App is misconfigured for Facebook login: Android Facebook integration issue
Solution 1:
I work at Facebook, and this is an important issue that needs to be addressed. The other answer for this question suggests that disabling SSO is very bad and will open up your app to malicious apps that can steal your user's Facebook credentials.
The hack launches a WebView dialog to Facebook without SSO, and the user must type their login credentials into that dialog. Malicious apps can then steal this information easily. It is always advised to implement Facebook SSO correctly to ensure that your app is secure and protect your user's sensitive data.
Prior to adding this error message, the dialog would automatically close without warning and fail silently. We added this error message to visually display that there is an issue with your app configuration in your Facebook app dashboard. For Android, if you check your LogCat, you'll see that after pressing "Okay", there should be an error message that will display a more technical description of what is causing the authentication to fail.
For example, if you use our Hackbook example and did not supply your own APP_ID in the source and did not add your hash key to the dashboard, you'll see this error in LogCat after pressing "Okay" in the native SSO dialog (if Util.ENABLE_LOG is set to true):
D/Facebook-authorize(24739): Login failed: invalid_key:Android key mismatch. Your key "uk3udeH7vrOGNFH2FJjdJbdWJWI" does not match the allowed keys specified in your application settings. Check your application settings at http://www.facebook.com/developers
We added the visual error message to help you. This, in theory, does not break previous implementations if it was implemented correctly to begin with. If you see this error message, that means you did not configure your app settings correctly on your dashboard.
Double check your Android Class/Package name, Android hash keys, etc. You will not see this message if you did everything correctly.
In summary, you are getting that error message because there is an issue with your app configuration, for example, a mismatch between the Android hash keys in your dashboard. Before Facebook added this error message, the dialog would launch, then automatically close and fail. To fix this, check your LogCat for any error messages and make sure that you have everything implemented correctly. You can read up on our documentation to make sure you have everything correct. Do not use the accepted answer for this question.
You can also follow the external bug report that a Facebook developer has reported for more updates.
Solution 2:
Try to set it like this:
First download OpenSSL (if you have a 64-bit machine you must download openssl-0.9.8e X64, not the latest version, openssl-0.9.8k X64, because the output will not be valid). Extract your files, create the folder openssl
, for example in C:/ and copy files there.
Find your path to keytoo. Mine is C:\Program Files\Java\jdk1.7.0_05\bin.
Find your path to debug.keystore
. YHou can see what is path if you open in Eclipse, menu Window -> Preferences -> Android -> Build, and you will see Default Debug keystore:-and the path.
Find your path to openssl
. Mine is C:\openssl8e\bin/.
Open cmd and type:
"C:\Program Files\Java\jdk1.7.0_05\bin\keytool" -exportcert -alias androiddebugkey -keystore "C:\Users\User.android\debug.keystore" | "C:\openssl8e\bin\openssl" sha1 -binary | "C:\openssl8e\bin\openssl" base64
Aand then press Enter.
Insert password: android
You will get your hash key for debug.keystore
.
When you export a signed APK, and you create a keystore for the application, just replace in cmd debugkeystore alias with your alias for the app, the keystore path with the path to your newly created keystore for the app and insert the password for your app.keystore
, and you will get a new hash key for your signed app.
Solution 3:
The answer from Jesse Chen is fine. Facebooks SDK works fine, don't break it.
I again ran into this problem and found out that the Facebook SDK documentation is corrected and is very fine now. Now it is guiding how to debug and release hash keys can be set; just do as it says.
Below is my old story. There is missing that you can set two hash keys, one for debugging and one for signed, released application for the old Play Store.
I found out that problem was in my case in the Facebook SDK's documentation. It guided us to use the debug key hash and put it in Facebook's app configuration. Hash is guided to get this way:
keytool -exportcert -alias androiddebugkey -keystore ~/.android/debug.keystore | openssl sha1 -binary | openssl base64
This works fine, when you are dubugging or running application from Eclipse.
But, if you publish your application to Andoid Play, you must use your own publisher key to export the signed .apk file. With that .apk, the hash in the Facebook app console is not valid any more! You must get a hash for the developer key like this:
keytool -exportcert -alias <developer alias> -keystore ~/.android/<developer keystore> | openssl sha1 -binary | openssl base64
And put it in the Android Key Hash in the Facebook app console for your published application. After that, SSO works fine again for your signed .apk file.
Solution 4:
From what I could gather, it's a Facebook problem and has been reported. But, the problem persists.
A way around this (tested on 2.3.3) is to hack on the Facebook SDK, seach for the 2 authorize methods and change the DEFAULT_AUTH_ACTIVITY_CODE to FORCE_DIALOG_AUTH. This will disable the Single Sign On feature.
If your prefer got to
public void authorize(Activity activity, String[] permissions,
int activityCode, final DialogListener listener)
and disable the startSingleSignOn part. It's preferable not to, because eventually Facebook will solve the problem, and you only have to put the old constant back.
EDIT
This solution raises security problems. Check Jesse Chen answer.
Solution 5:
I faced the same problem, after spending 24 hours and a lot of search we use this method to solve my problem.
Check your Xcode project current bundle identifier for example : com.yourcompanyname.yourappname
use the same com.yourcompanyname.yourappname bundle identifier for creating app in Facebook see attachment.