Is the Facebook canvas tutorial missing something? [duplicate]_问答_开发者

Is the Facebook canvas tutorial missing something? [duplicate]

开发者 https://www.devze.com 2023-04-08 14:02 出处：网络

This question already has answers here: Closed 11 years ago. Possible Duplicate: Why do I get an undefined index for signed_request in my facebook app?

This question already has answers here: Closed 11 years ago.

Possible Duplicate:
Why do I get an undefined index for signed_request in my facebook app?

I posted a question on the regular SO that is very similar but then found the facebook SO.

If I copy and paste this code from the facebook canvas tutorial page:

 <?php 

     $app_id = "YOUR_APP_ID";

     $canvas_page = "YOUR_CANVAS_PAGE_URL";

     $auth_url = "http://www.facebook.com/dialog/oauth?client_id=" 
            . $app_id . "&redirect_ur开发者_如何学Ci=" . urlencode($canvas_page);

     $signed_request = $_REQUEST["signed_request"];

     list($encoded_sig, $payload) = explode('.', $signed_request, 2); 

     $data = json_decode(base64_decode(strtr($payload, '-_', '+/')), true);

     if (empty($data["user_id"])) {
            echo("<script> top.location.href='" . $auth_url . "'</script>");
     } else {
            echo ("Welcome User: " . $data["user_id"]);
     } 
 ?>

How can I ever get the signed_request if the $auth_url is never called? Or maybe I don't understand PHP. It creates the $auth_url but never goes and gets it, so $signed_request is never populated. What am I doing wrong?

EDIT: It is because I am stupid and was not accessing it via apps.facebook.com and instead going to http://mydomain.com...

The key bit is here:

if (empty($data["user_id"])) {
            echo("<script> top.location.href='" . $auth_url . "'</script>");

That creates a script element that that directs the browser to load the auth_url if the user session is empty.

Are you sure you're browser isn't blocking that "top.location.href" javascript call? Try just echo/writeln the $auth_url for further inspection. If you could show us the "$auth_url" that it's retunring, that would/might help :)

The '$auth_url' is only used to redirect the user in case he/she hasn't given permissions to your application.

The '$signed_request' is an encrypted data sent by facebook, the variable '$data' contains all this data decrypted as an associative array.

You don't need to care about '$signed_request' what you really need is in the '$data' variable which contains the user info that you probably will need.