Handle permissions with koala signed request_问答_开发者

Handle permissions with koala signed request

开发者 https://www.devze.com 2023-02-12 00:41 出处：网络

I\'m building a canvas app with rails and koala signed request authorization but I don\'t know if I\'m doing the right way. How do I get permissions from the user? Right now I\'m doing something like

I'm building a canvas app with rails and koala signed request authorization but I don't know if I'm doing the right way. How do I get permissions from the user? Right now I'm doing something like the code below but I know it's wrong because when the user is redirected, it has to click on the "Access Facebook" button before giving the permissions...

before_filter :parse_signed_request  
def parse_signed_request  
    @oauth = Koala::Facebook::OAuth.new('callback')  
    @signed_request = @oa开发者_StackOverflow社区uth.parse_signed_request(params[:signed_request])  
    if @signed_request["user_id"]  
        @graph = Koala::Facebook::GraphAPI.new(@signed_request["oauth_token"])  
    else  
        redirect_to @oauth.url_for_oauth_code(:permissions => "publish_stream");  
    end  
end

You can't redirect, just send back a script: <script type="text/javascript">top.location.href='...'</script>. Here you can find more information: http://developers.facebook.com/docs/guides/canvas/

Check this blog post on Quora. To summarise: yes, you can use Ruby on Rails. The post provides some starter code and useful tips on which deprecated APIs to avoid.