浏览器重定向到Facebook之外,而不是在iframe内重定向它 [英] Browser redirected outside Facebook instead of redirecting it inside iframe

查看:114
本文介绍了浏览器重定向到Facebook之外,而不是在iframe内重定向它的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我刚刚创建了一个Facebook应用程序,这是我的第一次尝试,我完全遵循了Facebook开发人员的文档,同时完成了所有这一切,因为我被困在这种奇怪的情况:


  1. 在认证我的应用程序期间,应用程序将我的浏览器重定向到Facebook的
    之外的网站,而不是
    将其重定向到iframe中。我不能重定向到我的应用程序直接的其他页面加上也不能使用应用程序命名空间页面

  2. 我无法从签名的请求参数
    3. 中获取user_id

landhere.php的代码



  <?php 
 include('src / facebook.php'); 
 $ app_id =*******; 
 $ app_secret =*********; 
 $ redirect_uri =http://myweb.com/myapp/landhere.php; 
 // $ redirect_uri =http://appplatform.info/WFBRU/start.php; 
 // $ redirect_uri =http://apps.facebook.com/wfbrumapp; 
 
 $ signed_request = $ _REQUEST [signed_request]; 
 list($ encoded_sig,$ payload)= explode('。',$ signed_request,2); 
 $ data = json_decode(base64_decode(strload($ payload,'-_','+ /')),true); 
 
 $ id = $ data [user_id]; 
 $ authorized_code = $ _GET [code]; 
 $ oauth_token = $ data [oauth_token]; 
 $ like_status = $ data [page] [喜欢]; 
 echo< br> page id = $ id; 
 echo< br> page admin = $ authorized_code; 
 echo< br> like status = $ like_status; 
 echo< br> country = $ oauth_token; 
 
 if(empty($ authorized_code)){
 echostring; 
 $ _SESSION ['state'] = md5(uniqid(rand(),TRUE)); 
 $ dialog_url =http://www.facebook.com/dialog/oauth?client_id=。 $ app_id。 & redirect_uri =。 $ redirect_uri。 & state =。 $ _SESSION [状态]; 
 echo(< script> top.location.href ='$ dialog_url。'< / script>); 
 // echo(< script> window.top.location ='$ dialog_url。'< / script>); 
} else {
 $ authenticate_url =https://graph.facebook.com/oauth/access_token?client_id=。 $ app_id。 & redirect_uri =。 $ redirect_uri。 & client_secret =。 $ app_secret。 & code =。 $ authorized_code。 ; 
 $ response = @file_get_contents($ authenticate_url); 
 $ params = null; 
 parse_str($ response,$ params); 
 $ access_token = $ params ['access_token']; 
 
 $ userId = $ _POST [user_id]; 
 echo $ userId; 
 if($ like_status){
 echo< form method = \post\action = \start.php\id = \landingForm\ ; 
 echo< input type = \text\name = \user_id \value =。 $ id。 style = \display:none\>; 
 echo< input type = \text\name = \oauth_token\value =。 $ oauth_token。 style = \display:none\>; 
 echo< / form>; 
 echo< script> document.forms ['landingForm']。submit()< / script>; 
} else {
 echo< div class = \likepage\>; 
 echo(< b class = \welcome\>< / b>< br />); 
 echo< / div>; 
} 
} 
?>





卡在无限循环中: ($ _ SESSION ['access_token'])){
$ signed_request = $ _REQUEST [ signed_request];
list($ encoded_sig,$ payload)= explode('。',$ signed_request,2);
$ data = json_decode(base64_decode(strload($ payload,'-_','+ /')),true);

