App is misconfigured for Facebook login : Kindle Fire Integration Issue

Question

We integrated Facebook login on our Kindle Fire android app. It works without any problem most of the time. But occasionally for some users, when they try to register using facebook login, it fails with the error "APp is misconfigured for facebook login". We checked the hash key, package name and all that, they all are correct. As i said, it works for 95% of the users. For those users it fails, it fails repeatedly. Anybody from facebook can help us resolve this issue? Appreciated. (BTW, we use the same facebook app for our google play version of the android app also with a different hash key, we never had this problem for our google play app. We got the hash key for Kindle from Amazon.) Since it doesnt fail in any of our devices, and fails only on some random user's devices, we couldnt get any debug messages.

PS: I have already read the thread App is misconfigured for Facebook login: Android Facebook integration issue . I am a new user, i couldnt ask this question over there.

which version of Kindle Fire? Do they have the FB app installed? What's the app? — Offbeatmammal, Feb 01 '13 at 17:47
Hi. It should work even if the user does not have the FB app installed on the device. It works on my device with or without the FB app installed. One of the devices where it failed runs android 2.3 and Kindle Fire system version 6.3.1 — balabumbum, Feb 01 '13 at 22:22

score 2 · Answer 1 · answered Mar 13 '13 at 23:31

We just had the same problem with one of our apps on the Amazon appstore. In our case we realized the problem only happened if these three conditions were true:

Kindle Fire HD
Facebook App installed and user logged in
User also logged into facebook via Settings -> My Account -> Manage Social Accounts

That may explain why in your case it only happens in 5% of the cases.

As far as we could tell, Amazon resigns the .apk, which breaks the Facebook Android App Key Hash check.

The solution involved:

Obtaining the Amazon .apk of our app (not the one we submitted, but the one distributed by the Amazon appstore)
Extract the signing certificate from the .apk file
Base64 encode the SHA digest of the encoded certificate
Add the resulting Base64 key hash to our Facebook App settings

This fixed the problem.

Getting the .apk proved tricky. Applications reside in the /data/app folder of the device's filesystem. However, this directory is protected to prevent listing it, so unless you know the name of the file you're looking for, you're out of luck. You can of course, root the device. Alternatively you can try your blind luck by doing adb pull /data/app/<app-id><suffix>.apk where suffix is either an empty string or -1, -2, etc, until you succeed. E.g.:

$ adb pull /data/app/com.example.game.apk
remote object '/data/app/com.example.game.apk' does not exist
$ adb pull /data/app/com.example.game-1.apk
remote object '/data/app/com.example.game-1.apk' does not exist
$ adb pull /data/app/com.example.game-2.apk
3658 KB/s (1085140 bytes in 0.289s)

If this approach fails, rooting might be the only option.

Once you have the .apk file, you can use the code below to obtain the key hash. Save as Main.java, compile with javac Main.java and run with java Main <APK>, e.g.:

$ javac Main.java
$ java Main com.example.game-1.apk
com.example.game-1.apk: 478uEnKQV+fMQT8Dy4AKvHkYibo=

Adding 478uEnKQV+fMQT8Dy4AKvHkYibo= to the key hashes of our Facebook App settings then fixes the problem. I'm curious if other people find the same hash we got (which would mean all Amazon games are resigned with the same key). In our case, the hash started with wwYPegrz....

Here's the code:

import java.security.MessageDigest;
import java.security.cert.Certificate;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashSet;
import java.util.Set;
import java.util.jar.JarEntry;
import java.util.jar.JarFile;

import sun.misc.BASE64Encoder;

public class Main {
    public static void main(String[] args) throws Exception {
        for (String jarFilename : args)
            extractHash(jarFilename);
    }

    private static void extractHash(String jarFilename) throws Exception {
        BASE64Encoder base64 = new BASE64Encoder();
        MessageDigest sha1 = MessageDigest.getInstance("SHA");
        Set<Certificate> certificates = new HashSet<Certificate>();
        JarFile jarFile = new JarFile(jarFilename);
        for (JarEntry jarEntry : Collections.list(jarFile.entries())) {
            jarFile.getInputStream(jarEntry).skip(Long.MAX_VALUE);
            Certificate[] certs = jarEntry.getCertificates();
            if (certs == null)
                continue;
            certificates.addAll(Arrays.asList(certs));
        }
        System.out.printf("%s:", jarFilename);
        for (Certificate cert : certificates) {
            byte[] digest = sha1.digest(cert.getEncoded());
            System.out.printf(" %s", base64.encode(digest));
        }
        if (certificates.isEmpty())
            System.out.printf(" NOT SIGNED!");
        System.out.println();
        jarFile.close();
    }
}

My app got signed with a different key "1Prg..." So you need to follow the whole process fro every app — unify, Feb 24 '14 at 23:18

score 2 · Answer 2 · answered Mar 21 '14 at 20:26

2

@Blanka's answer is technically correct, however I found an easier way: Simply go to Amazon developer console and copy the value I have highlighted in the red rectangle: SHA1 base 64

answered Mar 21 '14 at 20:26

unify

6,161
4
33
34

Hello, I don't see Appstore Certificate Hashes in my Binary Files section. Secondly, what do I do with that hash? Copy it to somewhere in the Facebook console? – CQM Aug 05 '14 at 21:00

score 1 · Answer 3 · answered Mar 14 '13 at 14:35

The solution from Blanka works.

However, here's another solution easier to do if you can reproduce the issue on a Kindle Fire.

Retrieve from LogCat the authentication request sent by Facebook:

03-13 15:21:19.360: D/WebCore(26863): *-* Total load time: 1535.31 ms, thread time: 287.00 ms for
https://m.facebook.com/dialog/oauth?android_key=XXXXXXXXXXXXX&calling_package_key=<app_package_id>
&client_id=YYYYYYYYYYYY&display=touch&redirect_uri=fbconnect%3A%2F%2Fsuccess&scope=email%
2Cpublish_stream&type=user_agent&_rdr

android_key parameter is the Hash Key of your app. You need to add this key on the Facebook Dashboad.

Note: Be careful, the encoding format of your hash may in the https request be different that the one needed by Facebook.

I try both your method then Blanka solution. The second works. I show the difference in the hash key generated. 1: vB_R9pXJ-TxxxxxxxxxxFm1_PAU 2: vB/R9pXJ+TxxxxxxxxxxFm1/PAU= There are only few different symbols (I omitted a part). Blanka solution is right for me. — DonMizzi, Dec 07 '13 at 13:19

score 0 · Answer 4 · edited May 23 '17 at 10:26

0

I think the problem with hashkey, I also faced same issue. I resolved this by downloaded openssl and generated hash. Try with following answer https://stackoverflow.com/a/14826036/1258999

edited May 23 '17 at 10:26

Community

1
1

answered Mar 14 '13 at 05:10

Santhosh

1,962
2
16
23

score 0 · Answer 5 · answered Apr 13 '15 at 05:02

Discovered an even easier way to deal with this on Kindle or any other device. If you have the FB app installed (in my case I didn't try other sign in paths but may work too?), and the login you're using is listed as a developer in the FB app at developer.facebook.com for the app in question, the hash will appear in the error message it gives you in the app itself. Says something to the effect of "Hash key xxxxxxxxxxxxxxxxx was not recognized. Manage your hash keys in the developer portal for app id yyyyyyyyyyyy".

Sorry if the text isn't exactly right, i didn't screenshot it prior to fixing the problem myself, but that's the gist of it.

App is misconfigured for Facebook login : Kindle Fire Integration Issue

5 Answers5

Linked