evertything正在运行在我的Facebook应用程序正常,直到我把它升级到的OAuth 2.0,和IM不确定是不是我做的一切权利。故障使用OAuth 2.0在我的Facebook应用程序
的事情是,我已经取得的OAuth的对话工作,并在用户授权的应用程序,它使我的应用程序到iFrame,但我有我的$ _GETs麻烦[],让我解释一下:
这里是我的index.php,这是我的主网页使用,而我只是包括()在一个div一些文件调用的内容,这取决于$ _GET [“节”]:
$app_id = "xxx";
$application_secret = 'xxx';
$canvas_page = "xxx";
$auth_url = "http://www.facebook.com/dialog/oauth?client_id=".$app_id. "&redirect_uri=".urlencode($canvas_page)."&scope=publish_stream,offline_access";
//OAuth 2.0
function parse_signed_request($signed_request, $secret) {
list($encoded_sig, $payload) = explode('.', $signed_request, 2);
// decode the data
$sig = base64_url_decode($encoded_sig);
$data = json_decode(base64_url_decode($payload), true);
if (strtoupper($data['algorithm']) !== 'HMAC-SHA256') {
error_log('Unknown algorithm. Expected HMAC-SHA256');
return null;
}
// check sig
$expected_sig = hash_hmac('sha256', $payload, $secret, $raw = true);
if ($sig !== $expected_sig) {
error_log('Bad Signed JSON signature!');
return null;
}
return $data;
}
function base64_url_decode($input) {
return base64_decode(strtr($input, '-_', '+/'));
}
//
$data = parse_signed_request($_REQUEST["signed_request"],$application_secret);
if (empty($data["user_id"])) {
echo("<script> top.location.href='" . $auth_url . "'</script>");
} else {
$_SESSION['on'] = 1;
include ('src/facebook.php');
$files = array();
$files['RE'] = 'xxx.php';
$files['RC'] = 'yyy.php';
$files['DP'] = 'zzz.php';
$facebook = new Facebook(array(
'appId' => $app_id,
'secret' => $application_secret,
'cookie' => true,
'perms' => 'publish_stream, offline_access',
));
$_SESSION["access_token"] = $data["oauth_token"];
$me = $facebook->api('/me?oauth_token='.$_SESSION["access_token"]);
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd" xmlns:fb="https://www.facebook.com/2008/fbml">
<link rel="stylesheet" href="css/style.css" type="text/css">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta http-equiv="Content-Style-Type" content="text/css">
<meta property="og:title" content="title" />
<meta property="og:description" content="description" />
<meta property="og:image" content="thumbnail_image" />
</head>
<body>
<div class="wrapper">
<?php include("inc/app_header.php");?>
<div class="content">
<?php
if(isset($_GET['section']))
{
$file_to_include = 'inc/'.$files[$_GET['section']];
}
else
{
$file_to_include = 'inc/section_restaurantes.php';
}
include($file_to_include);
?>
<div class="content_bottom_space"></div>
</div>
<div class="footer">
</div>
</div>
</body>
</html>
<?php } ?>
和section_restaurantes的代码是:
<div class="section_restaurantes">
<div class="restaurantes_container">
<div class="restaurantes"><a href="index.php?section=DP"></a></div>
<div class="restaurantes"><a href="index.php?section=PH"></a></div>
</div>
</div>
的事情是,当我在我所有的浏览器被重新加载这些div点击,该?代码= url参数改变两次,它再次section_restaurantes.php重新加载,而不是加载DP部分,我希望我是清楚的。
我想是因为它的重装两次我松开$ _GET [“节”]参数,然后将其加载默认的是“增量/ section_restaurantes.php”
我需要帮助,请,我试着在互联网上找到解决方案,但我什么也没找到
你知道用PHP-SDK,你并不真的需要解析signed_request你的自我,甚至设置会话,对不对? – ifaour
我不知道如何用另一种方法检索访问令牌 –