Related
I'm building an Ionic app that uses Firebase and Facebook to authenticate the user. I'm at the point where when I hit the login button on my app, the Facebook app tells me:
Invalid key hash. The key has <key_hash_here> does not match any stored key hashes. Configure your app...
I can't find any information at all on how this works.
Do I need just a hash in the Facebook dev console?
Do I need that same key also in the app somewhere, and if so, where would I put it in Ionic?
Do I need to do anything with Firebase at this point, I'm pretty sure I don't need to.
I used
keytool -exportcert -alias <RELEASE_KEY_ALIAS> -keystore <RELEASE_KEY_PATH> | openssl sha1 -binary | openssl base64
to create a key, substituting some name related to my app for <RELEASE_KEY_ALIAS> and "C:\" for <RELEASE_KEY_PATH>.
The command line returned a nice little hash, ending with "=", so it's doing it's job. I don't have an physical files it outputed.
I'm so confused as to if I need a physical file, and if so does it go in my app AND in the Facebook dev console.
Basically you want to use Facebook Auth in your Ionic App if i understand correctly
I would recommend to double check the process you did to add your key hash on the Official Documentation for Facebook Native on Ionic or in this external tutorial which is also well explained
If both fail try the following:
Delete any app on the website of Facebook (developers.facebook.com)
Delete the file debug.keystore
Generate a new hash key
Create a new app on developers.facebook.com and add the new hash key
Re-run your app
Success!
Hope it helps
I have went threw all the steps, creating a key hash for android for my game build in corona. For 2 days I'm trying to figure it out and it just doesn't work. Feelling kinda desperate. :( Here are my steps:
I have downloaded OPENSSL from Google in extracted it into C:\openssl
I have the latest version of Java which is in C:\Program Files\Java\jre7\bin
For testing I'm using the sample Facebook app provided with Corona. I have entered the AppId.
I create the keyhash using this command:
keytool -exportcert -alias androiddebugkey -keystore "C:\Users\tomaz.OXYLUS.android\debug.keystore" | "C:\OpenSSL\bin\openssl" sha1 -binary | "C:\OpenSSL\bin\openssl" base64
for password I enter android
then I paste the generated key in my facebook developer account under Native Android App\ Key Hashes
then I try to connect with the Corona Facebook app to Facebook, but it always says "loginCancelled". Also this error appears in the terminal window: W/fb4a:fb:OrcaServiceQueue(29191): com.facebook.orca.protocol.base.ApiException: Key hash EOw2r7Y4bNzFal-wFxLBGJQSxV8 does not match any stored key hashes.
What am I missing? I also tryed this procedure with the original game key. No succes. Please help.
I deleted the OpenSSL from Google website and installed this one http://slproweb.com/products/Win32OpenSSL.html, which I found on Facebook. Now everything is working just fine. Thank you for all your efforts Abhishek.
Have you tried to visit upload and register your apps in facebook developer? Before we can connect to facebook we need to register our application with the use of keyhash as identifier.
Once generate your key by code using the answer given in the link. Sometimes it returns different hash key . Chech the key in logcat and edit in Facebook app setting.Facebook Integration in Android Application
Well i am facing same issue...so i solved error like. When i use this "ionic cordova build android" coming error invalid key hash facebook android but this thing work on production app "ionic cordova build android --prod", i hope it help you...
In the trigger.io documentation for their Facebook module it has a "Tip" for getting your Android key hash to upload to Facebook:
On Android a hash of the key used to sign your app is required by Facebook to confirm your app should be allowed to access the Facebook API. The easiest way to configure this is to simply start using the Facebook API, any API methods will return an error message which includes the hash and the URL to visit to configure it.
Is there any example code that should generate this error containing the hash? Or another way to get the hash?
I've been able to get an authentication error if I install the Facebook app onto the simulator but it doesn't return back the key hash.
I have looked at the official Android docs but it looks like there should be a file called ~/.android/debug.keystore but trigger.io must be putting this file in a different place (or hosting it on their end for the remote build).
You should see the hash needed in the log output when running the app through the Toolkit, I don't think it makes it to the error callback as it is directly logged out by the Facebook SDK (the docs could definitely be clearer about that).
If you want to get your hands directly on the keystore the toolkit uses you can find it in .template/lib/debug.keystore in your apps folder, you can also specify your own keystore in the local settings tab in the Toolkit.
I wasn't getting the hash logged either until I tried putting a bogus hash key in my Facebook application settings.