$ id = $ data [user_id];
$ authorized_code = $ _GET [code];
$ oauth_token = $ data [oauth_token];
$ like_status = $ data [page] [喜欢];
echo< br> page id = $ id;
echo< br> page admin = $ authorized_code;
echo< br> like status = $ like_status;
echo< br> country = $ oauth_token;
if($ data [page] [喜欢]){
echo< form method = \post\action = \start.php\id = \ landhereForm\ >中;
echo< input type = \text\name = \user_id \value =。 $ id。 style = \display:none\>;
echo< input type = \text\name = \oauth_token\value =。 $ oauth_token。 style = \display:none\>;
echo< / form>;
echo< script> document.forms ['landhereForm']。submit()< / script>;
} else {
echo< div class = \likepage\>;
echo(< b class = \welcome\>< / b>< br />);
echo< / div>;
}
} else if(!empty($ _ GET [error])){
echouser has not authorized your app;
} else if(!empty($ _ GET [code])){
$ authorized_code = $ _GET [code];
$ authenticate_url =https://graph.facebook.com/oauth/access_token?client_id=。 $ app_id。 & redirect_uri =。 $ redirect_uri。 & client_secret =。 $ app_secret。 & code =。 $ authorized_code。 ;
$ response = @file_get_contents($ authenticate_url);
$ params = null;
parse_str($ response,$ params);
$ access_token = $ params ['access_token'];
$ _SESSION ['access_token'] = $ access_token;
// header('Location:http://apps.facebook.com/myapp');
header('Location:http://www.facebook.com/mypage/app_***********');
} else {
echostring;
echo< br> page id = $ id;
echo< br> page admin = $ authorized_code;
echo< br> like status = $ like_status;
echo< br> country = $ oauth_token;
$ _SESSION ['state'] = md5(uniqid(rand(),TRUE));
$ dialog_url =http://www.facebook.com/dialog/oauth?client_id=。 $ app_id。 & redirect_uri =。 $ redirect_uri。 & state =。 $ _SESSION [状态];
echo(< script> top.location.href ='$ dialog_url。'< / script>);
// echo(< script> window.top.location ='$ dialog_url。'< / script>);
}


解决方案

是的,你错了一个大的。



您应该遵循验证教程,它描述了所有步骤:


  1. 如果用户未通过身份验证,您可以将他发送到auth对话框你写的这个js脚本。


  2. Facebook重定向到你的页面,而不是一个iframe,它是主窗口上的重定向。

    / li>

  3. 如果用户拒绝了该应用,则GET数据中将出现错误,error_reason和error_description,请记住您当时不在facebook内。 / p>


  4. 如果用户授予您的应用,请重定向到您的页面(在主窗口中),然后您应该使用活动的访问令牌交换代码,然后重定向用户到您的fb应用程序( http(s)://apps.facebook.com/YOUR-APP-NAME )。


  5. 当fac电子书加载它会将您的应用程序加载到iframe中,然后您将获得签名的请求,您可以显示您的画布页面。


这是一个PHP代码的修改版本,其中一些是伪的,因为我不是一个php程序员。

 <?php 
 include('src / facebook.php'); 
 $ app_id =******; 
 $ app_secret =******; 
 
 if(access_token in session){
 $ signed_request = $ _REQUEST [signed_request]; 
 list($ encoded_sig,$ payload)= explode('。',$ signed_request,2); 
 $ data = json_decode(base64_decode(strload($ payload,'-_','+ /')),true); 
 
 $ id = $ data [user_id]; 
 $ oauth_token = $ data [oauth_token]; 
 $ like_status = $ data [page] [喜欢]; 
 echo< br> page id = $ id; 
 echo< br> like status = $ like_status; 
 echo< br> country = $ oauth_token; 
} else if(get_data中的错误){
 //用户没有授权您的应用程序
} else if(get_data中的代码){
 $ authorized_code = $ _GET [码]; 
 $ authenticate_url =https://graph.facebook.com/oauth/access_token?client_id=。 $ app_id。 & redirect_uri =。 $ redirect_uri。 & client_secret =。 $ app_secret。 & code =。 $ authorized_code。 ; 
 $ response = @file_get_contents($ authenticate_url); 
 $ params = null; 
 parse_str($ response,$ params); 
 $ access_token = $ params ['access_token']; 
 $ _SESSION ['access_token'] = $ access_token; 
 header('Location:http://apps.facebook.com/APP_NAME'); 
} else {
 $ redirect_uri =http://myweb.com/myapp/landhere.php; 
 echostring; 
 $ _SESSION ['state'] = md5(uniqid(rand(),TRUE)); 
 $ dialog_url =http://www.facebook.com/dialog/oauth?client_id=。 $ app_id。 & redirect_uri =。 $ redirect_uri。 & state =。 $ _SESSION [状态]; 
 echo(< script> top.location.href ='$ dialog_url。'< / script>); 
} 
?>

它没有被测试或任何东西,只是给你一个向右移动的方向。
希望这有帮助。





修改



修改版本的第二段代码:

 列表($ encoded_sig,$ payload)= explode('。',$ _REQUEST [signed_request],2); 
 $ signed_request = json_decode(base64_decode(strload($ payload,'-_','+ /')),true); 
 
