Authentication

nov matake edited this page Oct 16, 2012 · 9 revisions

Authentication

JavaScript SDK

Assuming you successfully get user approval and facebook set auth cookie.

auth = FbGraph::Auth.new(CLIENT_ID, CLIENT_SECRET)
auth.from_cookie(cookies) # Put whole cookie object (a Hash) here.
auth.user.fetch

OAuth Migration

You shouldn’t need to update your Rails code for this migration.
What you need is update your Facebook Application Advanced Setting and JS SDK usage.

Step1: Enable “OAuth Migration” here.

https://developers.facebook.com/apps/:your_app_id/advanced

Step2: Set JS SDK’s FB.init “oauth” option true

FB.init({
  appId: CLIENT_ID,
   :
  oauth: true
});

Details here.
https://developers.facebook.com/blog/post/525/

ps.
If you still have fb_sig_session_key, you can convert them to OAuth access tokens like below.

auth.fb_sig_session_key(YOUR_SESSION_KEY)

Signed Request

auth = FbGraph::Auth.new(CLIENT_ID, CLIENT_SECRET)
auth.from_signed_request(params[:signed_request])
if auth.authorized?
  # If authorized, the auth has user and access_token.
  auth.user.fetch
else
  # First time user, show "Connect" button here.
  p auth.data
end

Extend Token Expiry

ref) http://developers.facebook.com/roadmap/offline-access-removal/#extend_token

auth = FbGraph::Auth.new(CLIENT_ID, CLIENT_SECRET)
auth.exchange_token! access_token # Needs fb_graph 2.3.1+
auth.access_token # => new token

Token Introspection (Debugging Token)

ref) https://developers.facebook.com/docs/howtos/login/debugging-access-tokens/

app = FbGraph::Application.new(CLIENT_ID, :secret => CLIENT_SECRET)
result = app.debug_token 'input_token'
result.application # => FbGraph::Application
result.user        # => FbGraph::User
result.is_valid    # => Boolean
result.expires_at  # => Time
result.issued_at   # => Time or nil
result.scopes      # => Array of String
result.metadata    # => Hash or nil
result.error       # => Hash or nil