我的Facebook画布应用程序出现问题,目前正在开发我正在进行http://localhost:8080
我的画布网址为http://localhost:8080/fbcanvas/
在Facebook上,网址设置为http://apps.facebook.com/app_name/
问题是我在用户批准我的应用后将代码作为$_GET['code']变量获取。
在facebook文档中,它没有说到获得$_GET['code']只是说获得signed_request
这是我在facebook示例中使用的代码。
require_once($_SERVER['DOCUMENT_ROOT'] . '/classes/Page.php');
require($_SERVER['DOCUMENT_ROOT'] . '/core/config.fb.php');
$canvas_page = 'http://apps.facebook.com/khawamusic/';
$auth_url = 'https://www.facebook.com/dialog/oauth?client_id=' . $app_id . '&redirect_uri=' . urlencode($canvas_page);
$signed_request = $_REQUEST['signed_request'];
list($encoded_sig, $payload) = explode('.', $signed_request, 2);
$data = json_decode(base64_decode(strtr($payload, '-_', '+/')), true);
if(empty($data['user_id'])) {
echo('<script> top.location.href="' . $auth_url .'";</script>');
} else {
$page = new Page;
$styles = array('reset.css', 'fbcanvas.css');
$scripts = array(
'https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js',
'https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.14/jquery-ui.min.js',
'http://connect.facebook.net/en_US/all.js#xfbml=1',
'/sources/js/fbcanvas.js'
);
$page->set_title('Khawa');
$page->set_styles($styles);
$page->set_scripts($scripts);
$page->start_page();
require($_SERVER['DOCUMENT_ROOT'] . '/fbcanvas/fb.tpl');
$page->end_page();
}
所以会发生什么情况是用户批准我的应用,然后他被重定向到http://apps.facebook.com/khawamusic/?code=blabla
我被困了,因为在文档中它没有说我想要得到$_GET['code']
答案 0 :(得分:2)
如果用户按下允许,则您的应用已获得授权。 OAuth对话框将使用授权码将用户浏览器重定向(通过HTTP 302)到redirect_uri参数中传递的URL:
http://YOUR_URL?code=A_CODE_GENERATED_BY_SERVER
掌握此代码后,您可以继续执行下一步应用程序身份验证,以获取进行API调用所需的访问令牌。
修改 这是一个身份验证的示例,这将不显示?code = Blabla .. 首先从这里下载最新的Facebook PHP SDK:https://github.com/facebook/php-sdk/tree/master/src
确保保存所有3个文件,facebook.php,base_facebook.php和fb_ca_chain_bundle.crt 现在用你的应用程序ID和App Secret替换文本“YOUR_APP_ID”和“”YOUR_APP_API_SECRET“,我已经使用图形api添加了样本墙发布,如果你不想要,你可以删除它,如果你通过我的代码和注释,你会明白它的作用,你不想做任何事情来获取访问令牌,只需使用$ access_token变量,它会给你当前用户的access_token,如果你想要用户的ID,那么使用$ user变量,如果你想要用户的基本信息,使用$ userInfo变量,它将使用图形api获取用户的数据并返回数组中的所有信息,你将获得当前用户的信息,如id,name,first_name,last_name ,链接,家乡,位置,生物,工作,教育,性别,timezone.etc。
使用您的着陆页网址或您的画布页面网址
更改$ RedirectUrl <?php
require 'facebook.php';
define('FACEBOOK_APP_ID', "YOUR_APP_ID"); // Your App ID
define('FACEBOOK_SECRET', "YOUR_APP_API_SECRET"); // Your App API Secret
$RedirectUrl = "http://apps.facebook.com/myapp/"; // Your Landing Page URL, User's will be redirect to this URL after they allow your app.
function d($d){
echo "<pre>";
print_r($d);
echo "</pre>";
}
$user = null;
$facebook = new Facebook(array(
'appId' => FACEBOOK_APP_ID,
'secret' => FACEBOOK_SECRET,
'cookie' => true,
));
$user = $facebook->getUser(); // Get the UID of the connected user, or 0 if the Facebook user is not connected.
if(isset($_GET['code'])){
header("Location: $RedirectUrl");
}
if($user == 0) {
// If User is not connected to your app, then redirect User to Authentication Page.
