tags:

views:

65

answers:

3
Q: 

How to use Facebook OAuth 2.0 authentication like Zynga and other use it?

I want to display the "Request for Permission" box directly when the user enters http://apps.facebook.com/myfancyapp. The Facebook Authentication documentation is pretty clear on how the URL have to look like

https://graph.facebook.com/oauth/authorize?client_id=[APPID]&redirect_uri=http://www.myfancyapp.com/&scope=user_photos,user_videos,publish_stream

Pasting this URL directly into the browser works like it should. What I want is to redirect the user via JavaScript (or something else) from the application URL

http://apps.facebook.com/myfancyapp

to the authentication box URL above.

I thought something like this would work:

   <script type="text/javascript">
   <!--
      window.location = "https://graph.facebook.com/oauth/authorize?client_id=[APPID]&amp;redirect_uri=http://www.myfancyapp.com/&amp;scope=user_photos,user_videos,publish_stream"
   //-->
   </script>

This redirects me to a page with a body that looks like this

Facebook

Clicking on the image/test then redirects to the authentication box.

How can I directly redirect to the "Request for Permission" box. I know it works somehow as other developers (Zynga for example) already do it.

+1  A: 

Doing this with PHP is a cinch.

On the backend 

$facebook = new Facebook( array(
    'appId'  => '<FB_APP_ID>'
  , 'secret' => '<FB_APP_SECRET>'
  , 'cookie' => true
));

$fbSession = $facebook->getSession();
if ( !$fbSession )
{
  $url = $facebook->getLoginUrl( array(
      'canvas'     => 1
    , 'fbconnect'  => 0
    , 'display'    => 'page'
    , 'cancel_url' => null
    , 'req_perms'  => 'user_photos,user_videos,publish_stream'
  ) );
}

And then, on the frontend

<script type="text/javascript">
  top.location.href = '<?php echo $url; ?>';
</script>
<p>
Not being redirected? <a href="<?php echo $url; ?>" target="_top">Click Here.</a>
</p>
Peter Bailey  2010-10-15 16:13:00
+1  A: 

Hey check out a small tutorial i made for Oauth 2.0 authentication for canvas apps.

http://kartiklad.com/oauth-2-0-and-graph-api-for-facebook-canvas-applications/

hope this helps

Kartik  2010-10-17 06:46:27
Hey, I already found your tutorial and it is indeed of great help!
Fair Dinkum Thinkum  2010-10-17 15:47:18
+1  A: 

I'm doing the same thing as the asker, only instead of window.location, use top.location.href = "https://graph....."

Like:

<script type="text/javascript">
top.location.href = "https://graph.facebook.com/oauth/authorize?client_id=[APPID]&amp;scope=email&amp;redirect_uri=http://apps.facebook.com/myfancyapp/";
</script>

Prompts for login if needed, and then permissions. Then redirects to the app.

Broote  2010-10-26 22:47:40

related questions

Generic htaccess redirect www to non-www
Domain redirection to the same page and Google
Redirect Stdin and Stdout to File
Redirect all requests to ASP.NET MVC on IIS6
Firefox: visually flag redirect in address bar
.htaccess redirect performance
How to Show/Hide Panels before executing Response.Redirect
Redirect to a link using the default broswser in Windows Form based application
Cakephp redirect
What's the best way to automatically redirect someone to another webpage?
How to manage a redirect request after a JQuery Ajax call
Apache - Reverse Proxy and HTTP 302 status messsage
How do I POST from an iframe to another page outside the iframe?
Struts2 - How to do dynamic URL redirects?
How do I prevent ServerXMLHTTP from automatically following redirects (HTTP 303 See Other responses)?
How to create a GET request with parameters, using JSF and navigation-rules?
Best Way to Conditional Redirect?
Is there an easy way to request a URL in python and NOT follow redirects?
How to rewrite an URL on a JBoss server?
How to Implement a Redirect on All Requests (on certain conditions)?
Make apache automatically strip off the www.?
Redirect command to input of another in Python
Is it possible to use .htaccess to send six digit number URLs to a script but handle all other invalid URLs as 404s?
How do I get sun webserver to redirect from /
How do you redirect HTTPS to HTTP?