Home/ Questions/Q 6347663
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-24T21:15:45+00:00

I’m trying to complete Facebook Authentication within a simple JSP page following this example:

  • 0

I’m trying to complete Facebook Authentication within a simple JSP page following this example: http://www.sergiy.ca/how-to-implement-facebook-oauth-2.0-app-authorization-process-in-java/

Unfortunately, I’m not very successfull at this point. Your help would be appreciated. As developer of the app, I somehow managed to accept the app and I can see it in my app list. But when I log in as another user, I’m unable to accept the app. The user is not prompted to give access right to the app although the redirect request seems to have been sent to FB. Any help would be much appreciated. My code:

<%@ page import="java.util.*,org.apache.commons.codec.binary.*, java.net.*, org.json.simple.*" %>
<html>
<body>
<%
String fbSecretKey = "efqec6fdedd17a64055712dcc7d81f58";
String fbAppId = "116041890091";
String fbCanvasPage = "http://apps.facebook.com/stupidgame/";
String fbCanvasUrl = "http://stupidgame.com:8090/stupidgame/";
String accessToken;
   if(request.getParameter("signed_request") != null) {
    //it is important to enable url-safe mode for Base64 encoder 
    Base64 base64 = new Base64(true);
    //split request into signature and data
    String[] signedRequest = request.getParameter("signed_request").split("\\.", 2);
    //parse signature
    String sig = new String(base64.decode(signedRequest[0].getBytes("UTF-8")));
    //parse data and convert to json object
    JSONObject data = (JSONObject)JSONValue.parse(new String(base64.decode(signedRequest[1].getBytes("UTF-8"))));
    //check if user authorized the app
    if(data.get("user_id")==null || data.get("oauth_token")==null) {        
        //this is guest, create authorization url that will be passed to javascript
        //note that redirect_uri (page the user will be forwarded to after authorization) is set to fbCanvasUrl
        response.sendRedirect("https://www.facebook.com/dialog/oauth?client_id=" + fbAppId + 
                "&redirect_uri=" + fbCanvasUrl + "&scope=publish_stream,offline_access,email");
        return;
    }
    accessToken=data.get("oauth_token")+"";
}else{
     response.sendRedirect("https://www.facebook.com/dialog/oauth?client_id=" + fbAppId + 
             "&redirect_uri=" + URLEncoder.encode(fbCanvasUrl, "UTF-8") + 
             "&scope=publish_stream,offline_access,email");
    return;
}
System.out.println("All set with accessToken:"+accessToken);
 %>
 </body>
 </html>
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Since you app is running in an iframe “response.sendRedirect” only redirects the iframe and the auth dialog needs to be the whole page.

    Replace:

    response.sendRedirect(...)

    with:

    %><script language="JavaScript"> top.location.href = "<%=auth_url%>"; </script> <%

    Or something similar and it should work.
    The javascript should be similar to the php docs https://developers.facebook.com/docs/authentication/

    • 0