Facebook login not working in 4.3

I added facebook login for my site on nop 4.3 and while it takes me to facebook to login when it gets sent back to the site nothing happens. I am not logged in. I am just back at the login screen

Anyone have this issue or know how to fix it?

Is you site running SSL ? Because you can not use the plugin unless you have a valid certificate installed and running SSL.

Do you have settings correct in Facebook ?
If your website is called
    https://whatever.com
then the Valid OAuth Redirect URIs is
    https://whatever.com/signin-facebook
and I also entered
    https://www.whatever.com/signin-facebook

All the other settings I have are:
Client OAuth Login: Yes
Web OAuth Login: Yes
Enforce HTTPS: Yes
Force Web OAuth Reauthentication: No
Embedded Browser OAuth Login: No
Use Strict Mode for Redirect URIs: Yes

Yea I got it. It was an SSL issue. I was using the free cloudfare cdn on smarterasp.net

I was suggested to use their own ssl and it worked.

excuse me i have tried to use the Facebook Authentication plugin ...  I have followed the requirement well and it really works for first time i register an account and could login. but later no facebook could authenticate "login or resister" and it redirect with  _=_  Url?

I have it installed on my website selectsystems.com.au which is v4.3
It does not get used very much but I just tried to login and worked fine
Goes to the address https://www.selectsystems.com.au/#_=_
Have you checked all the settings
Also your website must also use SSL
Facebook recently required a Data Use Checkup do you have a green dot on Developer homepage to say data use checkup completed ?

I have a the same issue and i dont know how to fix that
:((

Yidna wrote:

Hi Yidna
I am now facing exactly the same problem here:
I am using 4.4.02 on ubuntu 20.04, behind  a nginx reverse proxy. Now whenI click the facebook auth button, and get redirected to facebook login page, it says
"Facebook has detected mywebsite  isn't using a secure connection to transfer information.
Until mywebsite updates its security settings, you won't be able to use Facebook to log into it."

Although I have all settings configed as you suggested above. I also have a valid SSL(the free Let's Encrypt SSL cert) on my server. Everything else works perfectly fine with the ssl.

Two things I noticed that:
1. When I click the facebook auth button, I saw that the "redirect_uri" passed to facebook is always, http://mysite.com/signin-facebook, that is the "HTTP" schema instead of HTTPS, despite that I have an working SSL cert and every requests to my site is forced redirected to HTTPS by nginx.
2. If I changed my facebook App from "development" mode to "live" mode, there is no "Facebook has detected mysite isn't using a secure connection" warning,  but instead it just redirected to my login page without any notification.

Can you please help me out of here, is there any thing I need to config at nginx side? I already have
"     proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header   X-Forwarded-Proto $scheme;
"
in my nginx config.

And in the App_Data/appsettings.json, I also have following :

  "HostingConfig": {
    "UseHttpClusterHttps": false,
    "UseHttpXForwardedProto": true,
    "ForwardedHttpHeader": "X-Forwarded-Proto"
  },

So now I really have no idea what's going on and how to fix this.

Any one please give me any advise, I am really appriciated.

Thank you.

Same problem...

Anyone have the solution to facebook autentication?

I also have this issue

Ok, here is my solution( to my problem), it may not solve yours, but I think it will give you a clue of whats going on.

So first my problem,  as I said above, I deployed Nop on linux behind a nginx proxy, and I found out  that the "redirect_uri" parameter passed to facebook login url is always HTTP instead of HTTPS, although my webserver has a valid SSL cert.  This is caused by the fact that Nop did not pass the origin schema to the middlewares(authentication middle ware). Please check this link for more info:X-https://docs.microsoft.com/en-us/aspnet/core/host-and-deploy/proxy-load-balancer?view=aspnetcore-5.0

So I add following to the request pipline:

 public void ConfigureRequestPipeline(IApplicationBuilder application)
        {
            application.UseForwardedHeaders(new ForwardedHeadersOptions
            {
                ForwardedHeaders = ForwardedHeaders.XForwardedProto
            }); 
            ServiceProvider = application.ApplicationServices;

            //find startup configurations provided by other assemblies
            var typeFinder = Resolve<ITypeFinder>();
            var startupConfigurations = typeFinder.FindClassesOfType<INopStartup>();

            //create and sort instances of startup configurations
            var instances = startupConfigurations
                .Select(startup => (INopStartup)Activator.CreateInstance(startup))
                .OrderBy(startup => startup.Order);

            //configure request pipeline
            foreach (var instance in instances)
                instance.Configure(application);
        }

But this will cause a new problem:
The "HttpsRequirement" filter applied to the basecontroller (which means to every request) has something like this:

                //page should be secured, so redirect (permanent) to HTTPS version of page
                if (store.SslEnabled && !currentConnectionSecured)
                    context.Result = new RedirectResult(_webHelper.GetThisPageUrl(true, true), true);

                //page shouldn't be secured, so redirect (permanent) to HTTP version of page
                if (!store.SslEnabled && currentConnectionSecured)
                    context.Result = new RedirectResult(_webHelper.GetThisPageUrl(true, false), true);

which is problematic because it will handle the redirect in dotnet core request pipline. Since I already have nginx done this before it handle the reqeusts to dotnet runtime, so I simply removed this " HttpsRequirement" from the pipline.

Now the authentication middle ware is able to send the https url to facebook login page, and the plugin works properly.