Advertisement
Guest User

fb_login

a guest
Jan 26th, 2012
55
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 4.14 KB | None | 0 0
  1. <?php
  2. require 'libs/facebook.php';
  3.  
  4. function parse_signed_request($signed_request, $secret) {
  5.     list($encoded_sig, $payload) = explode('.', $signed_request, 2);
  6.  
  7.     // decode the data
  8.     $sig = base64_url_decode($encoded_sig);
  9.     $data = json_decode(base64_url_decode($payload), true);
  10.  
  11.     if (strtoupper($data['algorithm']) !== 'HMAC-SHA256') {
  12.       error_log('Unknown algorithm. Expected HMAC-SHA256');
  13.       return null;
  14.     }
  15.  
  16.     // check sig
  17.     $expected_sig = hash_hmac('sha256', $payload, $secret, $raw = true);
  18.     if ($sig !== $expected_sig) {
  19.       error_log('Bad Signed JSON signature!');
  20.       return null;
  21.     }
  22.  
  23.     return $data;
  24.   }
  25.     function base64_url_decode($input) {
  26.     return base64_decode(strtr($input, '-_', '+/'));
  27.   }
  28.  
  29.  
  30. $facebook = new Facebook(array(
  31.   'appId'  => 'MY_APP_ID', // Anwendungs ID
  32.   'secret' => 'MY_APP_SECRET', // Anwendungs-Geheimcode
  33.   'cookie' => true, // enable optional cookie support
  34. ));
  35. $APPLICATION_ID = "MY_APP_ID";
  36. $APPLICATION_SECRET = "MY_APP_SECRET";
  37. $app_url = 'http://apps.facebook.com/maya_calendar/Source_trial/';
  38. $my_url = 'http://apps.facebook.com/maya_calendar/Source_trial/';
  39. $canvas_base_url = "http://apps.facebook.com/maya_calendar/Source_trial/";
  40. $to_id = $facebook->getUser();
  41.  
  42. if ($session = $facebook->getSession()) { // Session vorhanden?
  43.   try {
  44.       $params = array('access_token' => $session['access_token']);      // hollt das access_token des users für die session
  45.     //$params2 = array('access_token' => $session['oder_info']);        // hollt das access_token des users für die session
  46.     $token=$facebook->getAccessToken();     // get user_access_token
  47.     //////////////////////////////////////////////////////////////////////  USER & APP AUTHORIZATION
  48.         session_start();
  49.         $code = $_REQUEST["code"];
  50.         if(empty($code)) {
  51.          $_SESSION['state'] = md5(uniqid(rand(), TRUE)); //CSRF protection
  52.          $dialog_url = "http://www.facebook.com/dialog/oauth?client_id="
  53.            . $APPLICATION_ID . "&redirect_uri=" . urlencode($my_url) . "&state="
  54.            . $_SESSION['state']."&scope=email,read_stream,user_status,read_requests,offline_access,manage_pages,user_checkins,publish_stream,read_mailbox,publish_actions";
  55.  
  56.          echo("<script> top.location.href='" . $dialog_url . "'</script>");
  57.        }
  58.               if($_REQUEST['state'] == $_SESSION['state']) {
  59.          $token_url = "https://graph.facebook.com/oauth/access_token?"
  60.            . "client_id=" . $app_id . "&redirect_uri=" . urlencode($my_url)
  61.            . "&client_secret=" . $app_secret . "&code=" . $code;
  62.  
  63.          $response = @file_get_contents($token_url);
  64.          $params = null;
  65.          parse_str($response, $params);
  66.  
  67.          $graph_url = "https://graph.facebook.com/me?access_token="
  68.            . $params['access_token'];
  69.  
  70.          $user = json_decode(file_get_contents($graph_url));
  71.          //echo("Hallo " . $user->name);
  72.        }
  73.        else {
  74.          echo("The state does not match. You may be a victim of CSRF.");
  75.        }
  76.     /////////////////////////////////////////////////////////////////////////////////
  77.     $token_url = "https://graph.facebook.com/oauth/access_token?".
  78.      "&client_id=".$APPLICATION_ID ."&client_secret=".$APPLICATION_SECRET.
  79.      "&grant_type=client_credentials";
  80.     $access_token = file_get_contents($token_url);
  81.  
  82.     $url = "https://graph.facebook.com/".$APPLICATION_ID."/payments?access_token=".$access_token;          
  83.     $ret = file_get_contents($url);
  84.    
  85.     //echo"<pre>"; print_r($access_token); echo"</pre>";
  86.     echo"<pre>"; print_r($ret); echo"</pre>";
  87.  
  88.   } catch (FacebookApiException $e) {
  89.     print $e;
  90.   }
  91. } else { // Keine Session vorhanden.
  92.      //Get Access zu personal data from user
  93.      $loginUrl = $facebook->getLoginUrl(array('canvas' => 1,
  94.                                               'fbconnect' => 0,
  95.                                               'req_perms' => 'email,read_stream,user_status,read_requests,offline_access,manage_pages,publish_stream,publish_actions',
  96.                                               'next' => $canvas_base_url . 'index.html',
  97.                                               'cancel_url' => $canvas_base_url ));
  98.    
  99.      echo ('<script type="text/javascript">top.location.href=\''.$loginUrl.'\';</script>');
  100.    
  101.    
  102.  
  103. }
  104.  
  105.  
  106.  
  107.  
  108. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement