' => [$redir], then I can see the absolute redirect_uri in the generated url, but I still get this error, if I navigate to itHeer
Maybe the url is encoded wrongHeer
Can you show what the full generated login dialog URL looks like?Elnoraelnore
I edited the questionHeer
"I can see the absolute redirect_uri in the generated url, but I still get this error, if I navigate to it" - is the "original" version of that parameter still present at a later position in the query string? Then it would "overwrite" the one you see. And what's going on with the scopes parameter, that looks weird as well - first using scopes[0], scopes[1] to pass values as an array, followed by just scopes and a comma-separated list of permissions ...Elnoraelnore
This is the full url. There are two id's in it, which were replaced by ...Heer
@IterAtor Can you double check the error after you have made the absolute URL work? The URL you provide also needs to be registered with the OAuth provider as a valid callback URL before this will workOpinionated
M
1

I don't know where you got the example code, but certainly not from the linked tutorial.

Facebook authorization is based on the fact that you generate a link to FB, the user goes to the FB and authorizes himself, and then the FB server redirects it back to you (along with whether or not it is authorized).

FB does not guess where to redirect user after login. You need to give him a full path with http(s) and the server name (and if I remember correctly, it is also compatible with that saved in the FB app)

The attached tutorial requires writing a controller with 2 methods (output and return) and corresponding entries in the configuration.

If you use this, then see how you have configured the provider. What is in redirectUri?

Mohave answered 9/10, 2017 at 16:40 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.