Yii 2 动作加载到 facebook canvas (iframe) 获取 http 错误 400
Yii 2 Action load into facebook canvas (iframe) Getting http Error 400
我正在开发 Facebook canvas 应用程序,技术上应该从 YII 2 加载页面。我正在使用 Facebook PHP SDK。但是,我当前的问题是,每当我尝试加载 canvas 时,我都会得到 error 400(无法验证您的数据提交)。在 Facebook 设置中,我在允许的域上有正确的域名。
下面是我的源代码和错误:
$fb = new \Facebook\Facebook([
'app_id'=>$appId ,
'app_secret'=>$appSecret,
'default_graph_version'=>'v2.5']);$helper = $fb->getCanvasHelper();
$permissions = ['email','user_likes','user_friends'];
try {
$accessToken = $helper->getAccessToken();
} catch(Facebook\Exceptions\FacebookResponseException $e) {
echo 'We are unable to log you in. Sorry.: ' . $e->getMessage();
exit;
} catch(Facebook\Exceptions\FacebookSDKException $e) {
echo 'Facebook SDK returned an error: ' . $e->getMessage();
exit;
}
if (isset($accessToken)) {
$_SESSION['facebook_access_token']= $accessToken;
$oAuth2Client = $fb->getOAuth2Client();
$longLivedAccessToken = $oAuth2Client->getLongLivedAccessToken($_SESSION['facebook_access_token']);
$_SESSION['facebook_access_token']=$longLivedAccessToken;
$fb->setDefaultAccessToken($_SESSION['facebook_access_token']);
try {
$request = $fb->get('/me');
} catch(Facebook\Exceptions\FacebookResponseException $e) {
if ($e->getCode() == 190) {
$helper = $fb->getRedirectLoginHelper();
$loginUrl = $helper->getLoginUrl('https://apps.facebook.com/fb-app/', $permissions);
echo "<script>window.top.location.href='".$loginUrl."'</script>";
exit;
}
} catch(Facebook\Exceptions\FacebookSDKException $e) {
echo 'Facebook SDK returned an error: ' . $e->getMessage();
exit;
}
try {
$profile_request = $fb->get('/me?fields=name,first_name,last_name,email');
$profile = $profile_request->getGraphNode()->asArray();
} catch(Facebook\Exceptions\FacebookResponseException $e) {
echo 'Graph returned an error: ' . $e->getMessage();
echo "<script>window.top.location.href='https://apps.facebook.com/fb-app/'</script>";
exit;
} catch(Facebook\Exceptions\FacebookSDKException $e) {
echo 'Facebook SDK returned an error: ' . $e->getMessage();
exit;
}
$model->fbvisitor(['name'=>$profile['name'],'email'=>$profile['email'],'id'=>$profile['id']]);
return $this->actionFacebook();
} else {
$helper = $fb->getRedirectLoginHelper();
$loginUrl = $helper->getLoginUrl('https://apps.facebook.com/fb-app/', $permissions);
echo "<script>window.top.location.href='".$loginUrl."'</script>";
}
错误如下:
Bad Request (#400) Unable to verify your data submission.
The above error occurred while the Web server was processing your request.
Please contact us if you think this is a server error.
Thank you
根据@CBroe 分享的评论,我找到了如何为该特定操作禁用 CSRF 保护。在 Controller 上添加 beforeAction 并禁用 CSRFcheck,如下所示:
Public function beforeAction($action)
{
if ($this->action->id == 'action-name') {
Yii::$app->controller->enableCsrfValidation = false;
}
return true;
}
我正在开发 Facebook canvas 应用程序,技术上应该从 YII 2 加载页面。我正在使用 Facebook PHP SDK。但是,我当前的问题是,每当我尝试加载 canvas 时,我都会得到 error 400(无法验证您的数据提交)。在 Facebook 设置中,我在允许的域上有正确的域名。
下面是我的源代码和错误:
$fb = new \Facebook\Facebook([
'app_id'=>$appId ,
'app_secret'=>$appSecret,
'default_graph_version'=>'v2.5']);$helper = $fb->getCanvasHelper();
$permissions = ['email','user_likes','user_friends'];
try {
$accessToken = $helper->getAccessToken();
} catch(Facebook\Exceptions\FacebookResponseException $e) {
echo 'We are unable to log you in. Sorry.: ' . $e->getMessage();
exit;
} catch(Facebook\Exceptions\FacebookSDKException $e) {
echo 'Facebook SDK returned an error: ' . $e->getMessage();
exit;
}
if (isset($accessToken)) {
$_SESSION['facebook_access_token']= $accessToken;
$oAuth2Client = $fb->getOAuth2Client();
$longLivedAccessToken = $oAuth2Client->getLongLivedAccessToken($_SESSION['facebook_access_token']);
$_SESSION['facebook_access_token']=$longLivedAccessToken;
$fb->setDefaultAccessToken($_SESSION['facebook_access_token']);
try {
$request = $fb->get('/me');
} catch(Facebook\Exceptions\FacebookResponseException $e) {
if ($e->getCode() == 190) {
$helper = $fb->getRedirectLoginHelper();
$loginUrl = $helper->getLoginUrl('https://apps.facebook.com/fb-app/', $permissions);
echo "<script>window.top.location.href='".$loginUrl."'</script>";
exit;
}
} catch(Facebook\Exceptions\FacebookSDKException $e) {
echo 'Facebook SDK returned an error: ' . $e->getMessage();
exit;
}
try {
$profile_request = $fb->get('/me?fields=name,first_name,last_name,email');
$profile = $profile_request->getGraphNode()->asArray();
} catch(Facebook\Exceptions\FacebookResponseException $e) {
echo 'Graph returned an error: ' . $e->getMessage();
echo "<script>window.top.location.href='https://apps.facebook.com/fb-app/'</script>";
exit;
} catch(Facebook\Exceptions\FacebookSDKException $e) {
echo 'Facebook SDK returned an error: ' . $e->getMessage();
exit;
}
$model->fbvisitor(['name'=>$profile['name'],'email'=>$profile['email'],'id'=>$profile['id']]);
return $this->actionFacebook();
} else {
$helper = $fb->getRedirectLoginHelper();
$loginUrl = $helper->getLoginUrl('https://apps.facebook.com/fb-app/', $permissions);
echo "<script>window.top.location.href='".$loginUrl."'</script>";
}
错误如下:
Bad Request (#400) Unable to verify your data submission.
The above error occurred while the Web server was processing your request.
Please contact us if you think this is a server error. Thank you
根据@CBroe 分享的评论,我找到了如何为该特定操作禁用 CSRF 保护。在 Controller 上添加 beforeAction 并禁用 CSRFcheck,如下所示:
Public function beforeAction($action)
{
if ($this->action->id == 'action-name') {
Yii::$app->controller->enableCsrfValidation = false;
}
return true;
}