[cvs] [Wiki] changed: Doc/Dev/Horde_Service_Facebook

Michael Rubinsky mrubinsk at horde.org
Sun Mar 1 14:59:28 UTC 2009 

mrubinsk  Sun, 01 Mar 2009 09:59:28 -0500

Modified page: http://wiki.horde.org/Doc/Dev/Horde_Service_Facebook
New Revision:  1.4
Change log:  Clarify some things, add example code to add  
offline_access permissions

@@ -44,13 +44,13 @@

  If you do not have a valid session you will have to ask the user to  
log into Facebook:

  <code type="php">
-$url = $facebook->get_login_url('http://yourcallbackurl');
+$url = $facebook->auth->getLoginUrl('http://yourcallbackurl');
  echo '<a href="' . $url . '">Login to Facebook</a>';
  </code>

-This link will take the user to a page that will first ask them to  
login, and then requests permission for you application to interface  
with their Facebook profile. Once that happens, Facebook will redirect  
back to your callbackurl. Once back on your callback page, you will  
need to capture the values that Facebook has sent back to you. The  
same validateSession() method takes care of that.
+This link will take the user to a page that will first ask them to  
login, and then requests permission for you application to interface  
with their Facebook profile. Once that happens, Facebook will redirect  
back to your callbackurl. Once back on your callback page, you will  
need to capture the values that Facebook has sent back to you. The  
same //validateSession()// method takes care of that.

  <code type="php">
  // The true parameter here is telling the library to ignore any
  // seemingly valid sessions obtained from a cookie. This is to prevent
@@ -66,9 +66,9 @@
  // You can also check that any user has accepted your application
  $isAppUser = $facebook->users->isAppUser($uid);
  </code>

-At this point you could store the uid and sid locally, and use them  
to manually set up the session instead of making a call to Facebook.
+At this point you could store the uid and sid locally, so that next  
time the user logs into your application, you can use them to manually  
set up the session instead of making a call to Facebook.

  <code type="php">
  // Get user and session from storage
  $uid = 'xxx';
@@ -80,6 +80,31 @@
  // Verify the session is still good by calling a method that  
requires a valid session
  $haveSession = $facebook->users->getLoggedInUser();
  </code>

-The session key returned by Facebook at this point would only be good  
until the user logs out.  Your user would have to login again to  
Facebook for each new session. To overcome this, you have to have the  
user authorize an extended permission called offline_access. Each and  
every extended permission must be authorized separately.
+The session key returned by Facebook at this point would only be good  
until the user logs out of Facebook.  Your user would have to login  
again to Facebook for each new session. To overcome this, you have to  
have the user authorize an extended permission called  
//offline_access//. Each and every extended permission must be  
authorized separately.

+++ Extended Permissions
+
+To have the user grant an extended permission to your application,  
such as //offline_access// you need to redirect the user to Facebook's  
authorize.php page, passing the information that you are requesting.
+
+<code type="php">
+$url = $facebook->auth->getExtendedPermsUrl(
+           Horde_Service_Facebook_Auth::EXTEND_PERMS_OFFLINE,
+           'http://callbackurl/for/success',
+           'http://callbackurl/for/failure');
+echo '<a href="' . $url . '">Authorize offline access</a>';
+</code>
+
+After the user accepts (or rejects) the request on Facebook's page,  
it redirects back to the appropriate callback page. There you would  
handle the retrieval and storage of any needed data passed back from  
Facebook. For example, after //offline_access// is granted, Facebook  
passes back a //auth_token// that can be used to request an infinite  
session. This is done transparently by calling //validateSession()//  
again.
+
+<code type="php">
+// Again, make sure we ignore cookies since we are requesting
+// a new, infinite, session_key
+$facebook->auth->validateSession(true);
+$uid = $facebook->auth->getUser();
+$sid = $facebook->auth->getSessionKey();
+
+// You *must* store these values for later use. You will
+// *not* be able to obtain the session_key from Facebook again.
+$prefs->setValue('facebook', serialize(array('uid' => $uid, 'sid' => $sid)));
+</code>

More information about the cvs mailing list