OAuth后,Facebook redirect_uri无法识别用户
[英]Facebook redirect_uri does not recognize user after OAuth
问题描述
Facebook's OAuth is boggling my mind... again. 
Facebook的OAuth再次让我感到困惑。 We have a fairly straight-forward system: 我们有一个相当简单的系统:
- User uses OAuth to 'receive' Facebook permissions (basic user info + extended permission: writing on wall) 用户使用OAuth来“接收” Facebook权限(基本用户信息+扩展权限:在墙上书写)
- Via a customized redirect_uri the user is redirected back to our platform where the user information is stored in the database and the user is also flagged 'logged in' using our own login system. 通过自定义的redirect_uri,用户被重定向回我们的平台,该平台上用户信息存储在数据库中,并且使用我们自己的登录系统将用户标记为“已登录”。
However, the problem is that sometimes (I repeat: sometimes...) the user is not recognized through the $user = $facebook->getUser(); 但是,问题在于,有时(我重复:有时...)无法通过$ user = $ facebook-> getUser()识别出该用户; request. 请求。 Only if $user is set, the user is stored in the database as we only know the user is authenticated and are able to use $facebook->api('/me'); 只有设置了$ user,用户才被存储在数据库中,因为我们只知道该用户已经过身份验证并且可以使用$ facebook-> api('/ me');。
The weird thing is that after first trials users are prompted an error, but if they click 'Login with Facebook' again, everything goes well. 奇怪的是,在第一次试用后,系统会提示用户错误,但是如果他们再次单击“使用Facebook登录”,一切都会顺利进行。 And again, not all users experience this problem. 同样,并非所有用户都会遇到此问题。 I get the feeling my code does not yet 'recognize' the user as logged in when executing all the login/account creation stuff. 我感到执行所有登录/帐户创建内容时,我的代码尚未“识别”已登录的用户。
Really hope anyone can help, below I've posted the code. 真希望有人能提供帮助,以下是我发布的代码。
INITIATION:
$loginUrl = $facebook->getLoginUrl(array('scope' => 'friends_relationships,publish_stream,email,user_birthday,user_location,user_checkins,user_education_history,user_photos','redirect_uri' => 'REDIRECTED_PAGE.php'));
RETURN PAGE (REDIRECT_PAGE.PHP)
$fbuser = $facebook->getUser();
if ($fbuser) {
try {
$user_profile = $facebook->api('/me');
} catch (FacebookApiException $e) {
error_log($e);
$fbuser = null;
}
}
$uid = $user_profile['id'];
// -> here's the problem: $fbuser is either 0 or not set
if (isset($fbuser) && $fbuser != '0')
{
$dbc = new DBC();
$dbc->connect(0, true);
$fbemailquery = $dbc->executeQuery("SELECT * FROM users WHERE fbuid = '".$uid."'");
if(!$dbc->isResultEmpty($fbemailquery)) {
// USER IS KNOWN, SO LOGIN
}
else {
// NEW USER
$firstname = $user_profile['first_name']; // etc etc
}
$dbc->close();
}
1 个解决方案
解决方案1
0 2012-02-15 22:47:53
Facebook applications are tricky indeed. Facebook应用程序确实很棘手。 Are you entering the application via your site directly? 您是通过网站直接进入应用程序吗? or are you using an internal facebook application? 或者您正在使用内部Facebook应用程序? (like apps.facebook.com/application). (例如apps.facebook.com/application)。 I ask you this because facebook has a different mechanism to deal with authentications depending if you are on your own site or directly at facebook.com The first will ask you to get an access code which is embeeded in the $_REQUEST['code'] var which you can later exchange for an access token (with the permissions you are requesting). 我问您这个问题是因为facebook有不同的机制来处理身份验证,具体取决于您是在自己的网站上还是直接在facebook.com上。第一个请求您获取嵌入在$ _REQUEST ['code']中的访问代码。 var,您以后可以交换访问令牌(具有您所请求的权限)。 However if you are accessing via facebook.com there is a signed_request sent via POST to your application canvas url which you have to decode in order to get the access_code that is bundled inside (if the user already authorized your app) or not present (if the user declined your app). 但是,如果您通过facebook.com访问,则会通过POST发送一个signed_request到您的应用程序画布URL,您必须对其进行解码才能获得捆绑在其中(如果用户已授权您的应用程序)或不存在的access_code(如果用户拒绝了您的应用)。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.