 $ access_token = null; 
 if(!empty($ _ SESSION ['access_token'])){
 $ access_token = $ _SESSION ['access_token']; 
} else if(!empty($ signed_request ['oauth_token'])){
 $ access_token = $ signed_request ['oauth_token']; 
} 
 
 if($ access_token!= null){
 $ id = $ access_token [user_id]; 
 $ authorized_code = $ _GET [code]; 
 $ oauth_token = $ access_token [oauth_token]; 
 $ like_status = $ access_token [page] [喜欢]; 
 echo< br> page id = $ id; 
 echo< br> page admin = $ authorized_code; 
 echo< br> like status = $ like_status; 
 echo< br> country = $ oauth_token; 
 if($ data [page] [喜欢]){
 echo< form method = \post\action = \start.php\id = \ landhereForm\ >中; 
 echo< input type = \text\name = \user_id \value =。 $ id。 style = \display:none\>; 
 echo< input type = \text\name = \oauth_token\value =。 $ access_token。 style = \display:none\>; 
 echo< / form>; 
 echo< script> document.forms ['landhereForm']。submit()< / script>; 
} else {
 echo< div class = \likepage\>; 
 echo(< b class = \welcome\>< / b>< br />); 
 echo< / div>; 
} 
} else if(!empty($ _ GET [error])){
 echouser has not authorized your app; 
} else if(!empty($ _ GET [code])){
 $ authorized_code = $ _GET [code]; 
 $ authenticate_url =https://graph.facebook.com/oauth/access_token?client_id=。 $ app_id。 & redirect_uri =。 $ redirect_uri。 & client_secret =。 $ app_secret。 & code =。 $ authorized_code。 ; 
 $ response = @file_get_contents($ authenticate_url); 
 $ params = null; 
 parse_str($ response,$ params); 
 $ access_token = $ params ['access_token']; 
 $ _SESSION ['access_token'] = $ access_token; 
 // header('Location:http://apps.facebook.com/myapp'); 
 header('Location:http://www.facebook.com/mypage/app_***********'); 
} else {
 echostring; 
 echo< br> page id = $ id; 
 echo< br> page admin = $ authorized_code; 
 echo< br> like status = $ like_status; 
 echo< br> country = $ oauth_token; 
 $ _SESSION ['state'] = md5(uniqid(rand(),TRUE)); 
 $ dialog_url =http://www.facebook.com/dialog/oauth?client_id=。 $ app_id。 & redirect_uri =。 $ redirect_uri。 & state =。 $ _SESSION [状态]; 
 echo(< script> top.location.href ='$ dialog_url。'< / script>); 
 // echo(< script> window.top.location ='$ dialog_url。'< / script>); 
}


I’ve just created a Facebook app, this is my first attempt and I followed Facebook developer's documentation totally, while completing everything as stated I am stucked at this strange situation:

  1. During authentication my app, the app redirects my browser outside the Facebook to the website page where my website is hosted, instead of redirecting it inside iframe. Am unable to redirect to some other page in my app direct plus also cant use app namespace page
  2. I am unable to retrieve the user_id from signed request parameter

code for landhere.php

<?php
    include ('src/facebook.php');
    $app_id = "*******";
    $app_secret = "*********";
    $redirect_uri = "http://myweb.com/myapp/landhere.php";
    //$redirect_uri = "http://appplatform.info/WFBRU/start.php";
    //$redirect_uri = "http://apps.facebook.com/wfbrumapp";

    $signed_request = $_REQUEST["signed_request"];
    list($encoded_sig, $payload) = explode('.', $signed_request, 2);
    $data = json_decode(base64_decode(strtr($payload, '-_', '+/')), true);

    $id = $data["user_id"];
    $authorized_code = $_GET["code"];
    $oauth_token = $data["oauth_token"];
    $like_status = $data["page"]["liked"];
    echo "<br>page id = $id";
    echo "<br>page admin = $authorized_code";
    echo "<br>like status = $like_status";
    echo "<br>country = $oauth_token";

    if (empty($authorized_code)) {
        echo "string";
        $_SESSION['state'] = md5(uniqid(rand(), TRUE));
        $dialog_url = "http://www.facebook.com/dialog/oauth?client_id=" . $app_id . "&redirect_uri=" . $redirect_uri . "&state=" . $_SESSION['state'];
        echo("<script> top.location.href='" . $dialog_url . "'</script>");
        //echo("<script> window.top.location='" . $dialog_url . "'</script>");
    } else {
        $authenticate_url = "https://graph.facebook.com/oauth/access_token?client_id=" . $app_id . "&redirect_uri=" . $redirect_uri . "&client_secret=" . $app_secret . "&code=" . $authorized_code . "";
        $response = @file_get_contents($authenticate_url);
        $params = null;
        parse_str($response, $params);
        $access_token = $params['access_token'];