After I did that I added this error callback to my login function:
function (err) {
forge.logging.info(err);
}
And then Facebook said that my hash didn't match the one provided by my app and gave me the correct hash in the log.
Trigger.io has introduced the new forge.facebook.getKeyHash(success, error) method to help easily get the Key Hash programatically. The new method is available in Facebook Module v2.11 and above.
Go to your Trigger.io app directory and run keytool -exportcert -alias androiddebugkey -keystore .template/lib/debug.keystore | openssl sha1 -binary | openssl base64
If you're prompted for the keystore password, don't input anything, just hit Enter.
I have integrated my application with Facebook, and for this I am using Facebook's Graph API. I am retrieving profile and friends information. It is working fine on my device which has Android 2.3 (Gingerbread), but recently my client has faced an issue while he is trying to connect to Facebook through my app. He has Android 4.0 (Ice Cream Sandwich) on his device. When he clicks a button on the app that takes him to the Facebook login screen, after login he gets a message:
My app is misconfigured for Facebook login. Press Okay to go back to the application without connecting to Facebook.
I am not getting what is the problem whether it is related to Android version or what.
How can I fix this problem?
I work at Facebook, and this is an important issue that needs to be addressed. The other answer for this question suggests that disabling SSO is very bad and will open up your app to malicious apps that can steal your user's Facebook credentials.
The hack launches a WebView dialog to Facebook without SSO, and the user must type their login credentials into that dialog. Malicious apps can then steal this information easily. It is always advised to implement Facebook SSO correctly to ensure that your app is secure and protect your user's sensitive data.
Prior to adding this error message, the dialog would automatically close without warning and fail silently. We added this error message to visually display that there is an issue with your app configuration in your Facebook app dashboard. For Android, if you check your LogCat, you'll see that after pressing "Okay", there should be an error message that will display a more technical description of what is causing the authentication to fail.
For example, if you use our Hackbook example and did not supply your own APP_ID in the source and did not add your hash key to the dashboard, you'll see this error in LogCat after pressing "Okay" in the native SSO dialog (if Util.ENABLE_LOG is set to true):
D/Facebook-authorize(24739): Login failed: invalid_key:Android key mismatch. Your key "uk3udeH7vrOGNFH2FJjdJbdWJWI" does not match the allowed keys specified in your application settings. Check your application settings at http://www.facebook.com/developers
We added the visual error message to help you. This, in theory, does not break previous implementations if it was implemented correctly to begin with. If you see this error message, that means you did not configure your app settings correctly on your dashboard.
Double check your Android Class/Package name, Android hash keys, etc. You will not see this message if you did everything correctly.
In summary, you are getting that error message because there is an issue with your app configuration, for example, a mismatch between the Android hash keys in your dashboard. Before Facebook added this error message, the dialog would launch, then automatically close and fail. To fix this, check your LogCat for any error messages and make sure that you have everything implemented correctly. You can read up on our documentation to make sure you have everything correct. Do not use the accepted answer for this question.
You can also follow the external bug report that a Facebook developer has reported for more updates.
Try to set it like this:
First download OpenSSL (if you have a 64-bit machine you must download openssl-0.9.8e X64, not the latest version, openssl-0.9.8k X64, because the output will not be valid). Extract your files, create the folder openssl, for example in C:/ and copy files there.
Find your path to keytoo. Mine is C:\Program Files\Java\jdk1.7.0_05\bin.
Find your path to debug.keystore. YHou can see what is path if you open in Eclipse, menu Window -> Preferences -> Android -> Build, and you will see Default Debug keystore:-and the path.
Find your path to openssl. Mine is C:\openssl8e\bin/.
Open cmd and type:
"C:\Program Files\Java\jdk1.7.0_05\bin\keytool" -exportcert -alias androiddebugkey -keystore "C:\Users\User.android\debug.keystore" | "C:\openssl8e\bin\openssl" sha1 -binary | "C:\openssl8e\bin\openssl" base64
Aand then press Enter.
Insert password: android
You will get your hash key for debug.keystore.
When you export a signed APK, and you create a keystore for the application, just replace in cmd debugkeystore alias with your alias for the app, the keystore path with the path to your newly created keystore for the app and insert the password for your app.keystore, and you will get a new hash key for your signed app.
The answer from Jesse Chen is fine. Facebooks SDK works fine, don't break it.
I again ran into this problem and found out that the Facebook SDK documentation is corrected and is very fine now. Now it is guiding how to debug and release hash keys can be set; just do as it says.
