我正在使用javascript sdk。在文档中,它说您从 FB.getLoginStatus() 在用户状态 = 已连接时返回的响应对象中获取签名请求,但现在我需要解析签名请求。如何将它发送到我有解析代码的 php 页面?我是否在我的画布应用程序索引页面上包含 php 代码,然后将 signedRequest 发送到同一页面上的代码?或者将代码保留在单独的页面上并通过 SR。
第一个代码块在我的 index.html 页面上。它检查登录状态并从响应对象中获取签名的请求参数。
第二个块是 facebook 提供的 php 代码,用于在您通过注册插件捕获签名请求时解析签名请求,但是当您提供其 url 作为参数时,插件会自动将 SR 发送到此页面。在画布应用程序中,我必须自己传递它。我怎么做?
JavaScript
FB.getLoginStatus(function(response) {
if (response.status === 'connected') {
// the user is logged in and has authenticated your
// app, and response.authResponse supplies
// the user's ID, a valid access token, a signed
// request, and the time the access token
// and signed request each expire
var uid = response.authResponse.userID;
var accessToken = response.authResponse.accessToken;
var signedRequest = response.authResponse.signedRequest;
} else if (response.status === 'not_authorized') {
// the user is logged in to Facebook,
} else {
// the user isn't logged in to Facebook.
}
});
PHP 页面
<?php
define('FACEBOOK_APP_ID', '3*****88&'); // Place your App Id here
define('FACEBOOK_SECRET', '1345*****eb4f2da'); // Place your App Secret Here
// No need to change the function body
function parse_signed_request($signed_request, $secret)
{
list($encoded_sig, $payload) = explode('.', $signed_request, 2);
// decode the data
$sig = base64_url_decode($encoded_sig);
$data = json_decode(base64_url_decode($payload), true);
if (strtoupper($data['algorithm']) !== 'HMAC-SHA256')
{
error_log('Unknown algorithm. Expected HMAC-SHA256');
return null;
}
// check sig
$expected_sig = hash_hmac('sha256', $payload, $secret, $raw = true);
if ($sig !== $expected_sig)
{
error_log('Bad Signed JSON signature!');
return null;
}
return $data;
}
function base64_url_decode($input)
{
return base64_decode(strtr($input, '-_', '+/'));
}
if ($_REQUEST)
{
$response = parse_signed_request($_REQUEST['signed_request'], FACEBOOK_SECRET);
}
$name = $response["registration"]["name"];
$email = $response["registration"]["email"];
$password = $response["registration"]["password"];
$uID = $response["user_id"];
?>