问题
I'm currently asking users for two read permissions i.e. email
and user_location
and one write permssion i.e. publish_actions
. Following is the code snippet I'm using to verify if the user has granted all requested permissions:
$facebook = new Facebook(APP_ID, APP_SECRET, REDIRECT_URI);
if ( $facebook->IsAuthenticated() ) {
// Verify if all of the scopes have been granted
if ( !$facebook->verifyScopes( unserialize(SCOPES) ) ) {
header( "Location: " . $facebook->getLoginURL( $facebook->denied_scopes) );
exit;
}
...
}
Facebook
is a class I've customly built to wrap the login flow used by various classes in the SDK. IsAuthenticated()
makes the use of code
get variable to check if the user is authorized. verifyScopes()
checks granted permissions against SCOPES
and assings an array of denied scopes to denied_scopes
property. getLoginURL()` builds a login-dialog URL based on permissions passed as an an array as a only paramter.
Now, the problem is when the user doesn't grant write permissions, publish_actions
in this case, write permission dialog is shown until user grants the write permission. But if the user chooses to deny of the read permissions, say email
, the read login dialog isn't show. Instead Facebook redirects to the callback URL (that is REDIRECT_URI
) creating a redirect loop.
The application I'm builiding requires email
to be compulsorily provided but apparently the above approach (which seems to be the only) is failing. So, is there a workaround or a alternative way to achieve this? Or Facebook doesn't allow to ask for read permissions once denied?
回答1:
As of July 15, 2014, an update has been made to the Facebook PHP SDK 4.x that allows user to re-ask the declined permissions. The function prototype of getLoginUrl()
now looks like this.
public function getLoginUrl($redirectUrl, $scope = array(), $rerequest = false, $version = null)
So, to re-ask declined permissions we'd do something like this:
<?php
// ...
$helper = new FacebookRedirectLoginHelper();
if ($PermissionIsDeclined) {
header("Location: " . $helper->getLoginUrl( $redirect_uri, $scopes, true );
exit;
}
// ....
?>
回答2:
For the time being you can append &auth_type=rerequest to the getLoginUrl return value to enable a rerequest, kind of lame but it works.
$helper = new FacebookRedirectLoginHelper($app_url, $app_id, $app_secret);
$login = $helper->getLoginUrl(array('scope'=>'user_likes', 'user_location'));
print $login."&auth_type=rerequest";
回答3:
what about getReRequestUrl();
?
That works just fine.
Read more at https://developers.facebook.com/docs/php/FacebookRedirectLoginHelper/5.0.0
来源:https://stackoverflow.com/questions/24716168/facebook-php-sdk-4-0-cannot-re-ask-read-permissions-once-denied