1. 首頁
  2. 問答
  3. 簽名的請求示例並獲取訪問令牌

簽名的請求示例並獲取訪問令牌

2011-09-07 75 views
0

在下面的代碼中有一個永遠不會定義的變量。該變量是$ access_token。需要添加代碼才能獲得新的訪問令牌,以便程序可以執行而不會產生任何異常。我一直在閱讀關於oauth流的Facebook文檔等,但我似乎無法弄清楚如何獲得這些代碼認爲可以接受的訪問令牌之一。有誰知道可以用這個做什麼?簽名的請求示例並獲取訪問令牌

<?php 

define('YOUR_APP_ID', 'x'); 
define('YOUR_APP_SECRET', 'x'); 

function get_facebook_cookie($app_id, $app_secret) { 
    $args = array(); 
    parse_str(trim($_COOKIE['fbs_' . $app_id], '\\"'), $args); 
    ksort($args); 
    $payload = ''; 
    foreach ($args as $key => $value) { 
    if ($key != 'sig') { 
     $payload .= $key . '=' . $value; 
    } 
    } 
    if (md5($payload . $app_secret) != $args['sig']) { 
    return null; 
    } 
    return $args; 
} 

$cookie = get_facebook_cookie(YOUR_APP_ID, YOUR_APP_SECRET); 

$access_token="214620421927216|fAAieRnJoDaWmBsG1stxfq4zKN4"; 
$url = 'https://graph.facebook.com/me?access_token=' . $access_token; 

$ch = curl_init(); 
curl_setopt($ch, CURLOPT_URL, $url); 
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); 
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); 
$response = curl_exec($ch); 
curl_close($ch); 

$user = json_decode($response); 
print_r($user); 

?> 
<html> 
    <body> 
    <?php if ($cookie) { ?> 
     Welcome <?php ?> 
    <?php } else { ?> 
     <fb:login-button></fb:login-button> 
    <?php } ?> 
    <div id="fb-root"></div> 
    <script src="http://connect.facebook.net/en_US/all.js"></script> 
    <script> 
     FB.init({appId: '<?= YOUR_APP_ID ?>', status: true, 
       cookie: true, xfbml: true}); 
     FB.Event.subscribe('auth.login', function(response) { 
     window.location.reload(); 
     }); 
    </script> 
    </body> 
</html>

來源

2011-09-07 Giuseppe

回答

0

這段代碼證明在獲得正確的訪問令牌方面更加有用。

<?php 

$app_id = "YOURS"; 
$app_secret = "YOURS"; 
$my_url = "YOURS"; 

session_start(); 
$code = $_REQUEST["code"]; 
echo $code . "</br>"; 

if(empty($code)) { 

$_SESSION['state'] = md5(uniqid(rand(), TRUE)); //CSRF protection 
$dialog_url = "https://www.facebook.com/dialog/oauth?client_id=" . $app_id . "&redirect_uri=" . urlencode($my_url) . "&state=" . $_SESSION['state']; 
echo("<script> top.location.href='" . $dialog_url . "'</script>"); 

} 

if($_REQUEST['state'] == $_SESSION['state']) { 

$token_url = "https://graph.facebook.com/oauth/access_token?" . "client_id=" . $app_id . "&redirect_uri=" . urlencode($my_url) . "&client_secret=" . $app_secret . "&code=" . $code; 

$response = file_get_contents($token_url); 
$params = null; 
parse_str($response, $params); 

$graph_url = "https://graph.facebook.com/me?access_token=" . $params['access_token']; 

$user = json_decode(file_get_contents($graph_url)); 
    echo("Hello " . $user->name); 
}  
else { 
    echo("The state does not match. You may be a victim of CSRF."); 
} 

?>

來源

2011-09-08 09:32:09 Giuseppe

相關問題

 相關問題