FBML Canvas Application Authentication

Question

I'm modifying an FBML canvas app to use the new PHP SDK and authentication instead of the old REST api.

Right now I'm attempting to use this snippet:

$me = null;
// Session based API call.
if ($session) {
  try {
    $uid = $facebook->getUser();
    $me = $facebook->api('/me');
  } catch (FacebookApiException $e) {
    error_log($e);
  }
}
// login or logout url will be needed depending on current user state.
if ($me) {
} else {
    $loginUrl = $facebook->getLoginUrl(array('req_perms' => 'user_birthday, publish_stream, email'));
    header('Location: '.$loginUrl);
}

However if I use the php header function for any URL that isn't relative, I get this error:

Application Temporarily Unavailable
The URL [https://www.facebook.com/login.php?.........] is not valid.

Sorry, the application you were using is experiencing a problem. Please try again later.

If I need to have authentication on my FBML canvas app using the latest PHP SDK, how do I properly redirect to the app login page that requests the extended permissions?

Answer 1

Looks like you cannot use a server side redirect (header()) to push user to the auth page. I'm using this at the moment:

function redirect($url)
{
    echo '<script>top.location="' . $url . '";</script>';
    //echo '<fb:redirect url="' . $url . '"></fb:redirect>';
    //header("location:$url");
    exit();
}