Wednesday, February 16, 2011

Simple PHP oAuth example for Facebook Graph API

I needed to implement oAuth for the the Facebook graph API today and couldn't find any straight forward php examples so I thought I would post this in case any else is in a similar situation.

The basic process for the authentication is outlined here so I won't go into the details of it.  In the example below the bit you'll need to take note of is the "scope" parameter in the link, this defines the permissions you are requesting.  To see a full list of available permissions click here.

You'll also need to sign up for an API key first and register your application with Facebook, you can sign up here.

Step 1:
In your page make a link like this:

<a href="https://www.facebook.com/dialog/oauth?client_id=<?=FACEBOOK_APP_ID?>&redirect_uri=
<?=urlencode('http://yoursite.com/fb_oauth_return.php')?>
&scope=offline_access,user_checkins,friends_checkins">Connect with Facebook</a>

Step 2:
Create a page called fb_oauth_return.php which contains the following code

<?
if(!isset($_GET["error"]))
{

 if(isset($_GET["code"]))
 {
  $code = $_GET["code"];    
  $url = 'https://graph.facebook.com/oauth/access_token?client_id='.FACEBOOK_APP_ID.'&redirect_uri='.urlencode('http://yoursite.com/fb_oauth_return.php').'&client_secret='.FACEBOOK_SECRET.'&code='.$code;
  
  $curl_handle=curl_init();
  curl_setopt($curl_handle,CURLOPT_URL,$url);
  curl_setopt($curl_handle,CURLOPT_CONNECTTIMEOUT,6);
  curl_setopt($curl_handle,CURLOPT_RETURNTRANSFER,1);
  $buffer = curl_exec($curl_handle);
  curl_close($curl_handle);    
  if(strpos($buffer, 'access_token=') === 0)
  {
   //if you requested offline acces save this token to db 
   //for use later   
   $token = str_replace('access_token=', '', $buffer);
      
   //this is just to demo how to use the token and 
   //retrieves the users facebook_id
   $url = 'https://graph.facebook.com/me/?access_token='.$token;
   $curl_handle=curl_init();
   curl_setopt($curl_handle,CURLOPT_URL,$url);
   curl_setopt($curl_handle,CURLOPT_CONNECTTIMEOUT,2);
   curl_setopt($curl_handle,CURLOPT_RETURNTRANSFER,1);
   $buffer = curl_exec($curl_handle);
   curl_close($curl_handle);
   $jobj = json_decode($buffer);
   $facebook_id = $jobj->id;
   
   
  }
  else
  {
   //do error stuff
  }
 }
}
else
{
 //do error stuff
}
?>

And that's it.  If you requested offline access you'll need to save the token to your database so that you can use it to make requests on the user's behalf later.

8 comments:

  1. You're missing a ] in:

    if(!isset($_GET["error"))

    ReplyDelete
  2. "If you requested online access..."

    You mean offline_access, right?

    ReplyDelete
  3. @Far East Icarus thanks for the heads up, i've made the edits. Hope everything worked ok for you. BTW i did mean offline access ;)

    ReplyDelete
    Replies
    1. Hi James,

      I have tried your code above and can't seem to get it to work :-/.

      I am wanting to be able to use the oAuth dialog with php to allow a user to grant access to my app, and to subsequently be able to use their facebook account later to login to the website. I don't suppose you can give me some help with using php to store basic user info (first name, last name, email, gender) into a database? I am getting really lost :-/

      Thanks in advance!

      Delete
  4. This comment has been removed by the author.

    ReplyDelete
  5. Cool, seems to be working. Thanks for the code.

    One other comment though... the timeout is killing my application so I removed it. Ideally 2 seconds would be more than enough but I think my server is just a few too many hops outta town.

    ReplyDelete
  6. @Far East Icarus no problem, glad it helped. I bumped the timeout up to 6 seconds in the example just in case anyone else experiences a similar issue

    ReplyDelete
  7. I have learned about OAth for the gmail thru PHP but this facebook API looks much more interesting.Thanks for sharing !
    Cheers !
    web design company

    ReplyDelete