Clever Geek Handbook

Authentication with the same Facebook window

I am trying to authenticate Facebook on the same window of my web app login page. I am using the following code when the user clicked the login button to go to the authentication page.

function loginUsingOAUTH()
{   
    top.location = 'https://graph.facebook.com/oauth/authorize?client_id=839846246064537&scope=email&redirect_uri=http://www.olcayertas.com/testqa/result.html';
}

1) After authenticating, Facebook redirects me to my redirect url and returns the "code" parameter. At the moment, I want to access the Facebook user's information, but I don't know how. What is this "code" parameter for?

2) Is there any other way to access user information?

3) Do you have any other facebook authentication with the same login?

Thanks in advance for your help

+3


source to share


1 answer


When you receive the code, you must make a server side request to get an access token and then pass the access token to the user. This is explained on the Facebook Developer page:



Code exchange for access token

To get an access token, make an HTTP GET request with the following OAuth endpoint:

GET https://graph.facebook.com/v2.3/oauth/access_token?
    client_id={app-id}
   &redirect_uri={redirect-uri}
   &client_secret={app-secret}
   &code={code-parameter}

This endpoint has some required parameters:

client_id. Your app IDs
redirect_uri. This argument is required and must be the same as the original request_uri that you used when starting the OAuth login

process. client_secret. Your unique app secret shown in the app bar. This application secret should never be included in client code or into which it can be decompiled. It is imperative that it remains completely secret as this is the foundation of the security of your application and all people using it. code. Parameter derived from Login dialog redirect above.

answer

The response you receive from this endpoint will be returned in JSON and, on success,

{"access_token": <access-token>, "token_type":<type>, "expires_in":<seconds-til-expiration>}

If this fails, you will receive an explanatory error message.

0


source






More articles:


All Articles