Integrating facebook php sdk in Facebook Canvas App giving Blank page or oauthData error

Question

I am trying to integrate facebook for my canvas app. When i run app from facebook with following code

// init app with app id (APPID) and secret (SECRET)
FacebookSession::setDefaultApplication('xx','xx');

$helper = new FacebookCanvasLoginHelper();

try {
    $data = array('oauth_token' => 'token');
    $data['algorithm'] = 'HMAC-SHA256';
    $data['issued_at'] = time();
    $base64data = base64_encode(json_encode($data));
    $rawSig = hash_hmac('sha256', $base64data, 'app_Secret', true);
    $sig = base64_encode($rawSig);

    $signedRequest =  $sig.'.'.$base64data;
    $_GET['signed_request'] = $signedRequest;
    $session = $helper->getSession();


} catch(FacebookRequestException $ex) {
   echo $ex;   
} catch(\Exception $ex) {
   echo $ex;  
}

The entire page just turns blank white because of $_GET['signed_request'] = $signedRequest;.

What should I do to get login. If i just do $session = $helper->getSession(); instead of Get i get invalid signed paramters oAuth data missing.

Answer 1

Your PHP should be:

$helper = new FacebookCanvasLoginHelper();

try {
    $session = $helper->getSession();
    if($session){
        try {
        $facebook_profile = (new FacebookRequest(
            $session, 'GET', '/me'
        ))->execute()->getGraphObject(GraphUser::className());
        echo $facebook_profile->getName;
    } catch(FacebookRequestException $e) {
    }
}


} catch(FacebookRequestException $ex) {
   echo $ex;   
} catch(\Exception $ex) {
   $facebookLoginHtml = "window.top.location = 'https://www.facebook.com/dialog/oauth?client_id={your_app_id}&redirect_uri={your_app_canvas_url}';"; 
}

And then somewhere in your HTML:

<script>
    <?php if(isset($facebookLoginHtml)){ echo $facebookLoginHtml; } ?>
</script>

If you want to ask for extra permission, add the scope parameter in the URL like this:

$facebookLoginHtml = "window.top.location = 'https://www.facebook.com/dialog/oauth?client_id={your_app_id}&redirect_uri={your_app_canvas_url}&scope=publish_actions';"; 

That will redirect the page to the login page, and then come back to your canvas app with the proper permission.

This shouldn't work like this as it's using Javascript with the PHP SDK. It's a bug that is being addressed by Facebook which you can follow here:

https://developers.facebook.com/bugs/722275367815777

I'll edit the answer if that bug ever gets resolved.

Answer 2

Thanks guys!

My approach:

<?php
        session_start();

        require ({your_php_sdk_path} . 'autoload.php');

        use Facebook\FacebookCanvasLoginHelper;
        use Facebook\FacebookRedirectLoginHelper;
        use Facebook\FacebookSession;
        use Facebook\FacebookRequest;
        use Facebook\GraphUser;

        FacebookSession::setDefaultApplication({your_app_id},{your_app_secret});

        $helper = new FacebookCanvasLoginHelper();

        try {
            $session = $helper->getSession();

        }catch(FacebookRequestException $ex) {
            // When Facebook returns an error


        } catch(\Exception $ex) {
            // When validation fails or other local issues
        }
        if (!is_null($session)) {
            // Logged in

            try {

                //Get user name
                $user_profile = (new FacebookRequest(
                    $session, 'GET', '/me'
                ))->execute()->getGraphObject(GraphUser::className());

                $user_profile_name = $user_profile->getName();

                //Get user picture
                $request = new FacebookRequest(
                    $session,
                    'GET',
                    '/me/picture',
                    array (
                        'redirect' => false,
                        'height' => '135',
                        'width' => '135',
                    )
                );
                $response = $request->execute();
                $graphObject = $response->getGraphObject();

                $user_profile_picture = $graphObject->getProperty('url');

            } catch(FacebookRequestException $e) {
                 // When Facebook returns an error

            } catch(Exception $e) {
                // When validation fails or other local issues
            }
        }else{
            //First time -> ask for authorization
            $helper = new FacebookRedirectLoginHelper({your_canvas_url});
            $login_url = $helper->getLoginUrl();
        }     
?>

And in your html put a javascript:

<script type="text/javascript">
    if($login_url != null){
        top.location.href = $login_url;
    }
</script>

Answer 3

<?php

// init app with app id (APPID) and secret (SECRET)
FacebookSession::setDefaultApplication('*********','*********'  );

$helper = new FacebookCanvasLoginHelper();
try {
$session = $helper->getSession();
} catch(FacebookRequestException $ex) {
// When Facebook returns an error
} catch(Exception $ex) {
// When validation fails or other local issues
}

if($session) {

// graph api request for user data
$request = new FacebookRequest( $session, 'GET', '/me' );
$response = $request->execute();
 // get response
$graphObject = $response->getGraphObject();
// print data
echo '<pre>' . print_r( $graphObject, 1 ) . '</pre>';

}
else {
// show login url
echo '<a href="' . $helper->getLoginUrl($scope) . '">Login</a>';
}

?>