My site uses spring social (1.1.6.RELEASE) and spring social facebook (2.0.3.REALEASE) to let users to sign in with their Facebook accounts.
Recently, Facebook requires all websites to use HTTPS based URIs for "Valid OAuth Redirect URIs". Here is what I have for "Valid OAuth Redirect URIs" at Facebook:
https://www.example.com/signin/facebook https://localhost/signin/facebook
I followed the suggestion at https://jira.spring.io/browse/SOCIAL-447 and have custom classes for FacebookConnectionFactory and OAuth2Template so that redirect URIs can start with https.
Everything works correctly on my laptop. However, I am unable to get it work for the site on the internet.
Here is the environment of my system: A load balancer device distributes requests to two Dell boxes. The loadbalancer takes HTTPS requests and sends HTTP requests to boxes.
Here is what I experience on the internet site: when I click the Facebook button to start authentication with Facebook, I am directed to Facebook login. After entering correct username and password, I am redirected my site, but with an exception: Here is the exception message:
Response body: {"error":{"message":"Can't Load URL: The domain of this URL isn't included in the app's domains. To be able to load this URL, add all domains and subdomains of your app to the App Domains field in your app settings.","type":"OAuthException","code":191,"fbtrace_id":"GeA8sXoebS3"}}
I have example.com in the App Domains field at Facebook, but it still fails. Does the system setup (including the load balancer) play a role here? I believe so, but cannot figure out how to fix it? Spent quite an amount of time and no success.
Any suggestion and info would be really appreciated.
Update
My site has been using SSL for a long time. It's authentication with Facebook was working before, but now it is not because of "https" requirement Facebook recently imposed.