        $userId = $_POST["user_id"];
        echo $userId;
        if ($like_status) {
            echo "<form method=\"post\" action=\"start.php\" id=\"landingForm\">";
            echo "<input type=\"text\" name=\"user_id\" value=" . $id . " style=\"display: none\">";
            echo "<input type=\"text\" name=\"oauth_token\" value=" . $oauth_token . " style=\"display: none\">";
            echo "</form>";
            echo "<script>document.forms['landingForm'].submit()</script>";
        } else {
            echo "<div class=\"likepage\">";
            echo("<b class=\"welcome\"></b><br/>");
            echo "</div>";
        }
    }
?>

stuck in infinite loop:

if (!empty($_SESSION['access_token'])) {
    $signed_request = $_REQUEST["signed_request"];
    list($encoded_sig, $payload) = explode('.', $signed_request, 2);
    $data = json_decode(base64_decode(strtr($payload, '-_', '+/')), true);

    $id = $data["user_id"];
    $authorized_code = $_GET["code"];
    $oauth_token = $data["oauth_token"];
    $like_status = $data["page"]["liked"];
    echo "<br>page id = $id";
    echo "<br>page admin = $authorized_code";
    echo "<br>like status = $like_status";
    echo "<br>country = $oauth_token";
    if ($data["page"]["liked"]) {
        echo "<form method=\"post\" action=\"start.php\" id=\"landhereForm\">";
        echo "<input type=\"text\" name=\"user_id\" value=" . $id . " style=\"display: none\">";
        echo "<input type=\"text\" name=\"oauth_token\" value=" . $oauth_token . " style=\"display: none\">";
        echo "</form>";
        echo "<script>document.forms['landhereForm'].submit()</script>";
    } else {
        echo "<div class=\"likepage\">";
        echo("<b class=\"welcome\"></b><br/>");
        echo "</div>";
    }
} else if (!empty($_GET["error"])) {
    echo "user hasn't authorized your app";
}else if (!empty($_GET["code"])) {
    $authorized_code = $_GET["code"];
    $authenticate_url = "https://graph.facebook.com/oauth/access_token?client_id=" .    $app_id . "&redirect_uri=" . $redirect_uri . "&client_secret=" . $app_secret . "&code=" . $authorized_code . "";
    $response = @file_get_contents($authenticate_url);
    $params = null;
    parse_str($response, $params);
    $access_token = $params['access_token'];
    $_SESSION['access_token'] = $access_token;
    //header('Location: http://apps.facebook.com/myapp');
    header('Location: http://www.facebook.com/mypage/app_***********');
} else {
    echo "string";
    echo "<br>page id = $id";
    echo "<br>page admin = $authorized_code";
    echo "<br>like status = $like_status";
    echo "<br>country = $oauth_token";
    $_SESSION['state'] = md5(uniqid(rand(), TRUE));
    $dialog_url = "http://www.facebook.com/dialog/oauth?client_id=" . $app_id . "&redirect_uri=" . $redirect_uri . "&state=" . $_SESSION['state'];
    echo("<script> top.location.href='" . $dialog_url . "'</script>");
    //echo("<script> window.top.location='" . $dialog_url . "'</script>");
}

解决方案

Yeah, you got this wrong a big.

You should follow the Authentication tutorial, it describes all the steps:

  1. If the user is not authenticated you send him to the auth dialog via the js script as you wrote.

  2. Facebook redirects back to your page, not in an iframe, it's a redirection on the main window.

  3. In case the user declined the app you will have "error", "error_reason" and "error_description" in the GET data, remember you are not inside facebook at the time.

  4. If the user granted your app, get redirected to your page (in the main window), you then should exchange the code with an active access token and then redirect the user to your fb app (http(s)://apps.facebook.com/YOUR-APP-NAME).

  5. When facebook loads it will load your app inside an iframe, then you will get the signed request and you can show your canvas page.

Here's a modified version of your php code, some of it is pseudo since I'm not much of a php programmer.