Below is my old story. There is missing that you can set two hash keys, one for debugging and one for signed, released application for the old Play Store.
I found out that problem was in my case in the Facebook SDK's documentation. It guided us to use the debug key hash and put it in Facebook's app configuration. Hash is guided to get this way:
keytool -exportcert -alias androiddebugkey -keystore ~/.android/debug.keystore | openssl sha1 -binary | openssl base64
This works fine, when you are dubugging or running application from Eclipse.
But, if you publish your application to Andoid Play, you must use your own publisher key to export the signed .apk file. With that .apk, the hash in the Facebook app console is not valid any more! You must get a hash for the developer key like this:
keytool -exportcert -alias <developer alias> -keystore ~/.android/<developer keystore> | openssl sha1 -binary | openssl base64
And put it in the Android Key Hash in the Facebook app console for your published application. After that, SSO works fine again for your signed .apk file.
From what I could gather, it's a Facebook problem and has been reported. But, the problem persists.
A way around this (tested on 2.3.3) is to hack on the Facebook SDK, seach for the 2 authorize methods and change the DEFAULT_AUTH_ACTIVITY_CODE to FORCE_DIALOG_AUTH. This will disable the Single Sign On feature.
If your prefer got to
public void authorize(Activity activity, String[] permissions,
int activityCode, final DialogListener listener)
and disable the startSingleSignOn part. It's preferable not to, because eventually Facebook will solve the problem, and you only have to put the old constant back.
EDIT
This solution raises security problems. Check Jesse Chen answer.
I faced the same problem, after spending 24 hours and a lot of search we use this method to solve my problem.
Check your Xcode project current bundle identifier
for example : com.yourcompanyname.yourappname
use the same com.yourcompanyname.yourappname bundle identifier for creating app in Facebook see attachment.
I had this problem just a few minutes ago myself on 4.0.4 and it seems to have resolved itself.
Although late, still useful:
*Here's the corerct way to do(for debug key, change accordingly for release):*
keytool -exportcert -alias androiddebugkey -keystore "C:\Users\<User>\.android\debug.keystore" > <Drive letter>:\debug.txt
openssl sha1 -binary "<Drive letter>:\debug.txt" > "<Drive letter>:\debug_sha.txt"
openssl base64 -in "<Drive letter>:\debug_sha.txt" > "<Drive letter>:\debug_base64.txt"
The hash is in the last generated file: debug_base64.txt....open it and copy the hash.
Remember to replace "" and with your username and drive letter of your choice
When you create the key hash, you might end up with something which has the equality sign "=" at the end, like ga0RGNYHvNM5d0SLGQfpQWAPGJ8=. While Facebook gladly accepts the equality sign as part of the key hash, you have to remove it in order for it to work.
Additionally, check out the accepted answer to Android Facebook SDK 3.0 gives "remote_app_id does not match stored id" while logging in: when getting the key hash for the debug keystore, use the password "android". Otherwise the key hash will be incorrect and you will get the error specified in the question (be nice and vote up the answer there if it helped you.)
Regarding apps signed with OWN keystore:
After spending several hours solving this issue, I finally got it and want to provide an answer for those who are still suffering:
My steps:
I signed my app via eclipse with my own keystore file (NOT debug.keystore).
Via command line and known commands (keytool -exportcert -alias -keystore ~/.android/ | openssl sha1 -binary | openssl base64) I successfulluy received the key hash.
Pasted the key hash in the dev dashboard,waited a few mins -> Still the same ERROR (as specified in the question above).
i tried several differend keytools, on several jdks, etc... nothing changed.
Solution:
I turned on debuggable in manifest, turned on debugging in facebook sdk. then i signed the apk with my own keystore and uploaded it on real device.
i connected device via usb and opened DDMS perspective to see logcat on device.
I started my app and let the error message occur.
It prints out a key totally different from the key generated by keytool. I took this key from logcat, pasted it to dev dashboard and voila -> EVERYTHING WORKS
I still don't know why this happens or what is causing the wrong key, but this way it works for me.
On Debian system like ubuntu use the keytool of java found under directory /usr/lib/jvm/jdk*.*.*/bin/keytool and generate like this
/usr/lib/jvm/jdk1.7.0/bin/keytool -exportcert -alias androiddebugkey -keystore ~/.android/debug.keystore | openssl sha1 -binary | openssl base64
This way you get the authentic hash key that can be put under your app hash of facebook.
