Php 我的Facebook应用程序中的OAuth 2.0出现问题
在我升级到OAuth 2.0之前,我的facebook应用程序中的每件事都运行良好,我不确定我是否一切正常 问题是,我已经让OAuth对话框工作,当用户授权应用程序时,它会将我的应用程序呈现到iFrame中,但我的$u get[]有问题,让我解释一下: 这是我的index.php,我使用它作为主页,而我只是在名为content的div中包含()一些文件,具体取决于$\u GET['section']:Php 我的Facebook应用程序中的OAuth 2.0出现问题,php,facebook,Php,Facebook,在我升级到OAuth 2.0之前,我的facebook应用程序中的每件事都运行良好,我不确定我是否一切正常 问题是,我已经让OAuth对话框工作,当用户授权应用程序时,它会将我的应用程序呈现到iFrame中,但我的$u get[]有问题,让我解释一下: 这是我的index.php,我使用它作为主页,而我只是在名为content的div中包含()一些文件,具体取决于$\u GET['section']: $app_id = "xxx"; $application_secret = 'xxx
$app_id = "xxx";
$application_secret = 'xxx';
$canvas_page = "xxx";
$auth_url = "http://www.facebook.com/dialog/oauth?client_id=".$app_id. "&redirect_uri=".urlencode($canvas_page)."&scope=publish_stream,offline_access";
//OAuth 2.0
function parse_signed_request($signed_request, $secret) {
list($encoded_sig, $payload) = explode('.', $signed_request, 2);
// decode the data
$sig = base64_url_decode($encoded_sig);
$data = json_decode(base64_url_decode($payload), true);
if (strtoupper($data['algorithm']) !== 'HMAC-SHA256') {
error_log('Unknown algorithm. Expected HMAC-SHA256');
return null;
}
// check sig
$expected_sig = hash_hmac('sha256', $payload, $secret, $raw = true);
if ($sig !== $expected_sig) {
error_log('Bad Signed JSON signature!');
return null;
}
return $data;
}
function base64_url_decode($input) {
return base64_decode(strtr($input, '-_', '+/'));
}
//
$data = parse_signed_request($_REQUEST["signed_request"],$application_secret);
if (empty($data["user_id"])) {
echo("<script> top.location.href='" . $auth_url . "'</script>");
} else {
$_SESSION['on'] = 1;
include ('src/facebook.php');
$files = array();
$files['RE'] = 'xxx.php';
$files['RC'] = 'yyy.php';
$files['DP'] = 'zzz.php';
$facebook = new Facebook(array(
'appId' => $app_id,
'secret' => $application_secret,
'cookie' => true,
'perms' => 'publish_stream, offline_access',
));
$_SESSION["access_token"] = $data["oauth_token"];
$me = $facebook->api('/me?oauth_token='.$_SESSION["access_token"]);
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd" xmlns:fb="https://www.facebook.com/2008/fbml">
<link rel="stylesheet" href="css/style.css" type="text/css">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta http-equiv="Content-Style-Type" content="text/css">
<meta property="og:title" content="title" />
<meta property="og:description" content="description" />
<meta property="og:image" content="thumbnail_image" />
</head>
<body>
<div class="wrapper">
<?php include("inc/app_header.php");?>
<div class="content">
<?php
if(isset($_GET['section']))
{
$file_to_include = 'inc/'.$files[$_GET['section']];
}
else
{
$file_to_include = 'inc/section_restaurantes.php';
}
include($file_to_include);
?>
<div class="content_bottom_space"></div>
</div>
<div class="footer">
</div>
</div>
</body>
</html>
<?php } ?>
$app_id=“xxx”;
$application_secret='xxx';
$canvas_page=“xxx”;
$auth_url=”http://www.facebook.com/dialog/oauth?client_id=“$app\u id.&redirect\u uri=“.urlencode($canvas\u page)。”&scope=publish\u stream,脱机访问”;
//OAuth2.0
函数parse_signed_请求($signed_请求,$secret){
列表($encoded_sig,$payload)=分解('.',$signed_请求,2);
//解码数据
$sig=base64\u url\u decode($encoded\u sig);
$data=json_decode(base64_url_decode($payload),true);
if(strtoupper($data['algorithm'])!=='HMAC-SHA256'){
错误日志('未知算法。应为HMAC-SHA256');
返回null;
}
//检查信号
$expected_sig=hash_hmac('sha256',$payload,$secret,$raw=true);
如果($sig!==$expected\u sig){
错误日志('错误的JSON签名!');
返回null;
}
返回$data;
}
函数base64\u url\u decode($input){
返回base64_解码(strtr($input,'-'','+/');
}
//
$data=parse_signed_request($_request[“signed_request”],$application_secret);
if(空($data[“user\u id”])){
echo(“top.location.href=”。$auth_url。””;
}否则{
$\会话['on']=1;
包括('src/facebook.php');
$files=array();
