How to read facebook signed_request to get user_id

Question

How to read facebook signed_request to get user_id

According to Facebook - authentication in the Canvas Page Document , they say what we get signed_request, which consists of a JSON object. Now they say that it signed_requestcan go through. $_POST['signed_request']I agree that it works for me.

Now, according to them, if the user is registered, I get the value of the JSON object as follows: -

{
  "expires":UNIXTIME_WHEN_ACCESS_TOKEN_EXPIRES,
  "algorithm":"HMAC-SHA256",
  "issued_at":UNIXTIME_WHEN_REQUEST_WAS_ISSUED,
  "oauth_token":"USER_ACCESS_TOKEN",
  "user_id":"USER_ID",
  "user":{
    "country":"ISO_COUNTRY_CODE",
    "locale":"ISO_LOCALE_CODE",
    ...
  }
}

Now I want to extract user_idfrom this, so I use this piece of code, but it does not work: -

if(isset($_POST['signed_request']))
{
    echo 'YES';
    $json = $_POST['signed_request'];
    $obj = json_decode($json);
    print $obj->{'user_id'};    
}

Just type it YES. Why is this so?

- , user_id, facebook , 4-. , - , . .

+5

php facebook facebook-authentication facebook-app-requests facebook-canvas

Django Anonymous 15 . '12 16:32

4

FB SDK, user_id ( https://developers.facebook.com/docs/facebook-login/using-login-with-games/)

function parse_signed_request($signed_request) {
  list($encoded_sig, $payload) = explode('.', $signed_request, 2); 

  // decode the data
  $sig = base64_url_decode($encoded_sig);
  $data = json_decode(base64_url_decode($payload), true);

  // confirm the signature
  $expected_sig = hash_hmac('sha256', $payload, $secret, $raw = true);
  if ($sig !== $expected_sig) {
    error_log('Bad Signed JSON signature!');
    return null;
  }

  return $data;
}

function base64_url_decode($input) {
  return base64_decode(strtr($input, '-_', '+/'));
}

+6

Art Geigel 21 . '13 23:44

, , Art Geigel ( ).

,

   $secret = "appsecret"; // Use your app secret here

,

function parse_signed_request($signed_request) {
   list($encoded_sig, $payload) = explode('.', $signed_request, 2); 

   $secret = "appsecret"; // Use your app secret here

   // decode the data
   $sig = base64_url_decode($encoded_sig);
   $data = json_decode(base64_url_decode($payload), true);

   // confirm the signature
   $expected_sig = hash_hmac('sha256', $payload, $secret, $raw = true);
   if ($sig !== $expected_sig) {
      error_log('Bad Signed JSON signature!');
      return null;
   }

   return $data;
}

function base64_url_decode($input) {
   return base64_decode(strtr($input, '-_', '+/'));
}

signed_request, ...

$data = parse_signed_request($_POST['signed_request']);

echo '<pre>';
print_r($data);

+3

Steve 18 . '15 14:50

: jsonp

https://websta.me/fbappservice/parseSignedRequest/<append signed request here>

-

{
"algorithm": "HMAC-SHA256",
"issued_at": xxxxx,
"page": {
    "id": "xxxxxxx",
    "admin": true,
    "liked": false
},
"user": {
    "country": "jp",
    "locale": "en_US",
    "age": {
        "min": xx
    }
}

:

Bad signed Json Signature

!!

-1

Emil Reña Enriquez 08 . '14 7:09

Chris · Accepted Answer · 2012-08-15T17:27:44+0000

, json_decode($json), $json json, print_r($_POST['signed_request']);.

How to read facebook signed_request to get user_id

More articles: