I am working on the project which has a mobile front end and php server backend. It Implements a facebook login on the the front end getting the required tokens. Now this token is sent to the php backend so that this token can be used to get the user info and friends lists.. how can i go about using this with the fb-php sdk in Codeigniter.?
You could pass it over using a cookie. I have used the facebook api a few times but never tried this.
Would it not be easier to use the PHP sdk to log the user in because then you would already have the access token available.
You can add fb-sdk as a thirdpaty library and after you initialize the object
you can retrive the friend list like this
$fb->api('/[userid]/friends?access_token=[access_token]');
if you have problems with users access token you can use applications access token too.
Check this link to how to get the app access token : http://developers.facebook.com/docs/facebook-login/access-tokens/
Related
http://api.chan15.info/google-stackoverflow.html
This is the sample code I use to let user login via Google JavaScript API, and it's work, next step is use user id to login to local server via PHP, but use the user id by JavaScript is pretty danger, the real procedure I want is:
login user via JavaScript API
get access_token from JavaScript
pass the access token to PHP
use access token to Google OAuth to get user id again by PHP
login the user by user id
but I don't know how to get access token.
After the user is logged in to their Google account using the Javascript Oauth2 API the access token can be found here:
gapi.auth2.getAuthInstance().currentUser.get().getAuthResponse().access_token;
I've used this to pass the token along to a separate curl PHP request as well as CORS. Since Google's JS API is still Beta I had to resort to sending a PHP curl request in the past. If you're planning to store the token for access after the user navigates away I'd also also get the token expiration date and call another function that wipes out the stored token whenever expired or explicitly revoked. But for me it was just easier to pull this right after successful login each time since I only needed to call the PHP function once and in real-time with AJAX as a bandaid.
PS: You might want to change the original category from Java to Javascript
I am implementing the hybrid sign in flow got login with Google+. What I want to achieve is this:
One a user has authorized the app, the next time he comes back on the website, I want to log him in automatically.
In hybrid flow, google automatically logs the user in and displays a welcome back message (javascript sdk) along with returning access token. But this process requries one ajax call to be sent to gogole api.
I want to make this call through the backend itself using Google's PHP client library. Since the app has been authorized already, it should simply return the access token as it does when using javascript sdk. But I am not able to figure out how to achieve this using client library. Can anyone please help me out?
In your call parameters set access_type: 'offline', then need to get a new token using the refresh_token that is provided ONCE at the FIRST time of authorisation. You will have to store that refresh_token somewhere in your database and pair it up with the user's already expired access token ID or somehow and make another call for a valid access token.
For the time being you can set approval_prompt: 'force' but that's merely a development trick not a real solution.
More is explained here refresh token with google api client php
I am developing a REST api using PHP (Laravel framework). While i was playing with the facebook's GRAPH API EXPLORER what i noticed is that it uses session like mechanism.
When i am logged out and try the explorer by providing my access token i get the following error.
now what my point is that facebook is using the session here beside just access token. My question is how come one can able to use session in REST Api because when i request my api using CURL the server generates new session for every request.
Is there any hack if yes then how it is done?
now what my point is that facebook is using the session here beside just access token
Actually, the graph api explorer will automatically append access_token=blah_blah if you omit it, so its sessions are actually only based on access_token. Your access_token must have been expired. Debug it here: https://developers.facebook.com/tools/debug
I've been trying to get Google's Calendar API working in a PHP web application, but I'm having a hard time getting authenticated.
What I want to do is to allow users to interact with calendars of a single account known by the server.
Each type of scenario covered in the OAuth 2.0 docs talks about "user consent" which involves a login form and the individual user logging in, but I want the server itself to authenticate directly and obtain an access token for itself.
Is there some part of OAuth or some alternative mechanism I can use to do this?
In order to do this, you must go through the steps for user consent and then copy the access tokens it gives you into the PHP code.
The usual procedure for OAuth is like this:
Send user to authentication page.
User comes back with $_GET['code']
Send $_GET['code'] to OAuth server for a token
Store token in database for the user (or session, if it's very short lived)
But when doing it with a single calendar like this, you modify step 4. Instead, you dump the token to screen and copy it into your PHP file as variables, instead of putting it in the database. Then when you go to pass the access token to the server, you just pass the known, static token rather than a dynamic token from the database / session.
See mathewh's answer here:
How to automate login to Google API to get OAuth 2.0 token to access known user account
The lightbulb for me is when you get the access token you get a refresh_token as well... you use this token to "refresh" your access token once it expires.
There is no way around a manual authorization step the first time.
I am creating a website that integrates with Facebook's graph API using the PHP SDK. However, i am looking for a way i can pass variables like user id, location, likes etc between pages (maybe using php's session_start. And when the user logs out of facebook the session gets deleted.
Thanks.
The session needs to be managed by your php application. Once facebook authenticates you using it's API you are given an access token for further requests using the graph api. Facebook doesn't authenticate you again and again. The session and the params that you need are the responsibility of you application. If you want to interact with facebook data, you use graph API in that case, else your application runs independently.