Facebook login using OAuth 2.0

  1. I want people to log in to my site with their Facebook accounts.
  2. I need to pull some info from their Facebook profile and add it to my site's database

I have tried using the OAuth 2.0 method which makes a redirect to this url

https://www.facebook.com/dialog/oauth?
    client_id=YOUR_APP_ID
   &redirect_uri=YOUR_REDIRECT_URI
   &scope=COMMA_SEPARATED_LIST_OF_PERMISSION_NAMES
   &state=SOME_ARBITRARY_BUT_UNIQUE_STRING

I successfully authenticated the user but now the main problem arose. How do I access the data which is sent as response all I can see is a GET variable named code and some long text. How do I convert to usable data?

I use php for my website

Exchange the code for a user access token

Once the user has authorized your app, you should make a server side request to exchange the code returned above for a user access token.

https://graph.facebook.com/oauth/access_token?
client_id=YOUR_APP_ID
&redirect_uri=YOUR_REDIRECT_URI
&client_secret=YOUR_APP_SECRET
&code=CODE_GENERATED_BY_FACEBOOK

The client_secret parameter must be the App Secret as shows in your app's settings. The body of the response to this request will be a url encoded string of the form:

access_token=USER_ACESS_TOKEN&expires=NUMBER_OF_SECONDS_UNTIL_TOKEN_EXPIRES

You should parse this string and use the access_token value to make requests to the Graph API. You should also persist the access token in your database in order to make further requests to the API without having to re-authenticate the user.

Once the access token expiry time is reached, the token will become invalid and can no longer be used in requests to the API. To obtain a new user access token, you must pass the user through this flow again. However, if the user has not deauthorized your app and you're asking for no permissions beyond those which the user has already granted your application, then no dialog will be displayed and the user will be transparently redirected to your redirect_uri with a fresh code which can be exchanged for a fresh user access token.

If there is an issue exchanging the code for a user access token, the authorization server will issue an HTTP 400 and return the error as a JSON object in the body of the response:

{
   "error": {
      "type": "OAuthException",
      "message": "Error validating verification code."
   }
}

For further reference checkout http://developers.facebook.com/docs/authentication/server-side/

Making requests to the Graph API

With a valid user access token, you can make requests to read and write data from the Graph API. A common first request would be to get the basic information (including the id and name) of the user who just authenticated your app:

https://graph.facebook.com/me?access_token=YOUR_USER_ACCESS_TOKEN

Manually Build a Login Flow, Developers can easily implement OAuth2 in an application. They just need to go through the technical documentation for the specific OAuth  I want people to log in to my site with their Facebook accounts. I need to pull some info from their Facebook profile and add it to my site's database I have tried using the OAuth 2.0 method which

There is an official SDK for php from Facebook. Which makes life easier.

Check this sample code

What You Need To Know About OAuth2 And Logging In With , OAuth2 Workflow for Facebook Login Application. OAuth2 Facebook We will be using the Express for creating the REST API. For storing user  Corrina Krych has a very helpful tutorial on using OAuth 2.0 with Swift. It walks you through how to get a token, how to integrate the views in your app and where to store your tokens. It walks you through how to get a token, how to integrate the views in your app and where to store your tokens.

In OAuth 2.0 with facebook, the overall concept is simple as follows.

Step 1. Obtain "Authorization Code" by a GET request

request URI: https://www.facebook.com/dialog/oauth
Params:
    response_type=code
    client_id={add your "App id" got by registering app}
    redirect_uri={add redirect uri defined at the registration of app}
    scope={add the scope needed in your app}
Headers: None

Step 2. Obtain the "Access Token" by sending the authorization code as a POST request

request URI: https://graph.facebook.com/oauth/access_token
Params:
    grant_type=authorization_code
    client_id=<add your "App id" got by registering app>
    redirect_uri=<add redirect uri defined at the registration of app>
    code=<obtained authorization code from previous step>
Headers:
    Authorization:Basic encode <App Id:App Secret> with base64 
    Content-Type:application/json

Step 3. Use the access token got from above step and retrieve user resources

Implementing OAuth2 Social Login With Facebook (Part 1), 2 provides authorization flows for web and desktop applications, and mobile devices. OAuth 2.0 OAuth 2.0 is an open standard for authorisation. It is commonly used as a way for users to login to a particular website (say, catpics.com) using a third party account such as a Facebook or Google account, without having to provide catpics.com the password for their Facebook account.

Use JSON WEB TOKEN(JWT) decoder to get the data which is in the token_id which you will get when you print the contents of GET['code']. In that select the token_id copy it and paste it in the online decoder

Implementing Oauth2 Social Login With Facebook Part 2, App when you're asked to choose your security method. When I login to my facebook account and go to the App section and then edit settings for that App. Then there comes an option to use graphAPI for that App. Graph API gives the access token. But this whole process requires user intervention and logging into facebook account. I want to automate this whole process with C# and oAuth 2.0.

What is OAuth? and How to Setup Facebook OAuth API Access in , The FacebookOAuthController. We're going to integrate with Facebook using the same authorization code grant type we just used with COOP. So it shouldn't be  This article is intended to help potential identity providers with the question of how to build an authentication and identity API using OAuth 2.0 as the base. Essentially, if you're saying "I have OAuth 2.0, and I need authentication and identity", then read on.

An Introduction to OAuth 2, Facebook OAuth 2 Tutorial¶. Setup a new web application client in the Facebook APP console When you have obtained a client_id , client_secret and registered  See our new Facebook Login changelog to see a summary of recent changes. Facebook Login A secure, fast, and convenient way for users to log into your app, and for your app to ask for permissions to access data

How do I use an authentication app for two-factor , In this tutorial, we'll show you to integrate OAuth2 to your Spring Boot project and create login Duration: 6:13 Posted: Nov 14, 2017 Log into Facebook to start sharing and connecting with your friends, family, and people you know.

Comments
  • Did you take a look in the extensive documentation on developers.facebook.com? There you can find a working example in php to retrieve user info: developers.facebook.com/docs/reference/php/facebook-api
  • So the response you're talking about, what is the response format is it a GET response or do have to use some other way to parse the data
  • the code is available as a $_GET['code'] variable. Just exchange the code for access_token and you're ready to make API calls to get user data
  • Also make sure to read the facebooks documentation because they update the changes gradually and some gets depricated