一、授权登录
login.php
打开该链接,将显示“Login with Facebook!”登录链接
$fb = new Facebook\Facebook([
'app_id' => '{app-id}', // Replace {app-id} with your app id
'app_secret' => '{app-secret}',
'default_graph_version' => 'v2.2',
]);
$helper = $fb->getRedirectLoginHelper();
$permissions = ['email']; // Optional permissions
$loginUrl = $helper->getLoginUrl('https://example.com/fb-callback.php', $permissions);
echo '<a href="' . htmlspecialchars($loginUrl) . '">Login with Facebook!</a>';
点击以上链接,用户将被重定向至
login-callback.php
$fb = new Facebook\Facebook([
'app_id' => '{app-id}', // Replace {app-id} with your app id
'app_secret' => '{app-secret}',
'default_graph_version' => 'v2.2',
]);
$helper = $fb->getRedirectLoginHelper();
try {
$accessToken = $helper->getAccessToken();
} catch(Facebook\Exceptions\FacebookResponseException $e) {
// When Graph returns an error
echo 'Graph returned an error: ' . $e->getMessage();
exit;
} catch(Facebook\Exceptions\FacebookSDKException $e) {
// When validation fails or other local issues
echo 'Facebook SDK returned an error: ' . $e->getMessage();
exit;
}
if (! isset($accessToken)) {
if ($helper->getError()) {
header('HTTP/1.0 401 Unauthorized');
echo "Error: " . $helper->getError() . "\n";
echo "Error Code: " . $helper->getErrorCode() . "\n";
echo "Error Reason: " . $helper->getErrorReason() . "\n";
echo "Error Description: " . $helper->getErrorDescription() . "\n";
} else {
header('HTTP/1.0 400 Bad Request');
echo 'Bad request';
}
exit;
}
// Logged in
echo '<h3>Access Token</h3>';
var_dump($accessToken->getValue());
// The OAuth 2.0 client handler helps us manage access tokens
$oAuth2Client = $fb->getOAuth2Client();
// Get the access token metadata from /debug_token
$tokenMetadata = $oAuth2Client->debugToken($accessToken);
echo '<h3>Metadata</h3>';
var_dump($tokenMetadata);
// Validation (these will throw FacebookSDKException's when they fail)
$tokenMetadata->validateAppId({app-id}); // Replace {app-id} with your app id
// If you know the user ID this access token belongs to, you can validate it here
//$tokenMetadata->validateUserId('123');
$tokenMetadata->validateExpiration();
if (! $accessToken->isLongLived()) {
// Exchanges a short-lived access token for a long-lived one
try {
$accessToken = $oAuth2Client->getLongLivedAccessToken($accessToken);
} catch (Facebook\Exceptions\FacebookSDKException $e) {
echo "<p>Error getting long-lived access token: " . $helper->getMessage() . "</p>\n\n";
exit;
}
echo '<h3>Long-lived</h3>';
var_dump($accessToken->getValue());
}
$_SESSION['fb_access_token'] = (string) $accessToken;
// User is logged in with a long-lived access token.
// You can redirect them to a members-only page.
//header('Location: https://example.com/members.php');
弹出Facebook登录授权框,用户确定授权登录,在这里我们将获得 访问口令,最终页面显示内容如下:
Ps:
调用 getLoginUrl()
方法前,您需要确保启用了会话。在大多数 Web 框架中,这通常是自动完成的,但如果您没有使用 Web 框架,则可以将session_start();
添加到login.php
和login-callback.php
脚本的顶部。
记得引入SDK,你与Facebook交互的站点必须是https协议的。
二、延迟访问口令
因为用户首次登录你的应用时,应用收到的访问口令是短期访问口令,有效期大约为 2 小时。通常来说,建议你将短期访问口令更换为有效期约 60 天的长期访问口令。
#login-callback.php
// OAuth 2.0 client handler
$oAuth2Client = $fb->getOAuth2Client();
// Exchanges a short-lived access token for a long-lived one
$longLivedAccessToken = $oAuth2Client->getLongLivedAccessToken('{access-token}');
三、获取登录用户信息
$fb = new Facebook\Facebook([ 'app_id' => '{app-id}', 'app_secret' => '{app-secret}', 'default_graph_version' => 'v2.2', ]); try { // Returns a `Facebook\FacebookResponse` object $response = $fb->get('/me?fields=id,name', '{access-token}');//$_SESSION['fb_access_token'] } catch(Facebook\Exceptions\FacebookResponseException $e) { echo 'Graph returned an error: ' . $e->getMessage(); exit; } catch(Facebook\Exceptions\FacebookSDKException $e) { echo 'Facebook SDK returned an error: ' . $e->getMessage(); exit; } $user = $response->getGraphUser(); echo 'Name: ' . $user['name']; // OR // echo 'Name: ' . $user->getName();