While developing Recaptcha Enterprise for use of the V2 "I am not a robot" checkbox, I am stuck on this error:
Fatal error: Uncaught DomainException: Could not load the default credentials. Browse to https://developers.google.com/accounts/docs/application-default-credentials for more information
I follow the link and have settled on this to authenticate:
use Google\Cloud\Storage\StorageClient;
$storage = new StorageClient([
'keyFile' => json_decode(file_get_contents($path_to_keyfile), true),
'projectId' => 'MY_PROJECT'
]);
I cannot find anything else that suggests I need to do anything more than this, and this link to the constructor API doesn't suggest I can pass it in as a parameter and then proceed. I do not want to use environment variables for this project, I want to connect manually in the code. What am I missing? I can confirm I have a working service account.
If it's helpful, the code I'm trying to run after I presumably authenticate is this:
// ==================== CAPTCHA ===================
use Google\Cloud\RecaptchaEnterprise\V1\RecaptchaEnterpriseServiceClient;
use Google\Cloud\RecaptchaEnterprise\V1\Event;
use Google\Cloud\RecaptchaEnterprise\V1\Assessment;
use Google\Cloud\RecaptchaEnterprise\V1\TokenProperties\InvalidReason;
$captcha_response = $_POST['g-recaptcha-response'];
$site_key = "123456789abc";
$client = new RecaptchaEnterpriseServiceClient();
define('SITE_KEY', $site_key);
define('TOKEN', $captcha_response);
define('PROTECTED_ACTION', 'signup');
define('PARENT_PROJECT', 'projects/MY_PROJECT');
$event = (new Event())
->setSiteKey(SITE_KEY)
->setExpectedAction(PROTECTED_ACTION)
->setToken(TOKEN);
$assessment = (new Assessment())
->setEvent($event);
try {
$response = $client->createAssessment(
PARENT_PROJECT,
$assessment
);
if ($response->getTokenProperties()->getValid() == false) {
printf('The CreateAssessment() call failed because the token was invalid for the following reason: ');
printf(InvalidReason::name($response->getTokenProperties()->getInvalidReason()));
} else {
if ($response->getEvent()->getExpectedAction() == PROTECTED_ACTION) {
printf('The score for the protection action is:');
printf($response->getRiskAnalysis()->getScore());
}
else
{
printf('The action attribute in your reCAPTCHA tag does not match the action you are expecting to score');
}
}
} catch (exception $e) {
printf('CreateAssessment() call failed with the following error: ');
printf($e);
}
Here's how I got it working. Thanks to John Hanley for the help in a previous answer. The documentation had lead me to believe that (for whatever reason) Storage was required, but that was not the case: it was as simple as providing the path to the key via the credentials parameter. Not the keyFile parameter.
if (empty($_POST['g-recaptcha-response']))
die("You have failed the not-a-robot check.");
$captcha_response = $_POST['g-recaptcha-response'];
require 'composer/vendor/autoload.php';
use Google\Cloud\RecaptchaEnterprise\V1\RecaptchaEnterpriseServiceClient;
use Google\Cloud\RecaptchaEnterprise\V1\Event;
use Google\Cloud\RecaptchaEnterprise\V1\Assessment;
use Google\Cloud\RecaptchaEnterprise\V1\TokenProperties\InvalidReason;
$path_to_keyfile = "MY_PROJECT-1234567890abc.json";
$site_key = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX";
$client = new RecaptchaEnterpriseServiceClient([
'credentials' => $path_to_keyfile,
'projectId' => 'MY_PROJECT'
]);
define('SITE_KEY', $site_key);
define('TOKEN', $captcha_response);
define('PROTECTED_ACTION', 'signup');
define('PARENT_PROJECT', 'projects/MY_PROJECT');
$event = (new Event())
->setSiteKey(SITE_KEY)
->setExpectedAction(PROTECTED_ACTION)
->setToken(TOKEN);
$assessment = (new Assessment())
->setEvent($event);
try {
$response = $client->createAssessment(PARENT_PROJECT, $assessment);
if ($response->getTokenProperties()->getValid() == false) {
printf('The CreateAssessment() call failed because the token was invalid for the following reason: ');
printf(InvalidReason::name($response->getTokenProperties()->getInvalidReason()));
exit;
} else {
if ($response->getEvent()->getExpectedAction() == PROTECTED_ACTION) {
// Closer to 1 = human, to 0 = robot.
