How to fix 'Facebook has detected MyApp isn't using a secure connection to transfer information.' error in Laravel

Asked 6/8, 2019 at 9:10 Answered 27/6, 2021 at 8:19

laravel facebook-graph-api facebook-login laravel-socialite

I am trying to connect my app to facebook login with Laravel and socialite package.But i don't know why facebook show me this error. I searched internet but i couldn't find anything .How can i fix this error ?

I thought that if i make my connection with https it will work but after making https again error appears.

My code in laravel:

web.php

Route::get('login/{provider}', 'SocialController@redirect');
Route::get('login/{provider}/callback','SocialController@Callback');

SocialController.php

    public function redirect($provider)
    {
        return Socialite::driver($provider)->redirect();
    }

    public function Callback($provider){

        $userSocial =   Socialite::driver($provider)->stateless()->user();
        $users       =   User::where(['email' => $userSocial->getEmail()])->first();
        if($users){
            Auth::login($users);
            return redirect('/');
        }else{$user = User::create([
                'username'          => $userSocial->getName(),
                'email'         => $userSocial->getEmail(),
                'provider_id'   => $userSocial->getId(),
                'provider'      => $provider,
            ]);
            return redirect()->route('home');
        }
    }

Coyne answered 6/8, 2019 at 9:10 Comment(12)

So “make connection with https” means what exactly - just accessing the site via https://, or did you make additional changes in the configuration? – Printery 6/8, 2019 at 9:48

@misorude, I think no i made connection with https:// but facebook show error again. Maybe this error mean something different – Coyne 6/8, 2019 at 10:9

So what does the address bar show when you try to call the login dialog - the value of the redirect_uri parameter, is that actually an HTTPS URL? – Printery 6/8, 2019 at 10:12

when i try to login uri is like that facebook.com/v3.0/dialog/… I think u are right because in the uri http written – Coyne 6/8, 2019 at 11:4

Probably just need to modify the configuration accordingly then, laravel.com/docs/5.8/socialite#configuration – Printery 6/8, 2019 at 11:8

thanks a lot .i change FACEBOOK_URL in .env this error solved . But now i have new error do u know solution of this i.imgur.com/7OGEQ1A.png? – Coyne 6/8, 2019 at 11:14

You need to modify your settings in the app dashboard accordingly as well. – Printery 6/8, 2019 at 11:16

@misorude, thanks bro . Everything works now. U helped me a lot i was searching it two days – Coyne 6/8, 2019 at 11:34

Does this answer your question? facebook login on localhost without https – Teepee 11/12, 2019 at 23:20

Yes. It helped me solve this problem. – Coyne 20/12, 2019 at 9:4

@MammadliAnar, but how can you force facebook to use https for redirect instead of http (which it uses now?) – Hofuf 2/7, 2020 at 16:30

I think problem was in generated link. Check .env file and correct http in there – Coyne 14/7, 2020 at 18:1

You can do "Create Test App" and replace your App ID and Secret using the test app.

Angelesangelfish answered 27/6, 2021 at 8:19 Comment(1)

this solved it for me. – Jaunitajaunt 25/9, 2021 at 11:16

The simple answer is - Facebook will send sensitive data to provided redirect_uri, so it is ensuring this connection is private, by forcing you to use valid SSL.

As long as you do not setup a valid domain with proper certificate, Facebook won't let you use production API.

Gantry answered 5/10, 2020 at 19:50 Comment(1)

Where is this redirect_uri defined? I have a https ssl secure domain put in the App Domains, Site URL, Domains and Valid OAuth Redirect URIs in the Facebook console but it still uses redirect_uri=http://domain instead of https – Uzbek 6/1, 2021 at 17:25

It looks like time expiration. I've just created another Facebook app and it works without that error.

Tachymetry answered 30/5, 2021 at 14:4 Comment(0)

You can use ngrok to make your localthost https. download and run ngrok.exe.

Then run command ngrok.exe http {port}. In most cases, it will be 8000.

Ritual answered 1/10, 2020 at 12:8 Comment(1)

Secure endpoint via ngrok required a paid plan. – Bethany 15/7, 2021 at 16:49

-6

In case of angular : try to serve your app in secured socket layer true mode as Facebook is detecting insecure connection

Use the following command:

ng serve --ssl true

Reta answered 21/2, 2020 at 10:31 Comment(0)

Recommended topics

Hot tags