You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I am using it to provide a very simple oauth2 flow —I redirect a user to https://www.facebook.com/dialog/oauth?client_id=<client_id>&redirect_uri=http%3A%2F%2Flocalhost%3A8080%2Fauth%2Fin%2F.
In the handler for /auth/in I get the long-lived access_token by calling ParseCode(r.FormValue("code")). This works fine.
Signed request is only for app on facebook, not for websites using facebook login. It's a faster way to get access_token.
A signed request contains a valid access token and user id in its content. An app can use its secret to decrypt content and get them without sending any web request to facebook. Therefore, parsing signed request is much faster than parsing OAuth code.
If you just need to parse signed request, the ParseSignedRequest will work fine. SessionFromSignedRequest basically calls ParseSignedRequest and Session in a sequence. The reason I implement SessionFromSignedRequest is that I want to make best use of the user id parsed from signed request. If you call User on the session returned by SessionFromSignedRequest, the method will return the user id value without making any web request. It can be a significant performance improvement in some cases.
Hi,
First of all, thanks so much for this package.
I am using it to provide a very simple oauth2 flow —I redirect a user to
https://www.facebook.com/dialog/oauth?client_id=<client_id>&redirect_uri=http%3A%2F%2Flocalhost%3A8080%2Fauth%2Fin%2F
.In the handler for
/auth/in
I get the long-livedaccess_token
by callingParseCode(r.FormValue("code"))
. This works fine.My question is, what is
SessionFromSignedRequest
for? On Facebook's documentation, it seems the only thing it's used for is Games: https://developers.facebook.com/docs/facebook-login/using-login-with-games/Maybe I'm missing something, but can you explain how and why I should use
SessionFromSignedRequest
in a regular Facebook oauth2 site?Thanks!
The text was updated successfully, but these errors were encountered: