Facebook对PHP中iFrame应用程序的授权

我需要获取一个点击Facebook iFrame应用程序的用户的用户ID。在筛选所有虚假和过时的信息时，我认为我找到了正确的信息

当用户点击页面时，我需要让他们授权应用程序。在我的PHP中，我执行以下操作：

$facebook = new Facebook($appData);
$user = $facebook->getUser();

if(!$user) {
    echo '<script>top.location.href="'.$facebook->getLoginUrl().'";</script>';
    die();
}

---

您是否尝试过设置

redirect\u uri

参数

if(!$user) {
  $params = array('redirect_uri' => 'http://app.facebook.com/blah/');
  die('<script>top.location.href="'.$facebook->getLoginUrl($params).'";</script>');
}

if（！$user）{
$params=array（'redirect_uri'=>'http://app.facebook.com/blah/');
die（'top.location.href=“”。$facebook->getLoginUrl（$params）。“；”；
}

转到：

http://developers.facebook.com/apps

---

在您的开发者应用程序设置中，您需要更改URL设置，以便Facebook知道您的应用程序是画布应用程序。在设置中，请确保删除Web选项卡中的所有URL，然后确保在Facebook选项卡上的中正确设置了所有URL。

您可以按照示例代码使用graph api在iframe应用程序中授权Facebook应用程序

<?php
ob_start();
session_start();

/*
 * App Config
*/
$config=    array(
            'appId'  => 'APPID',
            'secret' => 'APPSECRET',
            'canvas'=>"http://apps.facebook.com/sampleapp/");


$GRAPH_URL  = "https://graph.facebook.com/";
$scope      = "publish_stream,email";
$auth_url   = "https://www.facebook.com/dialog/oauth?client_id=".$config['appId']."&redirect_uri=".urlencode($config['canvas']). "&scope=" . $scope;


$signed_request = $_REQUEST["signed_request"];

list($encoded_sig, $payload) = explode('.', $signed_request, 2); 
$data = json_decode(base64_decode(strtr($payload, '-_', '+/')), true);

if(is_array($data)){
    $authToken  =   $data['oauth_token'];
    $userId     =   $data['user_id'];
    $_SESSION['auth_token'] =   $authToken;

    //check for permission//
    $permissions = json_decode(curl_get_file_contents($GRAPH_URL . "me/permissions?access_token=" . $authToken), TRUE);
    if(array_key_exists('publish_stream', $permissions['data'][0]) ) {
        $post   =   array('client_id'=>$config['appId'],'redirect_uri'=>$config['canvas'].'','client_secret'=>$config['secret'],'type'=>'client_cred');     
        $token_url="https://graph.facebook.com/oauth/access_token";
        $response = curlpost($token_url,$post);
        $params = explode('&',$response);       
        if(isset($params[0])){
            $token  =   explode('=',$params[0]);
            if($token[0]=='access_token'){
                $access_token = $token[1];
                $_SESSION['access_token']=$access_token;
                $_SESSION['authorized']=1;      
                echo("<script> top.location.href='" . $config['canvas']."home.php'; </script>");    
            }
        }else{
            echo("<script> top.location.href='" . $config['canvas']."error.php'; </script>");   
        }   


    }else{    
        $url='https://graph.facebook.com/oauth/authorize?client_id='.$config['appId'].'&redirect_uri='.urlencode($config['canvas']).'&display=page&scope=publish_stream,email&type=user_agent';
        echo("<script> top.location.href='" . $url. "'</script>");      
    }


}else{
    echo("<script> top.location.href='" . $config['canvas']."error.php';</script>");        
}


?>

---

是的，我试过了。我得到了我在“编辑”下添加的错误。据我所知，该应用程序设置正确。如果我删除了Facebook iFrame中app.Facebook.com/blah url下app显示的授权位，当您尝试运行上面列出的代码示例时会发生什么？这就是我学习使用重定向而不是使用header（）重定向的地方。它也会做同样的事情。那么你的应用程序很可能配置错误。请参阅@squinlans答案。我已将重定向uri设置为

http://apps.facebook.com/blah

并且结尾没有“/”字符。这足以阻止它正常工作。“Web”是空的，在“Facebook上”->“画布设置”页面上，我用“blah”填充画布页面，用包含该应用的Web服务器上的位置填充画布URL。没有其他内容填写。

<?php
ob_start();
session_start();

/*
 * App Config
*/
$config=    array(
            'appId'  => 'APPID',
            'secret' => 'APPSECRET',
            'canvas'=>"http://apps.facebook.com/sampleapp/");


$GRAPH_URL  = "https://graph.facebook.com/";
$scope      = "publish_stream,email";
$auth_url   = "https://www.facebook.com/dialog/oauth?client_id=".$config['appId']."&redirect_uri=".urlencode($config['canvas']). "&scope=" . $scope;


$signed_request = $_REQUEST["signed_request"];

list($encoded_sig, $payload) = explode('.', $signed_request, 2); 
$data = json_decode(base64_decode(strtr($payload, '-_', '+/')), true);

if(is_array($data)){
    $authToken  =   $data['oauth_token'];
    $userId     =   $data['user_id'];
    $_SESSION['auth_token'] =   $authToken;

    //check for permission//
    $permissions = json_decode(curl_get_file_contents($GRAPH_URL . "me/permissions?access_token=" . $authToken), TRUE);
    if(array_key_exists('publish_stream', $permissions['data'][0]) ) {
        $post   =   array('client_id'=>$config['appId'],'redirect_uri'=>$config['canvas'].'','client_secret'=>$config['secret'],'type'=>'client_cred');     
        $token_url="https://graph.facebook.com/oauth/access_token";
        $response = curlpost($token_url,$post);
        $params = explode('&',$response);       
        if(isset($params[0])){
            $token  =   explode('=',$params[0]);
            if($token[0]=='access_token'){
                $access_token = $token[1];
                $_SESSION['access_token']=$access_token;
                $_SESSION['authorized']=1;      
                echo("<script> top.location.href='" . $config['canvas']."home.php'; </script>");    
            }
        }else{
            echo("<script> top.location.href='" . $config['canvas']."error.php'; </script>");   
        }   


    }else{    
        $url='https://graph.facebook.com/oauth/authorize?client_id='.$config['appId'].'&redirect_uri='.urlencode($config['canvas']).'&display=page&scope=publish_stream,email&type=user_agent';
        echo("<script> top.location.href='" . $url. "'</script>");      
    }


}else{
    echo("<script> top.location.href='" . $config['canvas']."error.php';</script>");        
}


?>