laravel4 hybridauth facebook Authentication failed! Facebook returned an invalid user id

N

10

5

OK, I'm trying to use Hybridauth with laravel 4. However I seem to be getting the very common when trying to log in with facebook:

Authentication failed! Facebook returned an invalid user id.

I have read all the other posts, and have had no luck, so just hoping someone may be able to help me.

I followed this tutorial: http://www.mrcasual.com/on/coding/laravel4-package-management-with-composer/

And have tried several other configurations to no success.

Here is my config/hybridauth.php

<?php
return array(
    "base_url"   => "http://myapp.dev/social/auth/",
    "providers"  => array (
        "Facebook"   => array (
            "enabled"    => true,
            "keys"       => array ( "id" => "****", "secret" => "****" ),

        ),
    ),
);

And here is my route:

Route::get('social/{action?}', array("as" => "hybridauth", function($action = "")
{
    // check URL segment
    if ($action == "auth") {
        // process authentication
        try {
            Hybrid_Endpoint::process();
        }

        catch (Exception $e) {
            // redirect back to http://URL/social/
            return Redirect::route('hybridauth');
        }
        return;
    }

    try {
        // create a HybridAuth object
        $socialAuth = new Hybrid_Auth(app_path() . '/config/hybridauth.php');
        // authenticate with Facebook
        $provider = $socialAuth->authenticate("Facebook");
        // fetch user profile
        $userProfile = $provider->getUserProfile();
    }

    catch(Exception $e) {
        // exception codes can be found on HybBridAuth's web site
        return $e->getMessage();
    }

    // access user profile data
    echo "Connected with: <b>{$provider->id}</b><br />";
    echo "As: <b>{$userProfile->displayName}</b><br />";
    echo "<pre>" . print_r( $userProfile, true ) . "</pre><br />";

    // logout
    $provider->logout();
}));

So, when I access "myapp.dev/social" I'm brought to the facebook sign up page everthing seems to work fine, asks me to allow permissions to myadd.dev. After I click OK I am brought to the following URL: http://myapp.ie/social#_=_ where the error is displayed.

Not sure if this is relevant: Just from observing other sites that in-cooperate a facebook login.. the redirect URL looks something like http://somesite.dev/subdomain/#_=_ . In other words they have a slash before the #=. Is this my problem, how do I fix it?? Very new to hybridauth so any help greatly appreciated thanks.

Oh I do realize that this post is very similar to other posts but I have yet to find a solution.

UPDATE: the exact error: Authentification failed. The user has canceled the authentication or the provider refused the connection.

Neoplasticism answered 7/7, 2013 at 19:41 Comment(3)

I've noticed that this problem only happens in firefox (23.0.1 win) (for me at least).. might be some help – Cornew 10/9, 2013 at 8:6

Facing the same issue. I have tried all the below mentioned things, but still stuck! I separately tested facebook-php-sdk (github.com/facebook/facebook-php-sdk) and the example in that works just well. – Erv 26/10, 2013 at 22:22

Try the solution mentioned here https://mcmap.net/q/2035283/-hybridauth-php-facebook-sdk-authentication-failed-getuser-returns-0 – Shawana 15/11, 2013 at 12:9

N

6

In base_facebook.php do following

  public static $CURL_OPTS = array(
    CURLOPT_CONNECTTIMEOUT => 50,
    CURLOPT_RETURNTRANSFER => true,
    CURLOPT_TIMEOUT        => 60,
    CURLOPT_USERAGENT      => 'facebook-php-3.2',
    CURLOPT_SSL_VERIFYPEER => false,
    CURLOPT_SSL_VERIFYHOST => false,
  );

  protected $trustForwarded = true;
  protected $allowSignedRequest = false;

Niemeyer answered 22/11, 2013 at 14:33 Comment(3)