$files['RE']='xxx.php';
$files['RC']='yyy.php';
$files['DP']='zzz.php';
$facebook=新的facebook(数组)(
“appId”=>$app\u id,
“机密”=>$application\u secret,
“cookie”=>正确,
“perms'=>“发布\u流,脱机\u访问”,
));
$\u会话[“访问令牌”]=$data[“oauth\u令牌”];
$me=$facebook->api('/me?oauth_令牌='.$\u会话[“访问_令牌]);
<div class="section_restaurantes">
<div class="restaurantes_container">
<div class="restaurantes"><a href="index.php?section=DP"></a></div>
<div class="restaurantes"><a href="index.php?section=PH"></a></div>
</div>
</div>
我需要帮助,我试图在互联网上找到解决方案,但什么也没有找到。如果您使用的是PHP-SDK,您不需要解析
签名请求,因为它会帮您解决问题。您只需要检索用户(getUser()
),如果没有用户,则重定向到登录url(请参阅文件)
下面是一个更好的代码:
<?php
include ('src/facebook.php');
$app_id = "xxx";
$application_secret = 'xxx';
$canvas_page = "xxx";
$facebook = new Facebook(array(
'appId' => $app_id,
'secret' => $application_secret
));
$user = $facebook->getUser();
if(!$user) {
$loginUrl = $facebook->getLoginUrl(array(
'redirect_uri' => $canvas_page,
'scope' => 'publish_stream,offline_access'
));
echo("<script> top.location.href='" . $loginUrl . "'</script>");
exit;
}
$_SESSION['on'] = 1;
$files = array();
$files['RE'] = 'xxx.php';
$files['RC'] = 'yyy.php';
$files['DP'] = 'zzz.php';
try {
$me = $facebook->api('/me');
} catch (FacebookApiException $e) {
error_log($e);
$user = null;
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd" xmlns:fb="https://www.facebook.com/2008/fbml">
<link rel="stylesheet" href="css/style.css" type="text/css">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta http-equiv="Content-Style-Type" content="text/css">
<meta property="og:title" content="title" />
<meta property="og:description" content="description" />
<meta property="og:image" content="thumbnail_image" />
</head>
<body>
<div class="wrapper">
<?php include("inc/app_header.php");?>
<div class="content">
<?php
if(isset($_GET['section']))
{
$file_to_include = 'inc/'.$files[$_GET['section']];
}
else
{
$file_to_include = 'inc/section_restaurantes.php';
}
include($file_to_include);
?>
<div class="content_bottom_space"></div>
</div>
<div class="footer">
</div>
</div>
</body>
</html>
如果您使用的是PHP-SDK,则无需解析已签名的\u请求,因为PHP-SDK会为您解决此问题。您只需检索用户(getUser()
),如果没有用户,则重定向到登录url(请参阅文件)
下面是一个更好的代码:
<?php
include ('src/facebook.php');
$app_id = "xxx";
$application_secret = 'xxx';
$canvas_page = "xxx";
$facebook = new Facebook(array(
'appId' => $app_id,
'secret' => $application_secret
));
$user = $facebook->getUser();
if(!$user) {
$loginUrl = $facebook->getLoginUrl(array(
'redirect_uri' => $canvas_page,
'scope' => 'publish_stream,offline_access'
));
echo("<script> top.location.href='" . $loginUrl . "'</script>");
exit;
}
$_SESSION['on'] = 1;
$files = array();
$files['RE'] = 'xxx.php';
$files['RC'] = 'yyy.php';
$files['DP'] = 'zzz.php';
try {
$me = $facebook->api('/me');
} catch (FacebookApiException $e) {
error_log($e);
$user = null;
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd" xmlns:fb="https://www.facebook.com/2008/fbml">
<link rel="stylesheet" href="css/style.css" type="text/css">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta http-equiv="Content-Style-Type" content="text/css">
<meta property="og:title" content="title" />
<meta property="og:description" content="description" />
<meta property="og:image" content="thumbnail_image" />
</head>
<body>
<div class="wrapper">
<?php include("inc/app_header.php");?>
<div class="content">
<?php
if(isset($_GET['section']))
{
$file_to_include = 'inc/'.$files[$_GET['section']];
}
else
{
$file_to_include = 'inc/section_restaurantes.php';
}
include($file_to_include);
?>
<div class="content_bottom_space"></div>
</div>
<div class="footer">
</div>
</div>
</body>
</html>
你知道用PHP-SDK你真的不需要自己解析签名请求,甚至不需要设置会话,对吗?我不知道如何用另一种方法检索访问令牌你知道用PHP-SDK你真的不需要自己解析签名请求,甚至不需要设置会话,对吗?我不知道如何检索访问令牌使用其他方法访问令牌不客气!请尝试回答。不客气!请尝试回答。