views:

40

answers:

1

i am getting the following url information and need to parse it within rails. i already checked request and params but it is not there.

the "#" character seems to f*ck up things.

here's the url:

http://foo.bar.me/whoo#access_token=131268096888809%7C2.5BRBl_qt4xJ08n88ycbpZg__.3600.1276880400-100001151606930%7C0kJ1K-qoGBbDoGbLx6s4z5UEaxM.

thanks for any pointers.

+1  A: 

You won't be able to access the part after the '#' character as the browser doesn't send it to the server. You can use it on the client side with javascript though.

It seems that you're trying to use the javascript based authentication which is not what you really want.

I didn't have any problems using this oauth2 library. Then you only need to check for params[:code] within your callback action.

UPDATE:

This is a simplified version of the code I used in my experiments with the new facebook graph API:

# Accessible as facebook_url:
# routes.rb: map.facebook '/facebook', :controller => 'facebook', :action => 'index'
def index
  oauth2 = OAuth2::Client.new(FB_API_KEY, FB_API_SECRET, :site => 'https://graph.facebook.com')

  if current_user.facebook_token
    # The user is already authenticated
    fb = OAuth2::AccessToken.new(oauth2, current_user.facebook_sid)
    result = JSON.parse(fb.get('/me'))
  elsif params[:code]
    # Here we get the access token from facebook
    fb = oauth2.web_server.get_access_token(params[:code], :redirect_uri => facebook_url)
    result = JSON.parse(fb.get('/me'))
    current_user.facebook_id = result["id"]
    current_user.facebook_token = fb.token.to_s
    current_user.save
  else
    # The user is visiting this page for the first time. We redirect him to facebook
    redirect_to oauth2.web_server.authorize_url(:redirect_uri => facebook_url, :scope => 'read_stream,publish_stream,offline_access')
  end
end

You don't really need anything else for it to work.

Tomas Markauskas
great answer, thanks a lot! to clarify things: it looks like apache mod_rewrite strips out the "#".
z3cko
It is not stripped by mod_rewrite, #-part never gets to the server, it is interpreted solely by client's browser.
Mladen Jablanović