Usually this problem could be solved with two check:
flag in the facebook console to publish live the facebook configuration
api key mismatches
I managed to solve the issue I was having with misconfigured for Facebook on Android by ensuring I had the correct hash key for a release version.
To get the release version hash key, find the key you used to sign the application and do the following, insert the name of your keystore alias (without brackets). If you don't know your alias this can be found by exporting your app as a signed app and the alias is on the second page of the wizard. Also insert the path to your keystore (without brackets).
keytool -exportcert -alias [Alias of your keystore] -keystore [Path to keystore] | openssl sha1 -binary | openssl base64
I did a Toast for exceptions and found it throws a key mismatch exception today added the key in the FB app page and it works fine
Also encountered this issue.
Simply go to the Facebook developers getting started page here
and follow step 4 - the thing with the command line.
Worked for me.
Enjoy.
I just had the same problem and the solution turned out to be super simple. When I created the app in the dashboard, I only had added the key hash for the android debug keystore. This all works fine if you install the app as a developer via a USB cable in this case.
Once you have an app in the Play Store, you will use a production key to sign the app. This also means, that you have to get the key hash of the production key like for the debug key and add it as a second hash to the list of native app hashes.
just to remember you how the key hash works:
keytool -exportcert -alias -keystore ~/keys/android_keystore | openssl sha1 -binary | openssl base64
Hope that helps!
I had a similar problem, but for iOS.
The solution is to do with configuring the Facebook app on the Facebook developer daskboard.
For iOS, 2 things must be done:
Enabled Facebook Login
Bundle ID must be the same as the app
It's a keystore issue..configure your eclipse to use the same keystore for which app was configured for.
I got the same error a few days ago. In my case it was due to an Android key mismatch. Here is how I fixed it if it may help you too:
Open Util.java in the Facebook SDK, set private static boolean ENABLE_LOG = true;. Now run your app and enter your email id and password. Facebook sends back a signature if there's a key mismatch. You'll find this key (signature) in LogCat. Just copy this key and paste it in the app dashboard. That should fix the problem. Remember to set private static boolean ENABLE_LOG = true; back to false.
I get "Login failed error" with the Facebook Android SDK while running on the device. I have done everything what they specified, like creating a hash and all.
The error is:
Facebook-authorize(5539): Login failed: invalid_key
facebook error: com.facebook.android.FacebookError: invalid_key
Update: I wrote a more detailed blog post about this problem and explains how SSO causes it: http://sean.lyn.ch/2011/07/android-the-facebook-sdk-sso-and-you/
This question is long since answered here (and in the Facebook Android SDK), but I'm going to try and capture the full solution for anyone that ends up stumbling upon this thread.
I was developing using the Facebook Android SDK in combination with PhoneGap and the Phonegap Facebook plug in. The authentication step was working just fine until I moved from deploying on the emulator to an actual device. The failure I saw when running adb logcat was the following.
D/Facebook-authorize( 2194): Login failed: invalid_key
W/System.err( 2194): com.facebook.android.FacebookError: invalid_key
I have no idea why this worked on the emulator but failed on the device. I suspect that Facebook has a blanket policy to allow unsigned .apk applications, because they can't be distributed.
The issue is that Facebook needs information about the key used to sign the application in order to allow the authorization. What I didn't know is that the Eclipse environment is signing builds automatically when you push them to the device using a debug keystore. Details about the Debug keystore are available in the Android Documentation - Signing Applications.
In order to provide Facebook with information about the signature, you need to run the command Jay provides above (repeated here):
keytool -exportcert -alias androiddebugkey -keystore ~/.android/debug.keystore | openssl sha1 -binary | openssl base64
This generates a short string of characters (which may include characters such as '=' or '/') that identify the signature called a certificate. Once you have this, you need to give it to Facebook.
Find your application on Facebook's Developer page (or create a new one if you haven't set one up already). Once you're in the application summary page, choose Edit Settings and then pick Mobile and Devices on the left-hand side. Under the Android section, you'll see a box for Key Hash. Paste the certificate string from the command above into this box and hit save.
Give it a few minutes to propagate and you should be all set!
Just spent a couple hours on the same problem.
When you are exporting the hash value of your key, be sure to specify the correct keystore and alias. For instance in:
keytool -exportcert -alias androiddebugkey -keystore ~/.android/debug.keystore
| openssl sha1 -binary
| openssl base64
If you're not using the debug key to sign your APK, be sure that keytool references your export keystore and that it's using the alias that you've specified. You see the keystore and alias to be used in the "keystore selection" and "key alias selection" screens in the Eclipse export Android App wizard screen.
