Reputation: 589
How to handle facebook authorization when user clicks "dont allow"
I'm working on developing a facebook tab application that works out of an iFrame. I have everything working perfectly on the authorization side except for handling cases where the user clicks "Don't Allow". But here I'm stuck. After spending several hours last night trying to work out the kinks I have no idea where to go from here.
The flow my application is taking is this. First the user is prompted to "Like" the page to access more of the application. At this point if they click like the next step is revealed but first a check is made to see if the app has authorization. If not some JS is place in the onload event that redirects the parent frame to the authorization link with the return_uri set to the link for the page's app tab. This works perfect if the user clicks Allow. If they click Don't Allow then it ends up going in a loop as things stand, repeatedly going back to the authorization page. What I would like it to do is display a little explanation page with a link back to the authorization page if the user wishes to reconsider their choice.
I found that the problem preventing me from handling this ok is that the application is in an iframe on the page the return_uri links back to (the app tab on the page). So the error and error_reason GET vars aren't available to my code, only the parent frame which is facebook and not under my control.
What can I do to get this functionality added to my application? Thanks!
Upvotes: 2
Views: 814
Answers (1)
Reputation: 19319
I had this exact same problem with a page tab. I am using the OAuth dialog to handle the login but like you say, you redirect to the page url with the app in it and you can't get the error.
What I did was set a session variable that I was attempting to authorize before redirecting to the auth dialog. That way if I end up not getting an authorized user I can see they tried already and show an appropriate message. Something like this:
$facebook = new Facebook(array(
'appId'=>'my_app_id',
'secret'=>'my_secret')
);
$fb_user = $facebook->getUser();
if( $fb_user ) {
$_SESSION['auth_check'] = 0;
// rest of application is authorized
}
elseif( isset($_SESSION['auth_check']) && $_SESSION['auth_check'] ) {
// we attempted to authorize before and something went wrong
// show a message explaining they need to authorize
$_SESSION['auth_check'] = 0; // set so they get the auth screen again
}
else {
$_SESSION['auth_check'] = 1; // attempting to authorize
header("Location: $fb_oauth_dialog");
}
Hope that helps!
Upvotes: 3
Related Questions
- Asking for specific User Permission in Facebook Application
- facebook php sdk - catch if user didnt give permissions (authentication failed)
- Facebook PHP API - redirect user when they deny permission
- Denying facebook authentication
- Making client side authorization to Facebook using Javascript JQuery
- Facebook request permissions example?
- Give up permissions using facebook javascript API
- facebook permissions request without login button
- How to redirect to page after allowing permission in Facebook
- Can I redirect the browser if the user clicks 'Don't Allow'?