javascript python java c# php android html jquery c++ css ios mysql sql r node.js arrays reactjs c asp.net json ruby-on-rails .net sql-server swift python-3.x objective-c django angular angularjs excel regex pandas ruby iphone ajax linux xml vba asp.net-mvc spring laravel database wordpress typescript string wpf mongodb windows xcode postgresql bash oracle git vb.net amazon-web-services multithreading list firebase flutter eclipse spring-boot dataframe azure react-native algorithm docker macos forms image visual-studio scala powershell function twitter-bootstrap numpy api performance selenium winforms python-2.7 matlab vue.js sqlite apache hibernate entity-framework loops rest shell facebook express android-studio csv linq maven qt swing unit-testing file tensorflow

[ACCEPTED]-Facebook OAuth: custom callback_uri parameters-facebook-oauth

Accepted answer
Score: 106

I figured out the answer; rather than adding 4 additional parameters to the redirect URL, you 3 can add a state parameter to the request to https://www.facebook.com/dialog/oauth:

https://www.facebook.com/dialog/oauth
    ?client_id=MY_CLIENT_ID
    &scope=MY_SCOPE
    &redirect_uri=http%3A%2F%2Fwww.mysite.com%2Foauth_callback%3Ffoo%3Dbar
    &state=6234

That 2 state parameter is then passed to the callback 1 URL.

Score: 12

If, for any reason, you can't use the option 4 that Jacob suggested as it's my case, you 3 can urlencode your redirect_uri parameter before passing it and 2 it will work, even with a complete querystring 1 like foo=bar&morefoo=morebar in it.

Score: 4

I was trying to implement a Facebook login 16 workflow against API v2.9 following this tutorial. I 15 tried the solutions described above. Manuel's 14 answer is sort of correct, but what I observed 13 is url encoding is not needed. Plus, you 12 can only pass one parameter. Only the first 11 query parameter will be considered, the 10 rest will be ignored. Here is an example,

  1. Request 9 a code via https://www.facebook.com/v2.9/dialog/oauth?client_id={app-id}&redirect_uri=http://{url}/login-redirect?myExtraParameter={some-value}

  2. You'd get a callback for your 8 url. It will look like http://{url}/login-redirect?code={code-from-facebook}&myExtraParameter={value-passed-in-step-1}. Note that facebook 7 would make a callback with myExtraParameter. You can extract 6 the value for myExtraParameter from callback url.

  3. Then you 5 can request access token with https://graph.facebook.com/v2.9/oauth/access_token?client_id={app-id}&client_secret={app-secret}&code={code-from-facebook}&redirect_uri=http://{url}/login-redirect?myExtraParameter={value-extracted-in-step-2}

Additional 4 parameter passed in step 1 after the first 3 query parameter will be ignored. Also make 2 sure to not include any invalid characters 1 in your query parameter (see this for more information).

Source: stackoverflow.com

More Related questions

Passport & JWT & Google/Facebook Strategy - How do I combine JWT and Google/Facebook Strategy?

Refresh token and Access token in facebook API

What is supposed to be the redirect_uri when getting access token in facebook app?

Use bash curl with oauth to return google apps user account data?

Generating single access token with Django OAuth2 Toolkit

'AttributeError: 'module' object has no attribute 'file'' when using oauth2client with Google Calendar

UNREGISTERED_ON_API_CONSOLE while getting OAuth2 token on Android

Multiple IdentityServer Federation : Error Unable to unprotect the message.State

asp net core - No 'Access-Control-Allow-Origin' header is present on the requested resource

How can I configure the expiration time of an Azure AD access token (using ADAL)?