Facebook as an OAuth

Continuing my last post we will now be seeing how we can use Facebook as an OAuth for our website.

The very fast step would be to register your website in facebook as an Application.

• Go to the link https://developers.facebook.com/apps. It will ask you to log into facebook if you are not already logged in.
• Click on create new app.And input the fields.

• Once Namespace and Display Name is accepted it will take you to next screen where you can input your website information.
• Input your email address in contact email field. Input your website address in Site URL mentioned below and App Domain should be a subset of your Site URL.

• After this click save and go to Basic page in settings. Copy the App Id and App Secret, you will be needing these two fields to validate users.

Next step you will create the website OAuth.
• In first page we will directly redirect to facebook authorization page. In production this can be done on click of a link or button.

index.php

<?php

    $facebookAuthURL = 'https://www.facebook.com/dialog/oauth';

    $facebookClientId = '145XXXXXXXXXX10'; // Put your App Id here.

    $facebookRedirectUrl = 'http://subirkumarsao.dyndns-server.com/oauthdemo/userAuth.php'; // This will be the url which will do the second part of authentication.

    $authUrl = $facebookAuthURL.'?client_id='.$facebookClientId.'&redirect_uri='.

$facebookRedirectUrl;

?>

<html>

<head>

<meta http-equiv="REFRESH" content="0;url=<?php print $authUrl;?>"></meta>

</head>

</html>

• After user accepts to allow your site to access basic information, facebook will redirect the user to redirect_uri mentioned above and pass code as a paramter.

userAuth.php

<?php

    $facebookAppAuthUrl = 'https://graph.facebook.com/oauth/access_token';

    $facebookGraphUrl = 'https://graph.facebook.com';

    $facebookClientId = '145XXXXXXXXXX10'; // Put your App Id here.

    $facebookRedirectUrl = 'http://subirkumarsao.dyndns-server.com/oauthdemo/userAuth.php'; // Redirect url same as passed before.

    $facebookAppSecret = "7f2feXXXXXXXXXXc40806fYYYYYYbf16"; // Put your App Secret here.

  $code = $_GET['code'];

  

  $url =$facebookAppAuthUrl."?client_id=".$facebookClientId

."&redirect_uri=".$facebookRedirectUrl

."&client_secret=".$facebookAppSecret

."&code=".$code;

  

  $output = urlResponse($url);

  $var = strtok($output, "&");

  $ApCode = strtok($var, "=");

  $ApCode = strtok("=");

  

  //  This $ApCode will be used as a token to get user info from facebook.

    

    $url = $facebookGraphUrl.'/me';

    echo '<pre>';

    $resposeObj = json_decode(processUrl($url,$ApCode));

    var_dump($resposeObj);

    echo '<pre>';

    

    function urlResponse($url)

    {

$ch = curl_init();

curl_setopt ($ch, CURLOPT_SSL_VERIFYHOST, 0);

curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, 0);

curl_setopt($ch, CURLOPT_URL, $url);

curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);

$response = curl_exec($ch);

curl_close($ch);

return $response;

    }

    function processUrl($url,$apCode){

if(stripos($url,'?')>0)

           $url = $url.'&access_token='.$apCode;

else

           $url = $url.'?access_token='.$apCode;

return urlResponse($url);

    }

?>

• If everything goes fine you will see user info in JSON format in output.

• You have now successfully integrated your website to use facebook as an OAuth. You can now save the user info received in JSON format. If you need more specific information about the user you can ask specific permission by specifying scope in the request url. Ex: .....&scope=read_friendlists. For more details go through https://developers.facebook.com/docs/reference/api/.

Thanks for reading my post. If you have any doubts do post them. Suggestions are always welcomed.