/**
* Get a Login URL for use with redirects. By default, full page redirect is
* assumed. If you are using the generated URL with a window.open() call in
* JavaScript, you can pass in display=popup as part of the $params.
*
* The parameters:
* - redirect_uri: the url to go to after a successful login
* - scope: comma separated list of requested extended perms
*/
$login_url = $facebook->getLoginUrl($params = array('scope' => "publish_stream", 'redirect_uri' => $RedirectUrl));
echo("<script> top.location.href='" . $login_url . "'</script>");
} else {
// If User is connected to your app, then do something.
$signed_request = $facebook->getSignedRequest(); // Get the data from a signed_request token.
$access_token = $facebook->getAccessToken(); // Determines the access token that should be used for API calls.
$userInfo = $facebook->api("/me"); // Get's User Info
try {
// Posts to user's wall after the user allows your app.
$wallpost = array(
'message' => "I like this",
'link' => 'http://google.com',
'picture' => 'http://i.imgur.com/8iz6L.png',
'name' => 'This is cool',
'description'=> 'Checkout this cool app'
);
$publishStream = $facebook->api("/$user/feed", "post", $wallpost); // WallPost to User's Wall using Graph API
echo "Your post was successfully posted to UID: $user";
}
catch (FacebookApiException $e) {
d($e);
}
}
?>
答案 1 :(得分:0)
我还不确定,但我认为我有一个授权/验证Facebook应用程序的答案...
第1步:用户第一次访问您的应用时,Facebook会向您发送已签名的请求,您需要解析它并对其进行验证并检查$data['user_id']是否已设置。
代码:
$data = $canvas->parse_signed_request($signed_request);
$auth_url = 'http://www.facebook.com/dialog/oauth?client_id=' . $app_id . '&redirect_uri=' . urlencode($canvas_page);
if(empty($data['user_id'])) {
echo '<script>top.location.href="' . $auth_url . '"</script>';
}
因此,如果$data['user_id']为空,请进行身份验证。
第2步:用户授权您的应用Facebook向您发送已签名的请求和代码
if(isset($_REQUEST['code'])) {
$access_token = $canvas->get_access_token($_REQUEST['code']);
$user = $canvas->getUser($access_token);
$user_info = array(
'user_id' => $user->id,
'user_username' => $user->username,
'user_name' => $user->name
);
// install the application for the new user.
$user_obj = new User($user_info);
// registered or allready exists.
if($user_obj) {
echo '<script>top.location.href="' . $canvas->canvas_page . '";</script>';
}
exit();
}
所以根据我的理解facebook只发送一次$_REQUEST['code']:当用户批准你的画布应用程序时。
这就是用户安装所以现在每次用户重新进入你的应用程序时你都会得到一个signed_request 但是这次因为用户已经批准了应用程序,签名请求将包含user_id和oauth_token,你可以从图api中获取内容。
如果签名_Request有USER_ID这就是你做的。
if(isset($data['user_id'])) {
$user = false;
if(!$user) {
$user = $canvas->getUser($data['oauth_token']);
}
if(!ob_start('ob_gzhandler')) ob_start();
$styles = array(
'reset.css', 'jplayer.fbcanvas.css', 'fbcanvas.css'
);
$scripts = array(
'http://connect.facebook.net/en_US/all.js#xfbml=1',
'http://ajax.googleapis.com/ajax/libs/jquery/1.6/jquery.min.js',
'/sources/js/jplayer/jquery.transform.js',
'/sources/js/jplayer/jquery.grab.js',
'/sources/js/jplayer/jquery.jplayer.js',
'/sources/js/jplayer/mod.csstransforms.min.js',
'/sources/js/jplayer/circle.player.js',
'/sources/js/fbcanvas.js'
);
$results = $canvas->getLatestSongs();
// the canvas.
$page->set_title('Khawa');
$page->set_styles($styles);
$page->set_scripts($scripts);
$page->start_page();
require($_SERVER['DOCUMENT_ROOT'] . '/fbcanvas/fb.tpl');
$page->end_page();
ob_end_flush();
}
我不确定,但我认为这是FACEBOOK CANVAS APPS的身份验证过程。