$bot_score = $response->getRiskAnalysis()->getScore();
// do what you want with the score here...
} else {
die('The action attribute in your reCAPTCHA tag does not match the action you are expecting to score');
}
}
} catch (exception $e) {
printf('CreateAssessment() call failed with the following error: ');
printf($e);
exit;
}
Your problem is that you are not specifying the service account to use in the client constructor and the system is falling back to using ADC (Application Default Credentials).
ADC will check the environment variable GOOGLE_APPLICATION_CREDENTIALS for the service account JSON key file.
You can set the environment variable before running your program:
Windows:
set GOOGLE_APPLICATION_CREDENTIALS=/path/to/service-account.json
Linux:
export GOOGLE_APPLICATION_CREDENTIALS=/path/to/service-account.json
Or modify your program by changing this line of code:
$client = new RecaptchaEnterpriseServiceClient();
To this:
$options = ['keyFile' => $path_to_keyfile];
$client = new RecaptchaEnterpriseServiceClient($options);
Note 1:
If you are running your program on a Google Cloud computer service such as Compute Engine, App Engine, Cloud Run, ... the default service account will be used if neither of the above methods are implemented.
Note 2:
While developing, another method is to use the CLI's application default credentials. Run the following command using the Google Cloud SDK CLI:
gcloud auth application-default login
However, I have not verified that the reCAPTCHA Enterprise library checks for this type of credential.
I have two one question about the Fat Free Framework.
First of all, how can i use multiple parameters(tokens in fat free framework) in a GET request?
Or, is there only 1 token possible per REST GET request, and should one handle additional
arguments as a regular GET request, for example:
domain/rest/somedata/5231?param1=value1¶m2=value2
where the ?param1=value1¶m2=value2 should be 'manually' parsed, not by a framework?
Is it at all possible to build a RESTful API with Fat Free Framework and also have some area's or routes needing authentication? if so, how?
I just stumbled upon this related question: REST API Best practices: Where to put parameters?
[edit]: i've found out that it is indeed possible to have authentication with fat free framework using several methods. However, they seem not very well documented (at least not on their github wiki).
[edit2] Since it's only very basic authentication, for now i'm using this:
function beforeRoute($f3,$params) {
$url = $params[0];
$parsed_key = parse_str(parse_url($url, PHP_URL_QUERY));
if (isset($apikey)){
// check if apikey is in database
$authenticated = false;
foreach(R::find('apikey') as $key_bean) {
if($key_bean->key == $apikey) {
$authenticated = true;
break;
}
}
if($authenticated == false) $f3->error(403);
} else {
$f3->error(403);
}
}
I'm looking for documentation on the basic http authentication method!
The auth class always authenticates you against a mapper. Feel free to use F3's Jig, Mongo or SQL.
$db = new DB\SQL('mysql:host=localhost;dbname=mydb', 'dbuser', '1234');
$mapper = new DB\SQL\Mapper($db, 'users');
$auth = new Auth($mapper, array('id'=>'username','pw'=>'password'));
if($auth->basic())
return true;
password and username are field names in the database. id and pw are internal used by the auth class. I recommend checking the auth class code and the unit tests in the dev branch on Github.
An simple example would be something like...
Username: admin, Password: 123
// Create users table using Jig.
$db = new \DB\Jig('data/');
$users = array(
0 => array('username' => 'admin', 'password' => '202cb962ac59075b964b07152d234b70'),
);
$db->write('users', $users);
$db_mapper = new \DB\Jig\Mapper($db, 'users');
$auth = new \Auth($db_mapper, array('id' => 'username', 'pw' => 'password'));
// Callback function because of md5 stored password.
function chkauth($pw) {
return md5($pw);
}
$auth->basic('chkauth');
I'm trying to work with a website that requires some information from a Facebook user, I'm using PHP and JS SDKs.
