Implementing OAuth 2.0 in a Facebook Environment
Facebook makes implementing OAuth 2.0 easy (and easier with libraries and SDKs), so after you know the URLs to call, it's just a matter of writing the code on your server to handle the requests.
You can get all the URLs you need from the Developer documentation at developers.facebook.com.
Here's how a sample Facebook OAuth 2.0 flow works:
- Register your application.
Go through the application setup process (see Chapter 7). After that is done and you've set up your Web site URL and domain, you are given an application ID and secret. Note that information, because you need to copy and paste it later.
- Redirect the user to https://www.facebook.com/dialog/oauth.
Pass to it your application ID in a parameter called client_id and a callback URL that you want to process and get the access token when the user is done logging in. This URL should be passed to a redirect_uri parameter. So, your URL should look something like https://graph.facebook.com/oauth/authorize?client_id=...&redirect_uri=... (passing in the appropriate values as specified).
Want to request permissions for additional data about the user? It's in this step that you can request permissions, by passing the scope parameter in addition to the preceding parameters in the authorize ...
Get Facebook® Application Development For Dummies® now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
