Facebook 重新获得用户访问附加数据的许可
我有一个名为 fbmain.php 的文件,它将对用户进行身份验证。
<?php
//set facebook application id, secret key and api key here
$fbconfig['appid' ] = "MY_APP_ID";
$fbconfig['secret'] = "MY_APP_SECRET";
$uid = null; //facebook user id
try{
include_once "facebook.php";
}catch(Exception $o){
echo '<pre>';
print_r($o);
echo '</pre>';
}
// Create our Application instance.
$facebook = new Facebook(array(
'appId' => $fbconfig['appid'],
'secret' => $fbconfig['secret'],
'cookie' => true,
));
//Facebook Authentication part
$session = $facebook->getSession();
//Get permission from user
$loginUrl = $facebook->getLoginUrl(
array(
'canvas' => 1,
'fbconnect' => 0,
'req_perms' => 'email,publish_stream,status_update'
)
);
if (!$session) {
echo "<script type='text/javascript'>top.location.href = '$loginUrl';</script>";
exit;
}
if ($session) {
try {
$uid = $facebook->getUser();
} catch (FacebookApiException $e) {
echo "<script type='text/javascript'>top.location.href = '$loginUrl';</script>";
exit;
}
}
//signed_request part
$signed_request = $_REQUEST['signed_request'];
$secret = $fbconfig['secret'];
$data = parse_signed_request($signed_request, $secret);
$fan_page_id = $data['page']['id'];
$admin_check = $data['page']['admin'];
$like_check = $data['page']['liked']; //New
//Get fan page id
function parse_signed_request($signed_request, $secret) {
list($encoded_sig, $payload) = explode('.', $signed_request, 2);
// decode the data
$sig = base64_url_decode($encoded_sig);
$data = json_decode(base64_url_decode($payload), true);
if (strtoupper($data['algorithm']) !== 'HMAC-SHA256') {
error_log('Unknown algorithm. Expected HMAC-SHA256');
return null;
}
// check sig
$expected_sig = hash_hmac('sha256', $payload, $secret, $raw = true);
if ($sig !== $expected_sig) {
error_log('Bad Signed JSON signature!');
return null;
}
return $data;
}
function base64_url_decode($input) {
return base64_decode(strtr($input, '-_', '+/'));
}
?>
我已将 fbmain.php 文件包含到我的 index.php 文件中并访问用户数据。
后来我想访问用户生日。所以我添加了对 fbmain.php 文件的“user_birthday”权限引用。下面给出了
//Get permission from user
$loginUrl = $facebook->getLoginUrl(
array(
'canvas' => 1,
'fbconnect' => 0,
'req_perms' => 'email,publish_stream,status_update,user_birthday'
)
);
index.php 文件的代码,
<?php
//index.php file
include_once "fbmain.php";
$me = $facebook->api('/me');
$_SESSION['id'] = $me['id'];
$_SESSION['name'] = $me['name'];
$_SESSION['link'] = $me['link'];
$_SESSION['email'] = $me['email'];
if($me['birthday'] == null){ ?>
<script>
top.location = 'http://www.facebook.com/dialog/oauth?client_id=MY_APP_ID&redirect_uri=MY_REDIRECT_URL&scope=user_birthday';
</script>
<?php }else{ ?>
//Some other codes
<?php } ?>
我将用户重定向到如果 $me['birthday'] 返回 null 值,则请求用户生日的权限窗口。我必须添加这部分,因为我后来将 user_birthday 添加到了权限引用的范围中。
这适用于某些用户,并显示“请求许可”窗口,要求访问用户的生日。
但对于某些用户,它会显示 Facebook 错误消息(可能是因为我尝试在显示“请求许可”窗口之前访问用户的生日:$me['birthday']==null)
谁能告诉我一种正确的方法来获得用户的重新许可来访问用户的生日?
请注意,此问题仅发生在已通过身份验证的用户中我的应用程序
I have a file named fbmain.php which will authenticate the user.
<?php
//set facebook application id, secret key and api key here
$fbconfig['appid' ] = "MY_APP_ID";
$fbconfig['secret'] = "MY_APP_SECRET";
$uid = null; //facebook user id
try{
include_once "facebook.php";
}catch(Exception $o){
echo '<pre>';
print_r($o);
echo '</pre>';
}
// Create our Application instance.
