Ruby facebook图表api appsecret_proof [英] Ruby facebook graph api appsecret_proof
问题描述
如何创建一个appsecret_proof使用Ruby的Facebook图形API?
Facebook在 PHP 。我也在这个 gist 中看到了一个红宝石的例子。
OpenSSL :: HMAC.hexdigest(OpenSSL :: Digest.new('sha256'),< app_secret>,< user_access_token>
但是我收到一个 API参数中提供的appsecret_proof无效
p>
从Facebook示例中不清楚是什么 $ app_access_token
是应用程序ID?
如何在ruby中创建 appsecret_proof
?
更新后的代码
= OpenSSL :: HMAC.hexdigest('SHA256',ENV [FACEBOOK_SECRET_ID],app_token)
dct = {
'access_token'=> current_profile.oauth_token,
'appsecret_proof'=>秘密,
'fields'=> context.fields(all_mutual_friends)
}
url =https://graph.facebook.com/v2.5/+ friend.uid +/
resp = HTTPClient.get(url,dct)
这是我有效的代码:
hmac = OpenSSL :: HMAC.new(FB_SECRET,OpenSSL :: Digest :: SHA256.new)
hmac<<< access_token
证明= hmac.hexdigest
param_hash [:appsecret_proof] =证明
其中 FB_SECRET
是32位数字(在我的情况下)随机字符串。
在大多数情况下, access_token
是用户的登录身份验证令牌(我假设 current_profile.oauth_token
在你的情况)。此令牌必须与您的应用程序相关联。如果使用您的应用程序的凭据进行API调用,而不是用户凭据,则可以使用#{FB_APP_ID} |#{FB_SECRET}
作为访问令牌。 / p>
cf https:/ /developers.facebook.com/docs/facebook-login/access-tokens
How can I create an appsecret_proof using Ruby for the facebook graph api?
Facebook has an example in PHP. I also saw an example in ruby in this gist.
OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'), <app_secret>, <user_access_token>)
However I'm receiving an Invalid appsecret_proof provided in the API argument
It's unclear from the facebook example what $app_access_token
is, is that the App ID?
How can I create the appsecret_proof
in ruby?
Updated code:
secret = OpenSSL::HMAC.hexdigest('SHA256', ENV["FACEBOOK_SECRET_ID"], app_token)
dct = {
'access_token' => current_profile.oauth_token,
'appsecret_proof' => secret,
'fields' => "context.fields(all_mutual_friends)"
}
url = "https://graph.facebook.com/v2.5/" + friend.uid + "/"
resp = HTTPClient.get(url, dct)
This is code that I have that works:
hmac = OpenSSL::HMAC.new(FB_SECRET, OpenSSL::Digest::SHA256.new)
hmac << access_token
proof = hmac.hexdigest
param_hash[:appsecret_proof] = proof
Where FB_SECRET
is the 32 digit (in my case) random string.
In most cases access_token
is the user's login authentication token (I assume current_profile.oauth_token
in your case). This token must be associated with your app. If the API call is to be made with your app's credentials and not a user's credentials you can use "#{FB_APP_ID}|#{FB_SECRET}"
as your access token.
cf https://developers.facebook.com/docs/facebook-login/access-tokens
这篇关于Ruby facebook图表api appsecret_proof的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!