Home/ Questions/Q 6901119
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-27T07:38:00+00:00

This is the code from the canvas tutorial http://developers.facebook.com/docs/appsonfacebook/tutorial/ This gets the authorization code,

  • 0

This is the code from the canvas tutorial
http://developers.facebook.com/docs/appsonfacebook/tutorial/

This gets the authorization code, redirects the user back to the canvas page and displays the code in the url.

Something like, http://apps.facebook.com/yourapp/?code=1234thecode5678

So, is it possible to do it using ajax and get the code without redirecting? Instead of this method?

Thanks in advance

     $app_id = "YOUR_APP_ID";

     $canvas_page = "YOUR_CANVAS_PAGE_URL";

     $auth_url = "http://www.facebook.com/dialog/oauth?client_id=" 
            . $app_id . "&redirect_uri=" . urlencode($canvas_page);

     $signed_request = $_REQUEST["signed_request"];

     list($encoded_sig, $payload) = explode('.', $signed_request, 2); 

     $data = json_decode(base64_decode(strtr($payload, '-_', '+/')), true);

     if (empty($data["user_id"])) {
            echo("<script> top.location.href='" . $auth_url . "'</script>");
     } else {
            echo ("Welcome User: " . $data["user_id"]);
     } 
 ?>
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You can use the Facebook JS SDK to log the user in with out having to refresh or redirect the user.
    Taken from the Facebook JS SDK Documentation under the topic FB.login

    FB.login(function(response) {
   if (response.authResponse) {
     console.log('Welcome!  Fetching your information.... ');
     FB.api('/me', function(response) {
       console.log('Good to see you, ' + response.name + '.');
       FB.logout(function(response) {
         console.log('Logged out.');
       });
     });
   } else {
     console.log('User cancelled login or did not fully authorize.');
   }
 }, {scope: 'email'});

    Note : This is the implementation if you are using oAuth 2.0 (and you really should be). Taken from the same url :

    Without OAuth 2.0, scope should instead be replaced with perms, and
    response.authResponse replaced with response.session. Remember that
    all apps must migrate to OAuth 2.0 by October 1, 2011.

    • 0