Can somebody explain me what the difference between those two is? I thought they should return the same values, but what I get is:
$REQUEST['signed_request']
NAqZcEqPisfOqf_3SyKf_zvLyiE_gjpyQIknmQ1xXpQ.eyJhbGdvcml0aG0iOiJITUFDLVNIQTI1NiIsImFwcF9kYXRhIjoiMTAwMDAxNDcwODI3NzQxIiwiZXhwaXJlcyI6MTM1NDIzMDAwMCwiaXNzdWVkX2F0IjoxMzU0MjI0NDAyLCJvYXV0aF90b2tlbiI6IkFBQUdEMzVJM0k3VUJBRDZ3a1pCWkJXbFhidUFuUEdVMERTUW93R1pCSUI1NDE1Zkt1RjdaQ1JrNjFaQWF4ZExBeHVIRWNYS2N2WkJBSlRtN01BOGx3YmZaQXIyRWhtWkFNY3JkQXQ2WkNZZ3lTdFFaRFpEIiwicGFnZSI6eyJpZCI6IjQwMDQ3MDE3MDAwOTQ4NSIsImxpa2VkIjp0cnVlLCJhZG1pbiI6dHJ1ZX0sInVzZXIiOnsiY291bnRyeSI6ImRlIiwibG9jYWxlIjoiZW5fVVMiLCJhZ2UiOnsibWluIjoyMX19LCJ1c2VyX2lkIjoiNjA0MjA3Njk0In0
and getSignedRequest()
Array ( [algorithm] => HMAC-SHA256 [app_data] => 100001470827741 [expires] => 1354230000 [issued_at] => 1354224402 [oauth_token] => AAAGD35I3I7UBAD6wkZBZBWlXbuAnPGU0DSQowGZBIB5415fKuF7ZCRk61ZAaxdLAxuHEcXKcvZBAJTm7MA8lwbfZAr2EhmZAMcrdAt6ZCYgyStQZDZD [page] => Array ( [id] => 40047123009485 [liked] => 1 [admin] => 1 ) [user] => Array ( [country] => de [locale] => en_US [age] => Array ( [min] => 21 ) ) [user_id] => 2237694 )
Edit: Thanks to yellow I found out that the former is base64encoded. It can be decoded using this function:
function parse_signed_request($signed_request) {
list($encoded_sig, $payload) = explode('.', $signed_request, 2);
// decode the data
$sig = base64_url_decode($encoded_sig);
$data = json_decode(base64_url_decode($payload), true);
return $data;
}
function base64_url_decode($input) {
return base64_decode(strtr($input, '-_', '+/'));
}