I have a function in PHP:
public function isLoggedOnFacebook() {
$user = $this->_facebook->getUser();
if ($user) {
return $this->_facebook->api("/$user");
}
return false;
}
On a class that is holding the facebook object from the SDK in $this->_facebook.
Then on a block I do this:
<?php if (!$this->isLoggedOnFacebook()): ?>
<div>
<fb:login-button show-faces="true" perms="email" width="500" />
</div>
<?php endif ?>
And the FB JS environment is properly set up (I think) so it works. So the user gets the pop up and authorizes the site.
The problem is even after the app is been authorized by the user $user is always 0, meaning $facebook->getUser() always returns 0, and then lists the faces of users, including the logged user, but if I make it call $facebook->api('/me') or whatever, then it'll throw the invalid token exception.
I've seen this problem, but I haven't seen a solution, I have no idea
where the problem is and I run out of ideas.
There's a Website tab on the developers' Facebook page in the apps section, where you can set up your Site URL and your Site Domain, and I'm thinking this are the cause of my problem, but I have no knowledge of exactly what these fields are supposed to contain.
I had the same problem and I figured it out that is because SDK uses the variable $_REQUEST and in my environment is not true that is merged with $_GET, $_POST and $_COOKIE variables.
I think it depends on the PHP version and that is why someone made it work by enabling cookies.
I found this code in base_facebook.php:
protected function getCode() {
if (isset($_REQUEST['code'])) {
if ($this->state !== null &&
isset($_REQUEST['state']) &&
$this->state === $_REQUEST['state']) {
// CSRF state has done its job, so clear it
$this->state = null;
$this->clearPersistentData('state');
return $_REQUEST['code'];
} else {
self::errorLog('CSRF state token does not match one provided.');
return false;
}
}
return false;
}
And I modified it as you can see below by creating $server_info variable.
protected function getCode() {
$server_info = array_merge($_GET, $_POST, $_COOKIE);
if (isset($server_info['code'])) {
if ($this->state !== null &&
isset($server_info['state']) &&
$this->state === $server_info['state']) {
// CSRF state has done its job, so clear it
$this->state = null;
$this->clearPersistentData('state');
return $server_info['code'];
} else {
self::errorLog('CSRF state token does not match one provided.');
return false;
}
}
return false;
}
I ran into similar problem. $facebook->getUser() was returning 0 and sometimes it returned valid user id when user wasn't actually logged in, resulting in Fatal Oauth error when I tried to make graph api calls. I finally solved this problem. I don't know if it is the right way but it works. Here is the code :
<?php
include 'includes/php/facebook.php';
$app_id = "APP_ID";
$app_secret = "SECRET_KEY";
$facebook = new Facebook(array(
'appId' => $app_id,
'secret' => $app_secret,
'cookie' => true
));
$user = $facebook->getUser();
if ($user <> '0' && $user <> '') { /*if valid user id i.e. neither 0 nor blank nor null*/
try {
// Proceed knowing you have a logged in user who's authenticated.
$user_profile = $facebook->api('/me');
} catch (FacebookApiException $e) { /*sometimes it shows user id even if user in not logged in and it results in Oauth exception. In this case we will set it back to 0.*/
error_log($e);
$user = '0';
}
}
if ($user <> '0' && $user <> '') { /*So now we will have a valid user id with a valid oauth access token and so the code will work fine.*/
echo "UserId : " . $user;
$params = array( 'next' => 'http://www.anujkumar.com' );
echo "<p><a href='". $facebook->getLogoutUrl($params) . "'>Logout</a>";
$user_profile = $facebook->api('/me');
echo "<p>Name : " . $user_profile['name'];
echo "<p>";
print_r($user_profile);
} else {/*If user id isn't present just redirect it to login url*/
header("Location:{$facebook->getLoginUrl(array('req_perms' => 'email,offline_access'))}");
}
?>
Check out this blog post: http://thinkdiff.net/facebook/new-javascript-sdk-oauth-2-0-based-fbconnect-tutorial/
New JS SDK has been released - https://developers.facebook.com/blog/post/525
You need to ensure that your app is set to pick up the code parameter from the Query String rather than the uri_fragment, this can be set on facebook apps page apps>settings>permissions.
That did it for me using $facebook->getLoginUrl() to provide the login URL.
Check your config array.
Ensure that you are using proper string encaps quotes when setting the values.
$config = array();
$config["appId"] = $APP_ID;
$config["secret"] = $APP_SECRET;
$config["fileUpload"] = false; // optional
This works.
$config = array();
$config[‘appId’] = 'YOUR_APP_ID';
$config[‘secret’] = 'YOUR_APP_SECRET';
$config[‘fileUpload’] = false; // optional
This is a direct copy/paste from the website http://developers.facebook.com/docs/reference/php/ and does NOT work because of the odd squiggly quotes.
the long answer is that your hash for your "checking" of the app signature is not coming out to a correct check, because the app secret is not returning a valid value (it's returning nothing, actually)... so the hash_hmac function is returning an incorrect value that doesn't match properly, etc...
After debugging through the base_facebook.php I found, because somehow I had lost my .crt file the access token is forever invalid. Make sure you have your fb_ca_chain_bundle.crt available at: https://github.com/facebook/facebook-php-sdk/blob/master/src/fb_ca_chain_bundle.crt
Hours and hours down the drain. None of the posts about this on Stack Overflow or other sites provided the solution to my problem. I finally went in to the library code and figured out exactly where it was dying.
On my development machine, which uses XAMPP for Windows, I kept getting the 0 for logging in, while my test server would work properly. After realizing an exception was being thrown but hidden, I put an $e->getMessage() in base_facebook.php, which pointed out I was having an SSL error. The following post, HTTPS and SSL3_GET_SERVER_CERTIFICATE:certificate verify failed, CA is OK, led me to a solution.
The solution:
In base_facebook.php, add the following before curl_exec($ch):
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
You should probably wrap the above in whatever flags you use to determine if you are in development mode, because you won't want the above line in a production system. For instance:
if ( getenv( 'environment' ) === 'development' ) {
curl_setopt( $ch, CURLOPT_SSL_VERIFYPEER, false );
}
I checked and test a long time, Now I found the reason.
Please login developer apps, in settings-->Advance-->Migrations-->Deprecate offline access-->disabled.
You will find $facebook->getUser() will work.
another thing. had better add domain when new the facebook class;
$facebook = new Facebook(array(
'appId' => APP_ID,//$app_id,
'secret' => APP_SECRET,//$app_secret,
'cookie' => true,
'domain'=>'xxxdomain.com',
));
$session = $facebook->getUser();
Try this in your piece of code:
on if condition true you'll be reirected to facebook then login yourself and i hope you'll good to go by then but remember use new libraries of php SDK
if(($facebook->getUser())==0)
{
header("Location:{$facebook->getLoginUrl(array('scope' => 'photo_upload,user_status,publish_stream,user_photos,manage_pages'))}");
exit;
}
else {
$accounts_list = $facebook->api('/me/accounts');
echo "i am connected";
}
i solved this as i faced the same problem.
Just goto developers.facebook.com/apps then navigate to your app
hit EDIT APP button
IF you have check "App on facebook" and have entered a canvas url to it
the app will not work out side the facebook
will work under apps.facebook.com/
just remove this check it worked for me
<?php
require 'facebook.php';
// Create our application instance
// (replace this with your appId and secret).
$facebook = new Facebook(array(
'appId' => 'YOUR_APP_ID',
'secret' => 'YOUR_APP_SECRET',
));
// Get User ID
$user = $facebook->getUser();
// We may or may not have this data based
// on whether the user is logged in.