<?php
    include ('src/facebook.php');
    $app_id = "******";
    $app_secret = "******";

    if (access_token in session) {
        $signed_request = $_REQUEST["signed_request"];
        list($encoded_sig, $payload) = explode('.', $signed_request, 2);
        $data = json_decode(base64_decode(strtr($payload, '-_', '+/')), true);

        $id = $data["user_id"];
        $oauth_token = $data["oauth_token"];
        $like_status = $data["page"]["liked"];
        echo "<br>page id = $id";
        echo "<br>like status = $like_status";
        echo "<br>country = $oauth_token";
    } else if (error in get_data) {
        // user hasn't authorized your app
    } else if (code in get_data) {
        $authorized_code = $_GET["code"];
        $authenticate_url = "https://graph.facebook.com/oauth/access_token?client_id=" . $app_id . "&redirect_uri=" . $redirect_uri . "&client_secret=" . $app_secret . "&code=" . $authorized_code . "";
        $response = @file_get_contents($authenticate_url);
        $params = null;
        parse_str($response, $params);
        $access_token = $params['access_token'];
        $_SESSION['access_token'] = $access_token;
        header('Location: http://apps.facebook.com/APP_NAME');
    } else {
        $redirect_uri = "http://myweb.com/myapp/landhere.php";
        echo "string";
        $_SESSION['state'] = md5(uniqid(rand(), TRUE));
        $dialog_url = "http://www.facebook.com/dialog/oauth?client_id=" . $app_id . "&redirect_uri=" . $redirect_uri . "&state=" . $_SESSION['state'];
        echo("<script> top.location.href='" . $dialog_url . "'</script>");
    }
?>

It's not tested or anything, it's just to give you a nudge in the right direction. Hope this helps.

Edit

Modified version of your 2nd piece of code:

list($encoded_sig, $payload) = explode('.', $_REQUEST["signed_request"], 2);
$signed_request = json_decode(base64_decode(strtr($payload, '-_', '+/')), true);

$access_token = null;
if (!empty($_SESSION['access_token'])) {
    $access_token = $_SESSION['access_token'];
} else if (!empty($signed_request['oauth_token'])) {
    $access_token = $signed_request['oauth_token'];
}

if ($access_token != null) {
    $id = $access_token["user_id"];
    $authorized_code = $_GET["code"];
    $oauth_token = $access_token["oauth_token"];
    $like_status = $access_token["page"]["liked"];
    echo "<br>page id = $id";
    echo "<br>page admin = $authorized_code";
    echo "<br>like status = $like_status";
    echo "<br>country = $oauth_token";
    if ($data["page"]["liked"]) {
        echo "<form method=\"post\" action=\"start.php\" id=\"landhereForm\">";
        echo "<input type=\"text\" name=\"user_id\" value=" . $id . " style=\"display: none\">";
        echo "<input type=\"text\" name=\"oauth_token\" value=" . $access_token . " style=\"display: none\">";
        echo "</form>";
        echo "<script>document.forms['landhereForm'].submit()</script>";
    } else {
        echo "<div class=\"likepage\">";
        echo("<b class=\"welcome\"></b><br/>");
        echo "</div>";
    }
} else if (!empty($_GET["error"])) {
    echo "user hasn't authorized your app";
}else if (!empty($_GET["code"])) {
    $authorized_code = $_GET["code"];
    $authenticate_url = "https://graph.facebook.com/oauth/access_token?client_id=" .    $app_id . "&redirect_uri=" . $redirect_uri . "&client_secret=" . $app_secret . "&code=" . $authorized_code . "";
    $response = @file_get_contents($authenticate_url);
    $params = null;
    parse_str($response, $params);
    $access_token = $params['access_token'];
    $_SESSION['access_token'] = $access_token;
    //header('Location: http://apps.facebook.com/myapp');
    header('Location: http://www.facebook.com/mypage/app_***********');
} else {
    echo "string";
    echo "<br>page id = $id";
    echo "<br>page admin = $authorized_code";
    echo "<br>like status = $like_status";
    echo "<br>country = $oauth_token";
    $_SESSION['state'] = md5(uniqid(rand(), TRUE));
    $dialog_url = "http://www.facebook.com/dialog/oauth?client_id=" . $app_id . "&redirect_uri=" . $redirect_uri . "&state=" . $_SESSION['state'];
    echo("<script> top.location.href='" . $dialog_url . "'</script>");
    //echo("<script> window.top.location='" . $dialog_url . "'</script>");
}

这篇关于浏览器重定向到Facebook之外,而不是在iframe内重定向它的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
PHP最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