Created
October 10, 2011 17:28
-
-
Save shaliko/1275868 to your computer and use it in GitHub Desktop.
Facebooker2 for iframe FB app
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
class FacebookController < ApplicationController | |
before_filter :set_p3p_header_for_third_party_cookies | |
before_filter :ensure_authenticated_to_facebook | |
def index | |
end | |
protected | |
#each time a user visits apps.facebook.com/xxx_app, we will refresh their access token | |
#1 - check for a user_id from the signed_request | |
#2 - check the session for an active user | |
#3 - nothing worked. redirect to the auth page. | |
def ensure_authenticated_to_facebook | |
if current_facebook_user == nil | |
Rails.logger.info "no auth token, session, or cookie found." | |
top_redirect_to auth_url | |
end | |
end | |
#creates the oauth url for the user to request authorize and authenticate | |
# more details on the scope and display options can be found here: | |
# http://developers.facebook.com/docs/authentication/ | |
def auth_url | |
url = authenticator.authorize_url(:scope => 'offline_access', :display => 'page') | |
logger.info "redirecting to " + url | |
return url | |
end | |
def authenticator | |
# by redirecting back to HTTP_REFERER, we will go back to the the apps.facebook.com request! | |
# if there is no referrer, send this request url as the callback url | |
redirect_url = (@_request.env["HTTP_REFERER"] != nil ? | |
@_request.env["HTTP_REFERER"] : | |
@_request.env["rack.url_scheme"] + "://" + @_request.env["HTTP_HOST"] + @_request.env["REQUEST_PATH"]) | |
@authenticator ||= Mogli::Authenticator.new(Facebooker2.app_id, | |
Facebooker2.secret, | |
redirect_url ) | |
end | |
# Redirects the top window to the given url if the content is in an iframe, otherwise performs | |
# a normal redirect_to call. | |
def top_redirect_to(url) | |
render :layout => false, :inline => '<html><head><script type="text/javascript">window.top.location.href = '+ | |
url.to_json+ | |
';</script></head></html>' | |
end | |
end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment