Laravel 5 geting InvalidStateException in AbstractProvider.php

php facebook laravel laravel-5

19,735

Solution 1

I got temporary solution for that.

public function user()
{
    //if ($this->hasInvalidState()) {
    //    throw new InvalidStateException;
    //}

    $user = $this->mapUserToObject($this->getUserByToken(
        $token = $this->getAccessToken($this->getCode())
    ));
    return $user->setToken($token);
}

comment the $this->hasInvalidState() if condition in AbstractProvider.php file and it's work fine.

Solution 2

I wasn't comfortable with just commenting out code that signalled an error (as in @Dipesh Shihora's answer), so I dug a little further. I discovered that the error is caused (in my case at least) by a problem with sessions.

My dev server is set up according to the instructions given in this answer. Basically, I am "spoofing" Google by using a callback URL which looks like a publicly-accessible address.

The InvalidStateException problem was appearing for me because I was visiting my login page at http://localhost/login and redirecting to Google's login page, which then returned me to http://myapp.example.com/callback. The problem is that the session key is stored in a cookie - it was originally a cookie for http://localhost, but when I redirected to a different URL, the cookie (and hence the session key) was inaccessible. Thus, the session state value was non-existent after the update and the exception was thrown.

The solution? Ensure that all my browsing on the dev machine was done at http://myapp.example.com and not at http://localhost.

Solution 3

http://nhagiaodich.com/dang-nhap

It work on my website , just call ->stateless() before get user

Socialite::driver('facebook')->stateless()->user()
Socialite::driver('google')->stateless()->user()

Solution 4

Try setting the correct values in the 'domain' field of config/session.php and the 'url' field of the config/app.php. This seems to have done the trick for me. I noted that the value in session.php should be without http://, while the one in app.php should be with http://.

Also, I recommend you follow this guide: https://laracasts.com/series/whats-new-in-laravel-5/episodes/9. It's extremely helpful and clear.

Solution 5

$provider = \Socialize::with($facebook);      
if (Input::has('code'))     {
    $user = $provider->stateless()->user();
}

Maybe this is better temporary solution

View more solutions

19,735

Dipesh Shihora

I am Php Developer, currently working @ imobdev technologies pvt Ltd - Top Mobile app development company

Updated on September 15, 2022

Comments

Dipesh Shihora over 1 year
I am trying to use login with facebook in laravel 5 using Socialize.

Here is my route file code.
```
Route::get('fb', function ($facebook = "facebook")
{
    $provider = \Socialize::with($facebook);      
    if (Input::has('code'))
    {
        $user = $provider->user();
        return var_dump($user);
    } else {
        return $provider->scopes(['public_profile','user_friends'])->redirect();
    }
});
```
login is success and I get the code but time of get $provider->user() I get the error.

InvalidStateException in AbstractProvider.php line 161
- Dipesh Shihora about 9 years
  
  @SverriM.Olsen AbstractProvider.php is default file...!
Corentin almost 9 years

Worked for me. Is there a better solution ?
Corentin almost 9 years

Definitely the best solution !
Chilion almost 9 years

Good solution. Now i need to figure out how to fix that browsing thing.
loki9 over 8 years

it worked for me, but question is why $provider->stateless()->user()? instead of $provider->user()?
Mattias over 8 years

You should never comment out the code that gives you an error, you should fix the error instead. Downvoted.
Dipesh Shihora over 8 years

@Mattias so can you give me solution for that ?
Mattias over 8 years

@DipeshShihora I haven't had the time to find a final working solution yet, no. I have found a few clues though, for example setting your Session Cookie Domain and then clearing the application cache, or injecting the Request class into the handleProviderCallback like this: handleProviderCallback(Illuminate\Http\Request $request). But like I said, I haven't tried any of these methods yet.
Mladen Janjetovic over 8 years

even with browsing solution, subdomains can cause a problem. Please refer to this answer stackoverflow.com/questions/30660847/…
Dipesh Shihora over 8 years

@Mattias give me specific reason when you get time then update here so my knowledge also updated and get proper solution for that
Mattias over 8 years

@DipeshShihora See my answer.
igs013 over 8 years

Thanks. Setting the domain field worked for me. Never imagined this to be the cause of the error.
Mattias over 8 years

Neat! Feel free to mark the answer as correct, as it fixes the issue rather than commenting it out :) Could help people encountering the same problem.
igs013 over 8 years

True. The only issue here is that I'm not the one who posted this question so it could be kinda hard for me to mark the answer as correct :)). But nonetheless I've voted up your answer before commenting on it :p.
ssi-anik about 8 years

Well, that's a nice solution. :) Thanks.
dlopezgonzalez about 8 years

I have this problem on the smartphone but not on desktop. Thank you. Fast trick.
Edmund Sulzanok almost 8 years

domain was the trouble maker
Devin Norgarb about 7 years

Brilliant, thanks for the great answer. Because of you I will now proceed to crack open a beer.
Maha Dev about 7 years

Worked for me too
FONGOH MARTIN almost 7 years

Almost ended up in trouble with my client cos of this. Thanks a million @nguyen
Macedo_Montalvão over 3 years

You're right 'same_site' => 'strict' doesn't work, I'm not sure why, since it is the laravel itself that overwrites the session, there must be a way around this.