fbauth 0.9.7 → 0.9.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/README.mdown +34 -0
- data/app/controllers/facebook_auth_functions.rb +3 -0
- metadata +3 -3
data/README.mdown
CHANGED
|
@@ -13,3 +13,37 @@ And as of this writing, authentication with the Javascript SDK remains broken du
|
|
|
13
13
|
cookies, which are simply not supported in mobile Safari, by default on Safari for Windows, and reportedly on the
|
|
14
14
|
Android Webkit based browser.
|
|
15
15
|
|
|
16
|
+
This plugin uses a few techniques to locate your "access token" and prefers to use the OAuth API to get what you need as
|
|
17
|
+
a Facebook app to ensure your users have correctly added your app, authenticated in Facebook, and to communicate with
|
|
18
|
+
the Graph API.
|
|
19
|
+
|
|
20
|
+
Here are the scenarios we currently handle:
|
|
21
|
+
|
|
22
|
+
iFrame Apps
|
|
23
|
+
-----------
|
|
24
|
+
|
|
25
|
+
- first page load as an iFrame app inside Facebook, where authentication params are sent in the URL used for your iFrame
|
|
26
|
+
- this is particularly required for mobile Safari and other browsers blocking cross-domain cookies by default
|
|
27
|
+
|
|
28
|
+
- loading from the cookie initialized by the JavaScript API
|
|
29
|
+
- works great for browsers supporting cross-domain cookies by default
|
|
30
|
+
|
|
31
|
+
- the access token you get is time-limited, if it has expired you need to be re-authenticated
|
|
32
|
+
|
|
33
|
+
External (Connect) Apps
|
|
34
|
+
-----------------------
|
|
35
|
+
|
|
36
|
+
- handling an OAuth exchange back & forth with Facebook to handle authentication and capture URL parameters back for
|
|
37
|
+
token
|
|
38
|
+
|
|
39
|
+
Things Remaining Unclear
|
|
40
|
+
========================
|
|
41
|
+
|
|
42
|
+
Documentation for the Facebook platform is a little fragmented, so we haven't (that we recall) come across the answers
|
|
43
|
+
to these questions yet:
|
|
44
|
+
|
|
45
|
+
- what timezone is the OAuth token expiry value in? (we get it in Epoch, no TZ data, currently assuming San Francisco)
|
|
46
|
+
- what happens when time approaches the OAuth token expiry?
|
|
47
|
+
- do we get a new one?
|
|
48
|
+
- are we expected to stop functioning and redirect to a FB login?
|
|
49
|
+
|
|
@@ -5,6 +5,9 @@ module FacebookAuthFunctions
|
|
|
5
5
|
end
|
|
6
6
|
|
|
7
7
|
def require_facebook_auth
|
|
8
|
+
# Prep IE so it will take our cookies in a Facebook iFrame
|
|
9
|
+
response.headers['P3P'] = 'CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"'
|
|
10
|
+
|
|
8
11
|
setup_facebook_auth
|
|
9
12
|
if @facebook_auth.nil?
|
|
10
13
|
redirect_to build_auth_url
|
metadata
CHANGED
|
@@ -5,8 +5,8 @@ version: !ruby/object:Gem::Version
|
|
|
5
5
|
segments:
|
|
6
6
|
- 0
|
|
7
7
|
- 9
|
|
8
|
-
-
|
|
9
|
-
version: 0.9.
|
|
8
|
+
- 8
|
|
9
|
+
version: 0.9.8
|
|
10
10
|
platform: ruby
|
|
11
11
|
authors:
|
|
12
12
|
- Three Wise Men Inc.
|
|
@@ -14,7 +14,7 @@ autorequire:
|
|
|
14
14
|
bindir: bin
|
|
15
15
|
cert_chain: []
|
|
16
16
|
|
|
17
|
-
date: 2011-01-
|
|
17
|
+
date: 2011-01-19 00:00:00 -05:00
|
|
18
18
|
default_executable:
|
|
19
19
|
dependencies: []
|
|
20
20
|
|