CURLOPT_SSL_VERIFYPEER => false AND CURLOPT_SSL_VERIFYHOST => false -these lines of code mentioned everywhere, but these: protected $trustForwarded = true; AND protected $allowSignedRequest = false; were new for us... and they just saved our lives! So pay attention to $trustForwarded setting! Thanks! – Trousers 30/6, 2014 at 19:31

for laravel 4 hybridauth config i used this return array( "base_url" => "example.com.ph/social/auth", "providers" => array ( "Facebook" => array ( "enabled" => true, "trustForwarded" => true, "allowSignedRequest" => false, "keys" => array ( "id" => "xxx", "secret" => "xxx" ), "scope" => "email", "display" => "page" ) ) ); – Variety 8/8, 2014 at 7:59

this answer worked for me! don t forget to set $trustForwarded and $allowSignedRequest as written in the answer – Inequality 9/8, 2014 at 20:54

V

1

CURLOPT_SSL_VERIFYPEER => false, CURLOPT_SSL_VERIFYHOST => false

at modules/hybridauth/Hybrid/thirdparty/Facebook/base_facebook.php:128

solved!

Vinitavinn answered 28/2, 2014 at 11:35 Comment(0)

N

0

For anyone else this is what worked for me: I reset app secret and now works great. No idea why my first app secret key did not work. Spent a ridiculous amount of time trying to fix this error.

Neoplasticism answered 7/7, 2013 at 23:40 Comment(0)

S

0

Had this error in the past. Solved by modyfying Hybridauth's code myself.

In thirdparty/Facebook/base_facebook.php make sure $CURL_OPTS array uses: CURLOPT_SSL_VERIFYPEER => false
In my case I was closing session files for performance improvements so I added: session_start() inside Storage.php wherever HA::STORE session var is being updated/unset.

Let me know if it helps.

Stewpan answered 8/7, 2013 at 1:21 Comment(0)

A

0

CURLOPT_SSL_VERIFYPEER => false & resetting my app secret key didn't work for me. I was getting this error because of some conflict with privileges I had previously setup. Removing the app from my facebook account did the trick (under privacy settings -> apps).

Azygous answered 14/8, 2013 at 19:58 Comment(0)

P

0

REMOVE THE TRAILING SLASH !!! (in config/hybridauth.php)

"base_url" => "http://myapp.dev/social/auth/",

should be

"base_url" => "http://myapp.dev/social/auth",

Puto answered 25/8, 2013 at 10:52 Comment(1)

In the config/hybridauth.php file. – Puto 10/9, 2013 at 8:35

A

0

My case was a little bit more specific, but just in case: Be carefull with redirects!

I had an SSL Certificate installed and a redirect to force the user over https, but when I first configured HybridAuth I didn't took this into account. The facebook request was being redirected over to https causing the $_REQUEST data to be lost in the process.

For me the change was, in Hybrid/config.php:

"base_url" => "http://my-site.com/"

to

"base_url" => "https://my-site.com/"

Ardolino answered 10/11, 2013 at 2:43 Comment(0)

B

0

I was having the same issue (although using HybridAuth on Yii) and turns out my app on Facebook was still in Sandbox mode. No source code changes needed on HybridAuth, just needed to turn off Sandbox Mode for the app and suddenly everything worked. Hope this helps.

Biome answered 28/11, 2013 at 2:3 Comment(1)

#20706822 – Modernism 19/3, 2014 at 22:42

Y

0

This happened to me because my SSL is terminated in AWS's load balancer

Just update the config file in your app/config to include the trustForwarded setting

<?php

return array(
    'base_url'   => 'http://website.com/oauth/auth',
    'providers'  => array (
        'Facebook'   => array (
            'enabled'    => true,
            'keys'       => array ( 'id' => 'redacted', 'secret' => 'redacted' ),
            'trustForwarded' => true,
        ),
    ),
);

Yachting answered 29/9, 2014 at 9:36 Comment(0)

W

0

I had the exact same error message on a wordpress installation using Hybridauth. To find the problem I set up an isolated test with the Facebook PHP SDK (which Hybridauth uses) just to find out that curl_exec was not enabled on my host. Happily, an easy fix.

If you are on apache open you php.ini and delete curl_exec from this line:

disable_functions = curl_exec

Reload your apache configuration and voila :)

Hope this will help somebody.

Whortleberry answered 1/2, 2016 at 19:17 Comment(0)

Recommended topics

Hot tags