Facebook Authentication Gotcha

I am working on a project right now that allows the user to log into facebook and grant access to a page or theirs. The documentation says to use this type of call:

https://www.facebook.com/dialog/oauth?
     client_id=YOUR_APP_ID&redirect_uri=YOUR_URL&scope=manage_pages&
     response_type=token

The problem for me was that a response_type of token redirects the browser with a URI of :

https://domain.com/#access_token=<a_valid_token>

That is not a valid GET variable, therefore requiring you to either parse the URI yourself or not use the Facebook PHP SDK. Since I’m too lazy to not use the SDK, I changed the response_type to “code”. This changed the redirect URI to:

https://domain.com/?code=<some_code>

This valid GET variable, code, is something the PHP SDK will use to obtain the access token to get access to a user’s pages. The PHP SDK sticks it in a cookie temporarily while you fetch page information and each page’s access token. Now, we are ready to go!

Leave a Reply

Your email address will not be published. Required fields are marked *