fbauth 0.9.7 → 0.9.8
Sign up to get free protection for your applications and to get access to all the features.
- data/README.mdown +34 -0
- data/app/controllers/facebook_auth_functions.rb +3 -0
- metadata +3 -3
data/README.mdown
CHANGED
@@ -13,3 +13,37 @@ And as of this writing, authentication with the Javascript SDK remains broken du
|
|
13
13
|
cookies, which are simply not supported in mobile Safari, by default on Safari for Windows, and reportedly on the
|
14
14
|
Android Webkit based browser.
|
15
15
|
|
16
|
+
This plugin uses a few techniques to locate your "access token" and prefers to use the OAuth API to get what you need as
|
17
|
+
a Facebook app to ensure your users have correctly added your app, authenticated in Facebook, and to communicate with
|
18
|
+
the Graph API.
|
19
|
+
|
20
|
+
Here are the scenarios we currently handle:
|
21
|
+
|
22
|
+
iFrame Apps
|
23
|
+
-----------
|
24
|
+
|
25
|
+
- first page load as an iFrame app inside Facebook, where authentication params are sent in the URL used for your iFrame
|
26
|
+
- this is particularly required for mobile Safari and other browsers blocking cross-domain cookies by default
|
27
|
+
|
28
|
+
- loading from the cookie initialized by the JavaScript API
|
29
|
+
- works great for browsers supporting cross-domain cookies by default
|
30
|
+
|
31
|
+
- the access token you get is time-limited, if it has expired you need to be re-authenticated
|
32
|
+
|
33
|
+
External (Connect) Apps
|
34
|
+
-----------------------
|
35
|
+
|
36
|
+
- handling an OAuth exchange back & forth with Facebook to handle authentication and capture URL parameters back for
|
37
|
+
token
|
38
|
+
|
39
|
+
Things Remaining Unclear
|
40
|
+
========================
|
41
|
+
|
42
|
+
Documentation for the Facebook platform is a little fragmented, so we haven't (that we recall) come across the answers
|
43
|
+
to these questions yet:
|
44
|
+
|
45
|
+
- what timezone is the OAuth token expiry value in? (we get it in Epoch, no TZ data, currently assuming San Francisco)
|
46
|
+
- what happens when time approaches the OAuth token expiry?
|
47
|
+
- do we get a new one?
|
48
|
+
- are we expected to stop functioning and redirect to a FB login?
|
49
|
+
|
@@ -5,6 +5,9 @@ module FacebookAuthFunctions
|
|
5
5
|
end
|
6
6
|
|
7
7
|
def require_facebook_auth
|
8
|
+
# Prep IE so it will take our cookies in a Facebook iFrame
|
9
|
+
response.headers['P3P'] = 'CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"'
|
10
|
+
|
8
11
|
setup_facebook_auth
|
9
12
|
if @facebook_auth.nil?
|
10
13
|
redirect_to build_auth_url
|
metadata
CHANGED
@@ -5,8 +5,8 @@ version: !ruby/object:Gem::Version
|
|
5
5
|
segments:
|
6
6
|
- 0
|
7
7
|
- 9
|
8
|
-
-
|
9
|
-
version: 0.9.
|
8
|
+
- 8
|
9
|
+
version: 0.9.8
|
10
10
|
platform: ruby
|
11
11
|
authors:
|
12
12
|
- Three Wise Men Inc.
|
@@ -14,7 +14,7 @@ autorequire:
|
|
14
14
|
bindir: bin
|
15
15
|
cert_chain: []
|
16
16
|
|
17
|
-
date: 2011-01-
|
17
|
+
date: 2011-01-19 00:00:00 -05:00
|
18
18
|
default_executable:
|
19
19
|
dependencies: []
|
20
20
|
|