// If we have a $user id here, it means we know
// the user is logged into
// Facebook, but we don’t know if the access token is valid. An access
// token is invalid if the user logged out of Facebook.
if ($user) {
try {
// Proceed knowing you have a logged in user who's authenticated.
$user_profile = $facebook->api('/me');
} catch (FacebookApiException $e) {
error_log($e);
$user = null;
}
}
// Login or logout url will be needed depending on current user state.
if ($user) {
$logoutUrl = $facebook->getLogoutUrl();
} else {
$loginUrl = $facebook->getLoginUrl();
}
// This call will always work since we are fetching public data.
$naitik = $facebook->api('/naitik');
?>
<!doctype html>
<html xmlns:fb="http://www.facebook.com/2008/fbml">
<head>
<title>php-sdk</title>
<style>
body {
font-family: 'Lucida Grande', Verdana, Arial, sans-serif;
}
h1 a {
text-decoration: none;
color: #3b5998;
}
h1 a:hover {
text-decoration: underline;
}
</style>
</head>
<body>
<h1>php-sdk</h1>
<?php if ($user): ?>
Logout
<?php else: ?>
<div>
Login using OAuth 2.0 handled by the PHP SDK:
Login with Facebook
</div>
<?php endif ?>
<h3>PHP Session</h3>
<pre><?php print_r($_SESSION); ?></pre>
<?php if ($user): ?>
<h3>You</h3>
<img src="https://graph.facebook.com/<?php echo $user; ?>/picture">
<h3>Your User Object (/me)</h3>
<pre><?php print_r($user_profile); ?></pre>
<?php else: ?>
<strong><em>You are not Connected.</em></strong>
<?php endif ?>
<h3>Public profile of Naitik</h3>
<img src="https://graph.facebook.com/naitik/picture">
<?php echo $naitik['name']; ?>
</body>
</html>
$facebook->getUser() will return 0, if the user doesn't authenticate the app.
use $facebook->getLoginUrl to get the URL to authenticate the app.
I was having the exact same problem on my Facebook app, and I finally figured it out after 2 days of hair pulling frustration. It turned out to be an issue with the redirect-uri in the getLoginUrl()! if it doesn't match the registered app domain through facebook, they return the error, and the user gets returned as 0 (the default user value).
I had same problem with getUser(), It returns 0 in IE 8. I found a solution after doing some research. Follow the link below. This worked like a charm.
http://www.andugo.com/facebook-php-sdk-getuser-return-0-value-on-ie/
After some desperate hours, here is what caused the same issue on my server: If you use SSL, make sure that port 443 is not blocked! I opened the port last year, but it appeared that my webhoster somehow did a reset recently.
If you use the new SDK 3.1.1 and JS you need to add new variable to FB.init routine called
oauth : true
to use the new OATH 2.0 Protocol !
Then update your login button while perms are not allowed please use scope instead of perms
getUser() and PHP-SDK silently fails if _REQUEST like globals dropping by http server by misconfiguration. I was using wrong-configured nginx and after tracing code ~3 hours solved this problem via vhost configuration change.
I wrote a comment about solution here: https://github.com/facebook/php-sdk/issues/418#issuecomment-2193699
I hope helps.
A facebook->getUser() will return 0 when there is no logged-in user. (https://developers.facebook.com/docs/reference/php/facebook-getUser/)
To resolve this, the Facebook JS SDK provides an access token from a successful login which you can use with the Facebook PHP SDK.
The javascript below will check whether or not a Facebook login already exists and your Facebook App is authorized:
FB.getLoginStatus(function($response) {
if ($response.status === 'connected') {
var uid = $response.authResponse.userID;
var accessToken = $response.authResponse.accessToken;
_accessServer(uid, accessToken);
} else if ($response.status === 'not_authorized') {
_loginPopup();
} else {
_loginPopup();
}
});
The function _accessServer opens another request back to your server, sending the access token.
