FB Canvas授权重定向正在将我从FB中解脱出来 [英] FB Canvas authorization redirection is kicking me out of FB

问题描述

我有一个Canvas应用程序，允许用户首先看到它是什么，然后要求权限，只有当他想执行某些操作。

I have a Canvas application that allows the user to first see what it's all about, and then asks for permissions only if he wishes to perform certain actions.

当用户输入应用程序时，它不需要权限即可启动。我们提供一个登录链接，请求

When the user enters the application it starts without requiring permissions. We provide a "Login" link which will make a request to

https://www.facebook.com/dialog/oauth/authorize?client_id=XXX&redirect_uri=http://myapp .com& scope = publish_stream

这会使Facebook徽标显示带有转到Facebook.com的链接。我知道有跨框架的问题，导致这一点，可以通过简单地把target = _top链接（或使用Javascript）。现在，我想保持简单的东西，所以我不使用这个。我注意到这是在一个iframe_canvas这是好的，所以我点击那个链接，并获得请求权限，接管的屏幕（这没有使用成为一个弹出窗口？）和iframe_canvas似乎有现在有UIFullPage_Container。

This causes the Facebook logo to appear with a link that says "Go To Facebook.com". I understand that there are cross-frame problems that causes this, and can be fixed by simply putting target=_top onto the link (or playing around with Javascript). For now, I want to keep things simple so I don't use this. I do notice that this is in a iframe_canvas which is good, so I click on that link and get to "Request for Permission" which takes over the screen (didn't this use to be a popup?) and the iframe_canvas seems to have gone away, and I now have UIFullPage_Container.

我单击允许，Facebook将浏览器重定向到

I click Allow and Facebook redirects the browser to

http：//myapp.com& code = XXXXXXX

这很糟糕，因为我的Canvas应用程序已经突破了画布并覆盖了整个浏览器。

This is bad because my "Canvas" application has broken out of the canvas and taken over the whole browser.

有什么我做错了，某些类型的Facebook错误？我是否只需将其重定向回 http://apps.facebook.com/mycanvasapp ，如果是有一些方法可以传递一些parms？

Is there something I'm doing wrong, or is this some type of Facebook bug? Do I simply redirect this back to http://apps.facebook.com/mycanvasapp, and if so is there some way to pass some parms?

推荐答案

只需将它们重定向到 https：//apps.facebook .com / yourcanvasapp / whateveryowwant？here = isokay 。 yourcanvasapp / 之后的部分将发送到您的服务器。您会得到 signed_request 作为后期参数，以及查询字符串中的其他参数和路径。

Just redirect them to https://apps.facebook.com/yourcanvasapp/whateveryouwant?here=isokay. The part after yourcanvasapp/ is sent to your server. You'll get the signed_request as a post arg, and the other params and path in the query string.

换句话说，如果您的安全画布网址 https://myapp.com/fbapp/ ，并将用户发送到 https：// apps.facebook.com/mycanvasapp/foo?bar=baz ，Facebook将向 https://myapp.com/fbapp/foo?bar=baz发送POST。 code>和signed_request在POST-data中。

In other words, if your secure canvas URL is https://myapp.com/fbapp/, and you send the user to https://apps.facebook.com/mycanvasapp/foo?bar=baz, Facebook will send a POST to https://myapp.com/fbapp/foo?bar=baz and signed_request in the POST-data.

这篇关于FB Canvas授权重定向正在将我从FB中解脱出来的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！