一、开发者后台账号设置
web site
sit url: http://apps.facebook.com/app_name/
facebook Integration
canvas url: http://your_real_domain/
iframe size: auto_resize
bookmark url: you_app_url
tab name: you_app_name
tab url: your_real_domain
advanced
sandbox mode: enable disable时,只有测试号可以登录app
Remove Deprecated Auth Methods:disabled
Stream post URL security: enabled
OAuth 2.0 for Canvas: enabled
Timezone-less events: enabled
Upgrade to Requests 2.0: disabled
Develop Using Deprecated FBML Canvas: disabled
二、验证和授权代码
def parse_signed_request(signed_request):
signed_request = str(signed_request)
encoded_sig, payload = signed_request.split(".", 2)
encoded_sig2 = str(encoded_sig) + "=="
payload2 = str(payload) + "=="
sig = base64.b64decode(encoded_sig2, "-_")
data = simplejson.loads(base64.b64decode(payload2, "-_"))
expected_sig = hmac.new(settings.SNS_SECRET_KEY, payload, hashlib.sha256).digest()
sig_ok = expected_sig == sig
return data, sig_ok
if request.POST.has_key('signed_request'):
signed_request = request.POST.get("signed_request", '')
data, sig_ok = parse_signed_request(signed_request)
if not sig_ok:
return HttpResponse("SIG_ERROR")
if not data.has_key('user_id') or not data.has_key('oauth_token'):
app_id = settings.SNS_APP_ID
sns_url = settings.SNS_URL
redirect_uri = urllib.quote_plus(sns_url)
redirect_url = "https://www.facebook.com/dialog/oauth?client_id=%s&redirect_uri=%s&scope=email,read_stream" %(app_id, redirect_uri)
return render_to_response('%s/freegift/redirect.html' % (settings.SNS), {'redirect_url': redirect_url})
access_token = data['oauth_token']
to_sns_id = data['user_id']
else:
return HttpResponse("")
三、REST API
def get_request_info(access_token, request_id):
try:
graph_url = "https://graph.facebook.com/%s?access_token=%s" % (request_id, access_token)
data = simplejson.loads( urllib2.urlopen(graph_url).read() )
return data['from']['id'], data['to']['id']
except:
return '', ''
def check_is_fan(access_token, sns_id):
try:
q = 'SELECT uid FROM page_fan WHERE page_id="%s" and uid=%s' % (settings.SNS_APP_ID , sns_id)
q = urllib2.quote(q)
graph_url = "https://api.facebook.com/method/fql.query?access_token=%s&query=%s&format=json" % (access_token, q)
fan = simplejson.loads( urllib2.urlopen(graph_url).read())
if len(fan)>0:
return True
return False
except:
return False
def convert_session_to_access_token(skey):
try:
service_url = 'https://graph.facebook.com/oauth/exchange_sessions'
params = {}
params['type'] = 'client_cred'
params['client_id'] = settings.SNS_APP_ID
params['client_secret'] = settings.SNS_SECRET_KEY
params['sessions'] = skey
data = urllib.urlencode(params)
req = urllib2.Request(service_url)
result = simplejson.loads( urllib2.urlopen(req, data).read() )
return result[0]['access_token']
except:
return 'CONVERT_FAILED'
def get_sns_id(access_token):
try:
graph_url = "https://graph.facebook.com/me?access_token=%s&fields=id" % access_token
profile = simplejson.loads( urllib2.urlopen(graph_url).read() )
return profile['id']
except:
return 'SNS_API_ERROR'
def get_sns_user(access_token, sns_id, fields='name,picture'):
try:
graph_url = "https://graph.facebook.com/me?access_token=%s&fields=id,name,picture" % access_token
user = simplejson.loads( urllib2.urlopen(graph_url).read() )
return user['name'],user['picture']
except:
return 'SNS_API_ERROR'
def get_third_party_id(access_token, sns_id):
try:
graph_url = "https://graph.facebook.com/me?access_token=%s&fields=third_party_id" % access_token
user = simplejson.loads( urllib2.urlopen(graph_url).read() )
return user['third_party_id']
except:
return 'SNS_API_ERROR'
def get_app_friends(access_token):
try:
graph_url = "https://api.facebook.com/method/friends.getAppUsers?access_token=%s&format=json" % access_token
friend_ids = simplejson.loads( urllib2.urlopen(graph_url).read() )
if type(friend_ids) == types.ListType:
return friend_ids
else:
return []
except:
return 'SNS_API_ERROR'
def get_all_friends(access_token):
try:
graph_url = "https://api.facebook.com/method/friends.get?access_token=%s&format=json" % access_token
friend_ids = simplejson.loads( urllib2.urlopen(graph_url).read() )
if type(friend_ids) == types.ListType:
return friend_ids
else:
return []
except:
return 'SNS_API_ERROR'
def get_are_friends(access_token, uids1, uids2):
try:
graph_url = "https://api.facebook.com/method/friends.areFriends?uids1=%s&uids2=%s&access_token=%s&format=json" % (uids1, uids2, access_token)
are_friends = simplejson.loads( urllib2.urlopen(graph_url).read() )
return are_friends[0]["are_friends"]
except:
return 'SNS_API_ERROR'
def get_fan_status(access_token, sns_id):
try:
q = 'SELECT uid FROM page_fan WHERE page_id="%s" and uid=%s' % (settings.SNS_APP_ID , sns_id)
q = urllib2.quote(q)
graph_url = "https://api.facebook.com/method/fql.query?access_token=%s&query=%s&format=json" % (access_token, q)
fan = simplejson.loads( urllib2.urlopen(graph_url).read())
if len(fan)>0:
return 1
return 0
except:
return 'SNS_API_ERROR'
def get_progressbar_status(access_token, sns_id):
try:
q = "SELECT bookmarked,email,publish_stream FROM permissions WHERE uid=%s" % sns_id
q = urllib2.quote(q)
graph_url = "https://api.facebook.com/method/fql.query?access_token=%s&query=%s&format=json" % (access_token, q)
bookmarked = simplejson.loads( urllib2.urlopen(graph_url).read())
return bookmarked[0]
except:
return 'SNS_API_ERROR'