The function _loginPopup should open the Facebook login popup requesting the appropriate permissions for the user to "allow access" to your application.
The PHP application should then pass the access token back to the Facebook API:
$facebook->setAccessToken($new_access_token);
$uid = $facebook->getUser();
https://developers.facebook.com/docs/reference/php/facebook-setAccessToken/
Hope that helps.
Adding this line solved this problem for me in IE9:
header('P3P:CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"'); // This is the main cause to use on IE.
If this question is still relevant to people, I'd like to contribute my 2 cents as I struggled quite some time to get things working.
First of all, try out the SDK that would suit you, whether it be PHP or JS. In essence they both do the same stuff, it's just that JS might handle it a bit more elegant (with the pop-up dialog and what not). There's a lot of different tutorials, manuals and examples out there! It took me like a week to find 1 that suited me and that I could actually use. Once you've found the piece of code that works with the SDK you plan on using, it's time for you to alter the code to your specific needs.
Once I had finished my code, I started testing it. I noticed I was running my code on localhost, and I too was getting no result from my arrays. To answer your question: upload your code to a (sub)domain and try again. My code worked all the time, but because I did not have it online, it didn't work. If you already got it online, then my answer is not of use to you.
I'm sorry if this kind of small story isn't really meant to be on SO, but it might help people.
Good luck!
if ($facebook->getUser()) {
$userProfile = $facebook->api('/me');
// do logic
} else {
$loginUrl = $facebook->getLoginUrl($params = array('scope' => SCOPE));
header('Location:' . $loginUrl);
}
that how i fixed my problem, now it is returning me the detail of user profile for further processing. (it was such a headache)
These are good suggestions but the thing that worked for me is on Facebook itself. After refactoring the code many times I realized it's a problem with the configurations on Facebook.
The following steps resolved my issue.
1.) Under Basic > App on Facebook... I deselected that although you can leave it if you want
2.) Under Permissions > Privacy -> set to Public
Permissions > Auth Token -> set to Query String
3.) Under Advanced -> Authentication > App Type -> Web
The third step is the one that really fixed it all, not completely sure why though, hope that helps
Make sure you call this Facebook API-function getUser before any output, because it uses Session variables and Cookies. Headers can not be sent/read correctly if you did.
I also spent many hours looking at this and also found a solution. Might not be for you but it seems there is some issue with $_SERVER['QUERY_STRING'] so you need to set it into the $_REQUEST array.
I was using codeigniter and found that the following code above the library load worked.
parse_str($_SERVER['QUERY_STRING'],$_REQUEST);
parse_str($_SERVER['QUERY_STRING'],$_REQUEST);
$config = array();
$config["appId"] = "63xxxxx39";
$config["secret"] = "dexxxx3bf";
$this->load->library('facebook',$config);
$this->user = $user = $this->facebook->getUser();
if ($user) {
try {
// Proceed knowing you have a logged in user who's authenticated.
$user_profile = $this->facebook->api('/me');
//print_r($user_profile);exit;
} catch (FacebookApiException $e) {
echo '<pre>'.htmlspecialchars(print_r($e, true)).'</pre>';
$user = null;
}
$logout = $this->facebook->getLogoutUrl();
$this->fb_logout = $logout;
$this->fb_user = $user_profile;
} else {
$login = $this->facebook->getLoginUrl(array("scope"=>"email","redirect_uri"=>"http://domain/login/login_fbmember/"));
$this->fb_login = $login;
}
}
This issue is really weird. I have discovered that the problem was the static $CURL_OPTS array in the base_facebook.php.
Try to edit it from this:
/**
* Default options for curl.
*
* #var array
*/
public static $CURL_OPTS = array(
CURLOPT_CONNECTTIMEOUT => 10,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_TIMEOUT => 60,
CURLOPT_USERAGENT => 'facebook-php-3.2',
);
to
/**
* Default options for curl.
