First of all, to get this out of the way, I've spent hours looking through answers to this question here on StackOverflow, and tried to solve it on my own, but it just isn't working (anymore). So anyway...
Yesterday, everything worked fine. Went to bed, woke up, login with facebook didn't work anymore on 2 of my websites. The login link sends me to the Facebook page which requires me to approve the App, but after it redirects me back to the site, it doesn't log me in. I quickly tracked the problem to getUser() always returning 0. So I set up a new (test) app with a very very basic code, just to see if that works. It doesn't. Here's the code:
<?php
session_start();
require_once("facebook.php");
$config = array();
$config['appId'] = '199971880127910'; //test app so I don't mind showing these
$config['secret'] = 'e065588cb1edd96f821de8b3d362c488';
$config['trustForwarded'] = true;
$facebook = new Facebook($config);
try {
$user = $facebook->getUser();
var_dump($user);
} catch (Exception $e) {
$e->getMessage();
}
$loginUrl = $facebook->getLoginUrl(array('redirect_uri' => 'http://gtcrais.redirectme.net/test/'));
echo "<a href='".$loginUrl."'>Login</a>";
?>
The second answer in here caught my eye. I tried that solution and it didn't work, so I opened up base_facebook.php and scrolled to the line where that 'code' is passed to some variable - line 458:
$code = $this->getCode();
I echo'd this, and it displayed correctly the code parameter that was passed from the URL. The problematic line turns out to be the one couple rows below that one:
$access_token = $this->getAccessTokenFromCode($code);
This function returns a value of false to $access_token when passed the $code variable. In that function, this part of the code throws an exception:
try {
// need to circumvent json_decode by calling _oauthRequest
// directly, since response isn't JSON format.
$access_token_response =
$this->_oauthRequest(
$this->getUrl('graph', '/oauth/access_token'),
$params = array('client_id' => $this->getAppId(),
'client_secret' => $this->getAppSecret(),
'redirect_uri' => $redirect_uri,
'code' => $code));
} catch (FacebookApiException $e) {
// most likely that user very recently revoked authorization.
// In any event, we don't have an access token, so say so.
print_r($e);
return false;
}
print_r($e) displays a huge blob of gibberish (I'm somewhat of a noob so I can't read almost anything from it that makes sense). The only thing that I see repeating in there is
SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL
And this is how far I've come with debugging this. Any help is appreciated. Once again, yesterday, everything was working fine. Today, without a single line of code changed, it doesn't work anymore. Mind boggling =( Oh yeah, I'm running WAMP with PHP 5.4.3
EDIT: Here's the error message: http://i.imgur.com/TeY8h.png
EDIT2: Solved:
In base_facebook.php add the following 2 lines under $CURL_OPTS:
CURLOPT_SSL_VERIFYPEER => false,
CURLOPT_SSL_VERIFYHOST => 2
Which makes it...
public static $CURL_OPTS = array(
CURLOPT_CONNECTTIMEOUT => 10,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_TIMEOUT => 60,
CURLOPT_USERAGENT => 'facebook-php-3.2',
CURLOPT_SSL_VERIFYPEER => false,
CURLOPT_SSL_VERIFYHOST => 2
);
I'm not sure how much of a security issue this is, but it makes the Login with Facebook work, so there you have it (and there I have it. Entire day lost on this, fml).
EDIT3: New SDK released which fixes this problem: https://github.com/facebook/facebook-php-sdk
In base_facebook.php add the following 2 lines under $CURL_OPTS:
CURLOPT_SSL_VERIFYPEER => false,
CURLOPT_SSL_VERIFYHOST => 2
Which makes it...
public static $CURL_OPTS = array(
CURLOPT_CONNECTTIMEOUT => 10,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_TIMEOUT => 60,
CURLOPT_USERAGENT => 'facebook-php-3.2',
CURLOPT_SSL_VERIFYPEER => false,
CURLOPT_SSL_VERIFYHOST => 2
);
I'm not sure how much of a security issue this is, but it makes the Login with Facebook work, so there you have it.
EDIT: New SDK released which fixes this problem: https://github.com/facebook/facebook-php-sdk