Announcement Announcement Module
No announcement yet.
Facebook Canvas app using Spring Social Page Title Module
Move Remove Collapse
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • Facebook Canvas app using Spring Social

    I'm trying to move my in-progress facebook canvas app development to Spring Social. Am really excited by this API. However, I'm confused as to how and when the initial signed_request String gets parsed and evaluated by Spring Social Facebook. So normally, I read this signed_request POST parameter Facebook sends when someone visits my canvas app. I have to split the String from its signature and base64 encoded JSON data payload. I verify the signature, spitting back an error if not valid. I then translate that JSON encoded String to a Java object. And then I can get the user, etc.

    When does Spring Social Facebook do this? And what does it do if the signature is invalid? I looked at the sample canvas app and couldn't figure it out.

  • #2
    Actually, Spring Social doesn't deal with signed_request (yet). When I wrote the Spring Social Canvas sample, I did it to show how the conventional OAuth 2 flow would work in a canvas app (primarily because there were others asking if it would work that way). It wasn't until after that that I realized the signed_request would be more appropriate for a canvas-based application. I do intend to revisit that sample and have it use signed_request--and when I do, I suspect some new features for Spring Social will come out of it to support that scenario. But at this point, Spring Social doesn't deal with signed_request.


    • #3
      Thanks for the quick response Craig! I see now, so the user is simply redirected to the OAuth dialog in all cases and when he returns you get an access_token from the OAuth flow.