*
* #var array
*/
public static $CURL_OPTS = array(
CURLOPT_CONNECTTIMEOUT => 10,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_TIMEOUT => 60,
CURLOPT_USERAGENT => 'facebook-php-3.2',
CURLOPT_IPRESOLVE => CURL_IPRESOLVE_V4
);
The answer to my specific issue was that there were incompatibilities between the versions of the JS SDK and PHP SDK I was using and just upgrading them solved it.
The symptom of this issue is similar when it's caused by a variety of different things so you may do very well in scouting through the different answers available in this page.
I want to read all birthdays of the friends from current user. I use the new Graph API of facebook. I request the authorization of the permissions (read_friendslist and friends_birthday) based on Facebooks insights example and php-sdk example. For reading the friendslist and the user details I used the Graph API with Facebook PHP SDK.
The upcoming code snippets are a short self contained correct example of my approach. If I try to use my app it requests login, then asks for permissions and then fails in printing all my friends due to the fact that no session is available. What's wrong here?
First is the birthday.php which is used by the following index.php, I removed some boilerplate code or code I think it's not causing this problem (identified by [...]). You can find the complete code on the end of this question.
<?php
function get_birthday_of_friends() {
$fbconfig['appid' ] = "MY_APP_ID";
$fbconfig['secret'] = "MY_APP_SECRET";
try{
include_once "facebook/src/facebook.php";
}
catch(Exception $o){
// [...] log error
}
// Create our Application instance.
$facebook = new Facebook(array(
'appId' => $fbconfig['appid'],
'secret' => $fbconfig['secret'],
'cookie' => true,
));
$session = $facebook->getSession();
$fbme = null;
// Session based graph API call.
if ($session) {
// [...] return birthdays
} else {
echo "No session found";
}
}
?>
The required lib.php is identically with the insights example.
<?php
// [...] Include and define app-id etc.
function get_access_token($base_url) {
if (isset($_REQUEST['access_token'])) {
return $_REQUEST['access_token'];
}
$params = array();
$params['client_id'] = APP_ID;
$params['redirect_uri'] = $base_url;
if (!isset($_REQUEST['code'])) {
$params['scope'] = 'read_friendlists, friends_birthday';
$url = FacebookMethods::getGraphApiUrl('oauth/authorize', $params);
throw new RedirectionException($url);
} else {
$params['client_secret'] = APP_SECRET;
$params['code'] = $_REQUEST['code'];
$url = FacebookMethods::getGraphApiUrl('oauth/access_token');
$response = FacebookMethods::fetchUrl($url, $params);
$response = strstr($response, 'access_token=');
$result = substr($response, 13);
$pos = strpos($result, '&');
if ($pos !== false) {
$result = substr($result, 0, $pos);
}
return $result;
}
}
// [...] Call get_access_token() and get_birthday_of_friends()!
?>
Can you help me with that? I added the whole source code on pastebin.com if this helps you to identify my problem. Source code on pastebin.com for "index.php" and "birthday.php".
Thank you in advance!
I am not sure if the method that you are using is deprecated or not, but I know it's the old way and you should try with the new one in order to get the auth token.
Take a look at this link:
http://developers.facebook.com/docs/authentication/signed_request/
In a glance, you have to:
Get the signed_request parameter from $_REQUEST.
Use the sample function provided in
the link to decode it Once you decode
it, you will have an array in which
there is a parameter called
oauth_token.
With this parameter, you can start
making calls to the Graph by
appending it to the URL e.g.
*https://graph.facebook.com/PROFILE_ID/pictures/?access_token=OAUTH_TOKEN*
Make sure that you have Oauth 2.0 for Canvas enabled into the Configuration settings of your app (Advanced tab).
I think in some browsers there's a prblem with third party cookies. Are you testing in Safari? And also, try to add permissions to the loginUrl - it's a bit more simple than adding and requesting the permissions with oauth.
If no session is available, I had to redirect to the login page and require the extended permissions with the parameters. This did the trick to me, thanks to manuelpedrera for helping me out.
$facebook->getLoginUrl(array('req_perms' => 'read_friendlists, [...]'));