Cakephp Cross-site request forgery validation failed. Required param “state” missing Facebook Login Solution
Solution : Cakephp Facebook Login Cross-site request forgery validation failed. Required param “state” missing.
When we try to integrate Facebook Login(Social Login with Facebook) with CakePHP, sometimes we get an error like "Facebook SDK error: Cross-site request forgery validation failed. Required param “state” missing from persistent data"
Question: Why I am getting this error?
Answer: This is the session issue because Facebook handles access token and csrf with session and most frameworks like laravel, YII, Codeigniter, CakePHP handles session differently compare to CorePHP, So we need to change session handler according to the framework.
For this tutorial, I am using CakePHP 4 version but it will be the same for CakePHP 3 also.
So first we will create our custom session handler. so create a new file in src\Handler\MyFbPersistentDataHandler.php
NOTE: If the Handler folder does not exists by default then create it and then create a file in it.
Now in your controller when we initialize facebook SDK then pass 'persistent_data_handler' and pass our custom session Handler there, you can make changes according to the below code.
Answer: This is the session issue because Facebook handles access token and csrf with session and most frameworks like laravel, YII, Codeigniter, CakePHP handles session differently compare to CorePHP, So we need to change session handler according to the framework.
For this tutorial, I am using CakePHP 4 version but it will be the same for CakePHP 3 also.
So first we will create our custom session handler. so create a new file in src\Handler\MyFbPersistentDataHandler.php
NOTE: If the Handler folder does not exists by default then create it and then create a file in it.
<?php namespace App\Handler; use Facebook\PersistentData\PersistentDataInterface; class MyFbPersistentDataHandler implements PersistentDataInterface { private $_session = null; public function __construct($session) { $this->_session = $session; } public function get($key) { return $this->_session->read($key); } public function set($key, $value) { $this->_session->write($key, $value); } }
Now in your controller when we initialize facebook SDK then pass 'persistent_data_handler' and pass our custom session Handler there, you can make changes according to the below code.
$facebook = new \Facebook\Facebook([ 'app_id' => 'YOUR_FB_APP_ID', 'app_secret' => 'YOUR_FB_APP_SECRET', 'default_graph_version' => 'v2.10', 'persistent_data_handler' => new MyFbPersistentDataHandler($this->getRequest()->getSession()) ]);
Now try again to login with Facebook and this time you will not face any error.
Thanks
Related Links
Thanks
Related Links
Comments
Post a Comment