How do I get an access token from the Facebook signed request?

2018-06-02 12:11:29

We are using the Facebook Javascript SDK to authenticate our users.

Once a user authenticates, the user gets a fbsr_<app_id> cookie containing a signed request.

We then use AJAX to post some information to our server. The server receives the cookie with the signed request, but when the server parses the signed request (modified python SDK) in the cookie, it decodes the JSON object as:

{
   "algorithm": "HMAC-SHA256",
   "code": "2.AQDBJ3-ZpURb9P4T.3600.1316037600.1-786359552|BNK6FGOAkvMs7slboQMSIEJYDWc",
   "issued_at": 1316031333,
   "user_id": "786359552"
}

This is contrary to what the signed request documentation says we should get.

The server needs the access token, so it can get some additional information with the GraphAPI.

How do we get the access token from the signed request?

using the new oauth2 workflow with the javascript sdk the user token will be available.

After you authenticate you can find the token with something like this

FB.getLoginStatus(function(response) {

              if (response.status === 'connected') { 

                alert(response.authResponse.accessToken);

              }
        });

Once you have the token you can just pass that back to your backend to query the graph.

正确的是：

FB.getLoginStatus(function(response) {

          if (response.status === 'connected') { 

            alert(response.session.access_token);

          }
    });

链接地址: http://www.djcxy.com/p/9164.html

上一篇: Perforce API for Python 2.7

下一篇: 我如何从Facebook签名的请求中获取访问令牌？