iframe 应用程序中的 Facebook 会话中断了 ajax 调用
我有一个 facebook 应用程序,它通过 PHP-SDK 连接到 facebook。
$facebook = new Facebook(array(
'appId' => FACEBOOK_APP_ID,
'secret' => FACEBOOK_SECRET_KEY,
));
$user = $facebook->getUser();
if ($user) {
try {
$user_profile = $facebook->api('/me');
} catch (FacebookApiException $e) {
error_log($e);
$user = null;
}
}
一切都很好,我打开浏览器并且不响应我的应用程序。一段时间后,我尝试通过 ajax 在应用程序中发送表单。好像session无效了? Facebook 将再次授权我的应用程序将 ajax url 加载到浏览器地址栏中,并将新的会话参数附加到该 url 并中断应用程序。
我可以做些什么来假装 facebook“重新加载”或将 ajax/form 操作传递到浏览器地址栏吗?在处理每个请求之前,我检查用户是否仍然处于活动状态,这可能是问题所在?
$user = $facebook->getUser();
if ($user != 0) {
if($this->userProfile == null){
try {
// Proceed knowing you have a logged in user who's authenticated.
$this->userProfile = $facebook->api('/me');
} catch (FacebookApiException $e) {
error_log($e);
$user = null;
}
}
}else{
$this->userProfile = null;
}
if ($this->userProfile != null) {
$filterChain->run();
} else {
$loginUrl = $facebook->getLoginUrl(
array('scope' => 'publish_stream','redirect_uri' => 'REDIRECT_URI'));
}
echo("<script> top.location.href='" . $loginUrl . "'</script>");
我应该使用其他方法吗? 提前致谢!
I've a facebook application, which conncets to facebook via the PHP-SDK.
$facebook = new Facebook(array(
'appId' => FACEBOOK_APP_ID,
'secret' => FACEBOOK_SECRET_KEY,
));
$user = $facebook->getUser();
if ($user) {
try {
$user_profile = $facebook->api('/me');
} catch (FacebookApiException $e) {
error_log($e);
$user = null;
}
}
Everything is fine, I let the browser open and don't respond to my app. After a while I try to send a form in the app via ajax. It seems that the session is invalid? Facebook will authorize my app again load the ajax url into the browsers address bar and attach the new session param to that url and breaks the app.
Is there anything I could do to pretend facebook to "reload" or pass the ajax/form action to the browser address bar? Before every request is processed I check whether the user is still active or not, that might be the problem?
$user = $facebook->getUser();
if ($user != 0) {
if($this->userProfile == null){
try {
// Proceed knowing you have a logged in user who's authenticated.
$this->userProfile = $facebook->api('/me');
} catch (FacebookApiException $e) {
error_log($e);
$user = null;
}
}
}else{
$this->userProfile = null;
}
if ($this->userProfile != null) {
$filterChain->run();
} else {
$loginUrl = $facebook->getLoginUrl(
array('scope' => 'publish_stream','redirect_uri' => 'REDIRECT_URI'));
}
echo("<script> top.location.href='" . $loginUrl . "'</script>");
Should I use an other approch?
Thanks in advance!
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
您确实不应该以与常规页面获取相同的方式处理 ajax 调用。一般来说,如果 ajax 进程中发生类似过期会话的情况,您需要将错误代码发送回主页并让它在顶层处理它。
我猜测您从此 ajax 请求发回的信息会立即解析为 HTML?这意味着,如果您发回
块,它将被执行并将浏览器重定向到新位置。同样,这可能不是处理问题的最佳方法,但如果正确设置了redirect_uri(到整个页面的url),它仍然可以工作。因为 getLoginUrl() 是在 ajax 页面内调用的,所以redirect_uri 被设置为该 url,因此在新的授权完成后,浏览器将被发送回该位置(现在位于顶层)。因此,虽然可能不是最好的整体结构,但一个快速的解决方法是在 ajax 调用中覆盖redirect_uri 设置,并使其指向父页面而不是其本身。You really shouldn't be processing ajax calls the same way as regular page fetches. Generally if something like an expired session happens within an ajax process you want to send an error code back to the main page and let it handle it at the top level.
I'm guessing that the info you send back from this ajax request gets immediately parsed as HTML? Which means that if you send back a
<script>top.location=xxx</script>block, it gets executed and redirects the browser to the new location. Again that's probably not the best way to handle things, but it would still work if the redirect_uri were set appropriately (to the url of the page as a whole). Because the getLoginUrl() is called while within the ajax page, the redirect_uri is set to that url instead, so after the new authorization is completed that's where the browser is sent back to (at the top level now). So while probably not the best overall structure, a quick workaround would be to override the redirect_uri setting when you are within an ajax call, and make it point to the parent page instead of itself.