Also, under the "Mobile and devices" section of the app settings, I've set the application to be "Native app" and not "HTML 5 / Mobile web" since I'm working with an Android app (and an iOS one as well).
If the Facebook application is installed on the device, the described error will be raised.
Uninstall the existing Facebook application and run the application; it is working well. This is an SDK problem.
You can use this Java Android code to genereate your key:
try {
PackageInfo info = getPackageManager().getPackageInfo("**YOURPACKAGENAME**", PackageManager.GET_SIGNATURES);
for (Signature signature : info.signatures) {
MessageDigest md = MessageDigest.getInstance("SHA");
md.update(signature.toByteArray());
Log.i("PXR", Base64.encodeBytes(md.digest()));
}
}
catch (NameNotFoundException e) {}
catch (NoSuchAlgorithmException e) {}
Another trap for new players: if you get the keystore password wrong in
keytool -exportcert -alias androiddebugkey -keystore ~/.android/debug.keystore
| openssl sha1 -binary
| openssl base64
it will silently give the wrong result (the digest for the password wrong message, I suspect).
Working through intermediate files avoids this. Using a Linux desktop might, as well.
I fixed the bug with this:
If you add Facebook.FORCE_DIALOG_AUTH to the authorize line:
mFacebook.authorize(
MundialRugby2011Activity.this,
new String[] {"publish_stream", "read_stream", "offline_access"},
Facebook.FORCE_DIALOG_AUTH,
new LoginDialogListener()
);
I had a similar problem (invalid_key) and for me the solution was to install Cygwin (I am using Windows 7 64-bit) and regenerate the key from there. I got a totally different key (than on PowerShell) and now my application does login just fine.
I may just have solved the wrong keyhash issue in Windows 7. See my report in Invalid key issue for an Android application to call the Facebook API.
This problem seems to be triggered when the Facebook app is installed thus the SDK is trying to use the app for authentication. And that part seems to fail always in my case.
My current workaround to solve this is to make sure that the web login dialog gets triggered instead. The way to make that occur is to tamper with the FB_APP_SIGNATURE in Facebook.java (Line 763 latest SDK from GitHub), in my case I just replaced the last part "928a2" with an empty string.
By doing this it seems that the SDK falls back on the web dialog and everything works.
Please note that this isn't a perfect workaround, but it do solve the issue with the Facebook SDK and the Facebook App being incompatible for the moment on Android.
I wasted about four hours solving such a problem (Windows 7, Eclipse). The keytool utility is really sly. I already had Eclipse installed.
Install Cygwin.
Download OpenSSL for Windows. Put it in any folder and add path to "lib" & "bin" subfolders in Windows PATH variable.
Now you should be able to open the Cygwin Bash shell (from the start menu) and successfully run OpenSSL from it.
Some keytool tricks:
Do NOT USE the Windows shell (CMD) - always use Cygwin. Running keytool from CMD just silent produce the wrong hash!
Remember, that the right Unix path separator you should use is "/", not "\"!
If the keytool can not find the keystore file, it just silently generates the WRONG key! If you set the right path to the file, it asks your "Enter keystore password:". So, if it is not ask you about it, be sure you pass wrong path (see also #2).
If you type the right keystore password, the hash is the same as if you do not pass a keystore password at all. If you type the wrong keystore password it silently generates the wrong hash.
Thanks to Facebook, now it's giving a key itself along with invalid_key exception. Use that value and update in application settings. I am using Windows 7 64-bit machine and for me the key doesn't have = (equal to) in the end but it worked cleanly.
I am using Phonegap and the FB SDK -> didn't get a correct key generated, maybe I have to use the hash key of the build service? Nevertheless, I just put in the Hash the cordova library say that is didn't match with the one at facebook.
I have used Cygwin on Windows and iOS Bash, but both gave me the wrong keys! Finally I have found the solution in Implementing Facebook into your application invalid key with keytool.
ProgrammerXR have written a really useful method that extracts the key hash straight from the signed application installed on the device - brilliant!
edited:
The above link doesn't work anymore but you can get some more details in the Facebook docs (see the 'Troubleshooting' paragraph in the 'Run the Samples' section)
https://developers.facebook.com/docs/android/getting-started/#samples