CODEWITHSUNDEEP
javafacebookfacebook-graph-apihttp-redirectoauth
ameykpatil
ameykpatil

Reputation: 601

Facebook OAuth redirect_uri Issue

I am trying to build authentication flow in our app for facebook in java. I am using facebook4j library.

My corresponding code is as follows -

public String authenticate() throws IOException {
    Facebook facebook = new FacebookFactory().getInstance();
    String redirectURL = facebook.getOAuthAuthorizationURL("http://localhost:9099/default/facebook/verify.html");
    servletResponse.sendRedirect(redirectURL);
    return null;
}

public String verify() throws Exception {
    String code = servletRequest.getParameter("code");
    Facebook facebook = new FacebookFactory().getInstance();
    AccessToken accessToken = facebook.getOAuthAccessToken(code);
    String token = accessToken.getToken();
    servletResponse.getWriter().write(token);
    return null;
}

I am getting error after redirection on this line -

AccessToken accessToken = facebook.getOAuthAccessToken(code);

The error is as follows -

FacebookException{statusCode=400, errorType='OAuthException', errorMessage='redirect_uri isn't an absolute URI. Check RFC 3986.', errorCode=191, errorSubcode=-1, version=2.2.2}
    at facebook4j.internal.http.HttpClientImpl.request(HttpClientImpl.java:179)
    at facebook4j.internal.http.HttpClientWrapper.request(HttpClientWrapper.java:65)
    at facebook4j.internal.http.HttpClientWrapper.get(HttpClientWrapper.java:97)
    at facebook4j.auth.OAuthAuthorization.getOAuthAccessToken(OAuthAuthorization.java:107)

redirectURL that I am getting from facebook in first call is -

https://www.facebook.com/dialog/oauth?client_id=4161XXXXXX6389&redirect_uri=http%3A%2F%2Flocalhost%3A9099%2Fdefault%2Ffacebook%2Fverify.html&scope=email,public_profile,user_friends

tried without using encoding too -

https://www.facebook.com/dialog/oauth?client_id=4161XXXXXX6389&redirect_uri=http://localhost:9099/default/facebook/verify.html&scope=email,public_profile,user_friends

It is redirecting properly to 'verify' having url something like -

http://localhost:9099/default/facebook/verify.html?code=AQCE4aaIpE_c94J3NVNjge_YL_OP84vPIgUauvfRRXNCj_FOK8U2kfSxfKGrjWnFL1dqMeM8q22M6UaVbGsTpTQOQmjxYILdFHKFiSFd0Ycf_ByBE9rNX_yxvFnJ3RNLf7bjCT4C1uXuuqCXHZjVNN1lBb3LWUHz7eNkq0r8K14x7ZEVIWjbll-Vqys1FZuCIVDBrI4StoYkZR1rpCsoSqq7VdCIX3zawnw_nbPZBZU7iUeZJiBbahYjWkHIn47b9AQb3hZxxpe4xxXHXfDsP_h2fhC1YYioJbwGq4QbnWpUrP7aF-0Q_wF71zn4txCQLd4#=

facebook4j.properties

oauth.appId=416XXXXXXXXX389
oauth.appSecret=9ed3XXXXXXb6acXXXXXXXXc7acXXXX5
oauth.permissions=email,public_profile,user_friends

My Facebook App basic settings are -

enter image description here

The important advanced settings are -

enter image description here

I am totally aware that similar question has been posted earlier multiple times. I have gone through almost every question & I tried almost everything suggested to resolve this issue. But due to some reason it is not working. I decided to post my problem here after spending 3 days on the same issue.

I would highly appreciate if someone points out where exactly am I going wrong.

Upvotes: 0

Views: 1266

Answers (1)

C3roe
C3roe

Reputation: 96306

The redirect_uri parameter has to be specified when exchanging the code for a token as well (and has to be the same as specified earlier in the login dialog call).

I’d assume that since you are using new FacebookFactory().getInstance() in your second method, that is not the case. Take a look at the basic implementation here, https://github.com/roundrop/facebook4j-oauth-example/tree/master/src/main/java/facebook4j/examples/signin

In SignInServlet, the Facebook object instance is stored into the session, and then in CallbackServlet that same instance is retrieved and used again. Therefor, it still holds the redirect_uri value that was initially used when the Auth dialog was called, and will re-use that same value when exchanging the code for a token.

Upvotes: 1

Related Questions