Facebook authentication does not work

Author: Eugeniy Marilev
Date of publication: 2014-05-06 10:33:35
It's dedicated to all the lucky developers, who had an experience working with such a platform like Facebook... Facebook authentication uses oAuth2.0. Anyone can register a web or mobile application in the system. User authentication is performed according to the scheme described in the documentation of Facebook. Next thing I am going to do is to tell the most common mistakes associated with the authentication to the platform.

Facebook Auth option «base_domain»

My application works through this same scheme. To implement the server-side authentication for my site I used Facebook PHP SDK 3.0. Everything worked fine until one day it crashed, and there were not implemented any changes at that on the production-version. After several hours of work it turned out that the Facebook API developers, without telling anyone, added some, perhaps only they needed, functional in the authentication mechanism. It is known that there is a parameter that is used for authentication as an intermediate - «redirect_url». One of the prerequisites for a chain of authorization - redirect_url option should not be changed, otherwise the authentication will fail. It happens because Facebook gives «code» parametr, which is encrypted with a certain algorithm parameters, including «redirect_url». Consider the source files of Facebook PHP SDK. File base_facebook.php:
/**
   * List of query parameters that get automatically dropped when rebuilding
   * the current URL.
   */
   protected static $DROP_QUERY_PARAMS = array(
      'code',
      'state',
      'signed_request'
   );
In the process of authentication SDK adds«redirect_url» to the forwarding address. The parameter «redirect_url» is shaped by function getCurrentUrl (), which ignores parameters listed in the example above in the process of URL formation. So the reason was that developers have added one more parameter in the authentication process. Yes, this unfortunate option «base_domain». Let's treat the problem quickly:
/**
   * List of query parameters that get automatically dropped when rebuilding
   * the current URL.
   */
   protected static $DROP_QUERY_PARAMS = array(
      'code',
      'state',
      'signed_request',
      'base_domain'
   );

Authentication does not work in Internet Explorer

If to use the Facebook Javascript SDK as the authentication engine, then the minimum width of the site pages instantly set to the value of 575px. If you do not believe me - apparently you do not develop mobile versions of sites. More details on how to remove the restriction of the width here. So, users attempting to overcome this limitation is to change the styling of the block-read:
<div id="fb-root"></div>
Please do not do it. Do not change the width of it with css, js, and even do not try to make it invisible. That's because the problems of authentication in Internet Explorer arise. Symptoms are the following - after the form of authentication and authorization data entry is opened - javascript error pops up, and authentication is interrupted. This bug, in fact, is not related to IE. The problem is that in other browsers it is skipped.
Article comments
Comments:
No results found.
Only logged users can leave comments.