PHP kôd:
<?php
define('FACEBOOK_APP_ID', 287905657898246);
define('FACEBOOK_APP_SECRET', '000000000000000000000000000000000'); // <--- uneti App Secret kod
// ------------------- pocetak funkcija ----------------------
function parse_signed_request($signed_request, $secret) {
list($encoded_sig, $payload) = explode('.', $signed_request, 2);
// decode the data
$sig = base64_url_decode($encoded_sig);
$data = json_decode(base64_url_decode($payload), true);
if (strtoupper($data['algorithm']) !== 'HMAC-SHA256') {
error_log('Unknown algorithm. Expected HMAC-SHA256');
return null;
}
// check sig
$expected_sig = hash_hmac('sha256', $payload, $secret, $raw = true);
if ($sig !== $expected_sig) {
error_log('Bad Signed JSON signature!');
return null;
}
return $data;
}
function base64_url_decode($input) {
return base64_decode(strtr($input, '-_', '+/'));
}
function get_facebook_cookie($app_id, $app_secret) {
$signed_request = parse_signed_request($_COOKIE['fbsr_' . $app_id], $app_secret);
// $signed_request should now have most of the old elements
$signed_request[uid] = $signed_request[user_id]; // for compatibility
if (!is_null($signed_request)) return $signed_request['code'];
else return FALSE;
}
function check_facebook_cookie()
{
if (isset($_COOKIE['fbsr_' . FACEBOOK_APP_ID])) return TRUE;
return FALSE;
}
function get_access_token($app_id, $app_secret, $cookie)
{
$access_token_response = @file_get_contents("https://graph.facebook.com/oauth/access_token?client_id=".$app_id."&redirect_uri=&client_secret=".$app_secret."&code=".$cookie);
if ($access_token_response)
{
parse_str($access_token_response);
$signed_request['access_token'] = $access_token;
$signed_request['expires'] = time() + $expires;
return $signed_request['access_token'];
} else return FALSE;
}
function get_facebook_user($access_token)
{
$file=@file_get_contents('https://graph.facebook.com/me?access_token=' . $access_token);
if ($file)
{
$user = json_decode($file);
} else return FALSE;
if (isset($user->id)) return $user;
else return FALSE;
}
function facebook_main_function()
{
global $facebook_logged_in, $facebook_user;
$facebook_logged_in=0;
if (!check_facebook_cookie()) return FALSE; // ako uopste ne postroji fbsr_ cookie onda napustamo funkciju
$cookie = get_facebook_cookie(FACEBOOK_APP_ID, FACEBOOK_APP_SECRET); // uzimamo vrednost fbsr_ cookie-a
if ($cookie)
{
$access_token=get_access_token(FACEBOOK_APP_ID, FACEBOOK_APP_SECRET, $cookie); // uzimamo neki retardirani token preko http-a
if ($access_token)
{
$facebook_user=get_facebook_user($access_token); // uzimamo podatke korisnika
if ($facebook_user)
{
$facebook_logged_in=1;
}
else setcookie('fbsr_' . FACEBOOK_APP_ID, '', time()-4000);
} else setcookie('fbsr_' . FACEBOOK_APP_ID, '', time()-4000);
}
}
// ------------------- kraj funkcija ----------------------
// odavde krece izvrsavanje skripte
facebook_main_function(); // ako postoji FB cookie - povezuje se na FB i uzima podatke korisnika
if ($facebook_logged_in) // ako su uzeti podaci
{
echo 'Dobro dosao '. $facebook_user->name."<br />\n";
echo 'Tvoj email je '. $facebook_user->email."<br />\n";
echo '<img src="http://graph.facebook.com/'.$facebook_user->id.'/picture" />';
exit;
}
// ako nije setovan FB cookie [i ujedno nisu pokupljeni podaci] - onda prikazujemo HTML za FB Connect dugme
?>
<html>
<body>
<div id="fb-root"></div>
<script>
window.fbAsyncInit = function() {
FB.init({
appId : '<? echo FACEBOOK_APP_ID; ?>',
status : true,
cookie : true,
xfbml : true,
oauth : true
});
};
function fejs_login()
{
FB.login(function(response) {
if (response.authResponse) {
FB.api('/me', function(response) {
window.location.reload();
});
} else {
}
}, {scope: 'email'});
}
(function(d){
var js, id = 'facebook-jssdk'; if (d.getElementById(id)) {return;}
js = d.createElement('script'); js.id = id; js.async = true;
js.src = "//connect.facebook.net/en_US/all.js";
d.getElementsByTagName('head')[0].appendChild(js);
}(document));
</script>
<a href="javascript:fejs_login()">Login with Facebook</a>
</body>
</html>
u liniji:
PHP kôd:
}, {scope: 'email'});
se definise koje dodatne podatke uzimas, naveden primer sa 'email'.