Facebook oauth授权URL和参数选项 [英] Facebook oauth authorize URL and parameter options

问题描述

Facebook提供了关于 oauth 登录参数的一些文档。

登录对话框OAuth 2

参数是：

• client_id =您的应用程序ID


• redirect_uri =您的应用程序网站URL


• display =页面，弹出窗口，iframe，异步，触摸。如何显示登录名。


• scope =权限名称。权限您的应用程序要求用户授予您的应用程序。


• state =响应中包含的字符串返回到您的应用程序。


• response_type =代码或令牌或两者。根据授权流程以不同的方式使用。

有关不同类型的oauth功能和参数的更多信息吗？

我想了解如何构建 oauth 的URL的信息。我知道几个配置。例如：

  https://www.facebook.com/dialog/oauth？ 
 client_id = YourAppID 
& redirect_uri =您在应用程序设置中为App指定的URL 
& response_type = token //是否要返回一个`code`或`令牌返回，或两者
& scope = publish_stream //范围提示用户要求
的权限类型 

我看到一个讨论，显示：

  https://graph.facebook.com/的OAuth /授权？ 
 client_id = 123456789 
& redirect_uri = http：//example.com/ 
& scope = publish_stream，share_item，offline_access，manage_pages 
  / pre> 
 
 
注意URL的区别：
  / dialog / OAuth的？ 
  
或
  / OAuth的/授权？ 
  
 授权做什么？是否授予GRANT权限而不是ASKING权限？这个文件在哪里？
解决方案
   https://graph.facebook.com/oauth/authorize  也是登录该人 - 像认证一个人并获得人的许可是否通过应用程序访问请求的权限。
 
 
 
 oauth / authorize是图形API调用。 
我认为主要的区别可能是当你想手动构建登录流程你应该使用/ oauth / authorize ..否则如果你使用由其使用的facbook / dialog / oauth提供的javascript / Apps api。应用程序通常需要确认登录对话框的响应是从同一个人开始的。如果您使用Facebook的JavaScript SDK，它会自动执行这些检查，因此无需任何操作，假设您只从浏览器拨打电话。更多的我们可以通过应用appsecret_proof来使图形api调用安全。
 
Facebook provides some documentation on the parameters of oauth login.

Login Dialog OAuth 2

Parameters are:


client_id = Your App ID
redirect_uri = Your App Website URL
display = page, popup, iframe, async, touch.  How to display login.
scope = permission names.  Permissions your app is asking the user to grant to your app.
state = a string included in the response back to your app.
response_type = code or token or both.  Used in different ways depending on authorization flow.


Is there more information about different types of oauth functionality and the parameters that go with it?

I want information on how to structure the URL for oauth. I know of a couple of configurations. For example:
https://www.facebook.com/dialog/oauth?
   client_id=YourAppID
   &redirect_uri=The URL that you designated in your App Settings for your App
   &response_type=token //Whether you want a `code` returned, or a `token` returned, or both
   &scope=publish_stream // scope prompts the user for the type of permissions being asked for
I saw a discussion that showed this:
https://graph.facebook.com/oauth/authorize?
   client_id=123456789
   &redirect_uri=http://example.com/
   &scope=publish_stream,share_item,offline_access,manage_pages
Note the difference's of the URL's:
/dialog/oauth?
or
/oauth/authorize?
What does authorize do? Does it GRANT permissions instead of ASKING for permissions? Where is the documentation on this?
解决方案
https://graph.facebook.com/oauth/authorize is also to logging in the person -- Like  authenticating a person and to take permission from person whether to access the requested permissions by app.

oauth/authorize is graph api call.
I think major difference may be  when you want to build the login flow manually you should use /oauth/authorize.. else if you are using javascript/Apps api provided by facbook it uses /dialog/oauth. Apps normally need to confirm that the response from the Login dialog was made from the same person who started it. If you're using Facebook's JavaScript SDK it automatically performs these checks so nothing is required, assuming that you're only making calls from the browser. More over we can make graph api calls secure by applying appsecret_proof.

                        
这篇关于Facebook oauth授权URL和参数选项的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！