$facebook = new Facebook(array(
'appId' => $fbconfig['appid'],
'secret' => $fbconfig['secret'],
'cookie' => true,
));
//Facebook Authentication part
$session = $facebook->getSession();
//Get permission from user
$loginUrl = $facebook->getLoginUrl(
array(
'canvas' => 1,
'fbconnect' => 0,
'req_perms' => 'email,publish_stream,status_update'
)
);
if (!$session) {
echo "<script type='text/javascript'>top.location.href = '$loginUrl';</script>";
exit;
}
if ($session) {
try {
$uid = $facebook->getUser();
} catch (FacebookApiException $e) {
echo "<script type='text/javascript'>top.location.href = '$loginUrl';</script>";
exit;
}
}
//signed_request part
$signed_request = $_REQUEST['signed_request'];
$secret = $fbconfig['secret'];
$data = parse_signed_request($signed_request, $secret);
$fan_page_id = $data['page']['id'];
$admin_check = $data['page']['admin'];
$like_check = $data['page']['liked']; //New
//Get fan page id
function parse_signed_request($signed_request, $secret) {
list($encoded_sig, $payload) = explode('.', $signed_request, 2);
// decode the data
$sig = base64_url_decode($encoded_sig);
$data = json_decode(base64_url_decode($payload), true);
if (strtoupper($data['algorithm']) !== 'HMAC-SHA256') {
error_log('Unknown algorithm. Expected HMAC-SHA256');
return null;
}
// check sig
$expected_sig = hash_hmac('sha256', $payload, $secret, $raw = true);
if ($sig !== $expected_sig) {
error_log('Bad Signed JSON signature!');
return null;
}
return $data;
}
function base64_url_decode($input) {
return base64_decode(strtr($input, '-_', '+/'));
}
?>
I have included fbmain.php file to my index.php file and access user data.
Then later I wanted to access user birthday.So I added 'user_birthday' permission references to the fbmain.php file.code is given bellow
//Get permission from user
$loginUrl = $facebook->getLoginUrl(
array(
'canvas' => 1,
'fbconnect' => 0,
'req_perms' => 'email,publish_stream,status_update,user_birthday'
)
);
code of the index.php file is given bellow,
<?php
//index.php file
include_once "fbmain.php";
$me = $facebook->api('/me');
$_SESSION['id'] = $me['id'];
$_SESSION['name'] = $me['name'];
$_SESSION['link'] = $me['link'];
$_SESSION['email'] = $me['email'];
if($me['birthday'] == null){ ?>
<script>
top.location = 'http://www.facebook.com/dialog/oauth?client_id=MY_APP_ID&redirect_uri=MY_REDIRECT_URL&scope=user_birthday';
</script>
<?php }else{ ?>
//Some other codes
<?php } ?>
I redirect user to permission window requesting user's birthday if $me['birthday'] returns null value. I had to add this part since I added user_birthday to the scope of permission references later.
This works for some users and display 'Request for Permission' window asking to access user's birthday.
But for some users it display a facebook error message(It may since I try to access user's birthday before display 'Request for Permission' window : $me['birthday']==null)
Can anyone tell me a proper way to get the re-permission from user to access user birthday?
Note that this problem occurs only for users those who have already authenticated in my app
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
您知道 Facebook 在 getLoginUrl() 函数中将权限参数从 req_perms 更改为 scope。尝试范围,也许可行。
https://github.com/facebook/php-sdk/issues/381
You know facebook changed the parameter for the permissions from req_perms to scope in getLoginUrl() function. Try scope, may be it works.
https://github.com/facebook/php-sdk/issues/381
我不明白 php...bt 检查 FB.ui
https://developers。 facebook.com/docs/reference/dialogs/oauth/
这里有一个 oAuth 对话框来请求用户许可。
I don't understand php...bt check FB.ui
https://developers.facebook.com/docs/reference/dialogs/oauth/
Here you have oAuth dialog to ask for user permision.
您可以使用范围参数来请求权限。
这是您想要替换的代码
,如果您使用这些代码,您的访问者第一次访问此代码时请求完全权限,并且已经验证了其他权限,则用户访问此页面时仅请求生日权限。
你不需要使用
You can use scope params for you requesting permission.
this is code for you want to replace
if you these this code ,your visitor who visit first time this code request full permision ,and already authendicate for other permisions user comes to this page it request only for birthday permisions .
you not need to use