用于OAuth身份验证的Facebook代码参数
我构建了一个FB应用程序,它做以下工作:
1)将初始请求重定向到FB,以便进行身份验证/登录,具体如下:
2)在servlet中,获取"code“参数(哪个是signed_request?):
String signedReq = request.getParameter("code");
// the String retrieved from the code parameter is:
//3DaDJXq1Mlsq67GbeudlUxu7bY5Um4hSJlwzoPCHhp4.eyJpdiI6Ikc1ODNuRjZXbnhCb0hUV1FEMVNTQUEifQ._iXKxSGiNHfc-i5fRO35ny6hZ03DcLwu4bpAkslqoZk6OfxW5Uo36HwhUH2Gwm2byPh5rVp2kKCNS6EoPEZJzsqdhZ_MhuUD8WGky1dx5J-qNOUqQK9uNM4HG4ziSgFaAV8mzMGeUeRo8KSL0tcKuq//此参数在实际“代码”中的末尾包含'#_= _‘,但我无法通过request.getParameter(“代码”)获得它;这是一个java web应用程序。
回答 1
Stack Overflow用户
发布于 2011-12-14 19:14:25
从Facebook的OAuth页面复制
With this code in hand, you can proceed to the next step, app authentication, to gain the access token you need to make API calls. In order to authenticate your app, you must pass the authorization code and your app secret to the Graph API token endpoint - along with the exact same redirect_uri used above - at https://graph.facebook.com/oauth/access_token. The app secret is available from the Developer App and should not be shared with anyone or embedded in any code that you will distribute (you should use the client-side flow for these scenarios).
https://graph.facebook.com/oauth/access_token? client_id=YOUR_APP_ID&redirect_uri=YOUR_URL& client_secret=YOUR_APP_SECRET&code=THE_CODE_FROM_ABOVE
If your app is successfully authenticated and the authorization code from the user is valid, the authorization server will return the access token.
所以,对OAuth来说,这是非常标准的。获取一段成功代码,将其输入上面的url (带有适当的client_id、client_secret和redirect_uri),您就应该是现金了。你会得到一个访问令牌,现在是派对时间。
阅读Facebook的文章。内容很丰富。如果你对此有疑问,我很乐意帮忙。
祝你好运:)
https://stackoverflow.com/questions/8510213
复制相似问题
腾讯云开发者
