I want to build an XMPP client on android, I've got it running perf开发者_Go百科ect with authentication using Digest-MD-5, however when I try to convert it to X-FACEBOOK-PLATFORM it keeps failing.
So basically the X-FACEBOOK-PLATFORM authentication uses only a part of a access token. That is called the session key.
The access token is seperated by "|" characters, so you split the access token and only take the characters that are in the center. Refer below.
******|a681464febcefb8*-**|******
long callId = new GregorianCalendar().getTimeInMillis() / 1000L;
String sig = "api_key=" + apiKey
+ "call_id=" + callId
+ "method=" + method
+ "nonce=" + nonce
+ "session_key=" + sessionKey
+ "v=" + version
+ appSecret;
try {
sig = MD5(sig);
}
catch (NoSuchAlgorithmException e) {
throw new IllegalStateException(e);
}
String composedResponse = "api_key=" + URLEncoder.encode(apiKey, "utf-8")
+ "&call_id=" + callId
+ "&method=" + URLEncoder.encode(method, "utf-8")
+ "&nonce=" + URLEncoder.encode(nonce, "utf-8")
+ "&session_key=" + URLEncoder.encode(sessionKey, "utf-8")
+ "&v=" + URLEncoder.encode(version, "utf-8")
+ "&sig=" + URLEncoder.encode(sig, "utf-8");
I never got FB chat to work with my appSecret but used sessionSecret instead. You can get it using oldish REST API.
http://developers.facebook.com/docs/reference/rest/auth.promoteSession/
This way you can keep your appSecret as a secret. Also it's worth noticing X-FACEBOOK-PLATFORM authentication rarely succeeds on first try but requires 3-6 retries usually. Beats me why though as I'm using same session key and secret..
精彩评论