All geek questions in one place

Facebook login issue

I am working on a facebook application and there is something I just don’t understand how their authorization system works.

Our main setup is

canvas URL = domain.com/facebook

This is a simple page with an FBML Iframe element that points to domain.com/facebook/app, which is the HTML page that serves the Flash application.

The Flash application requests additional data from our application server - some of these requests request data on facebook (for example, a list of friend identifiers).

So, Flash then makes a request to domain.com/resources/facebook/friends - this is a PHP page that creates an instance of Facebook (their PHP library) and makes the necessary call to their API and returns the data.

However, the request to this URL (via flash memory) is not checked, so it is then redirected to their username when it itself redirects my canvas URL with two parameters - auth_token and the following . Thus, the request is valid, but redirection interrupts the flash call.

So, I'm trying to figure out how to make these other API calls (when they themselves call the facebook API calls), there will be facebook-vaildated from get-go.

+3
source share
2 answers

Ok, I figured it out.

, Flash - , , ( URL ), ( auth_token next) auth_token GET, URL ( , auth_token ).

, , , - , .

+1

, require_login()

if (isset($_GET['auth_token'])) {
 $sess_data=$facebook->api_client->call_method('auth.getSession',array('auth_token'=>$_GET['auth_token']));
 $facebook->set_user($sess_data['uid'],$sess_data['session_key'],$sess_data['expires']);
 $user=$sess_data['uid'];
}
if (!$sess_data) {
 $user=$facebook->require_login();
}
+1

Source: https://habr.com/ru/post/1702319/

More articles:


All Articles