Yii 1.1: Facebook DeAuthorize callback URL and its response data.

6 followers

Facebook Deauthorize callback is used to getting notification to the app owner when a user uninstall our app from their fan page or profile.

We have an option in Facebook’s advanced section of app settings named “Deauthorize Callback“.Here we can specify a URL in ourserver.If we are setting a URL in this section facebook will send a signed request to the specified URL when a user uninstall our app from their fanpage or profile.Facebook providing 2 functions to decode the signed Request and get the encoded data using our app secret key.

Here is what i have done in my callback URL to get the singned request details,

<?php
 
if(isset($_REQUEST[signed_request]))
  {    $data=$this->parse_signed_request($_REQUEST[signed_request],’YOUR_FB_SECRET_KEY);
 
}
 
?>

But whats the problem here is that we cannot identify the structure of decoded array $data.because this process is a hidden call so that we cannot print this using print_r();

so what i have done is that stored it to a file by serializing after that i restored this object by unserialize from that file in my server.

here is the code for that:

$s=serialize($data);
 file_put_contents(yourfilename’,$s);

The above 2 process is happening at the time of uninstall callback.after this 2 processes i executed one more code to get this from that file and print it out.

if(file_exists(yourfilename))
  {
    $s=file_get_contents(yourfilename);
    $data=unserialize($s);
 
    echo “<pre>”;
    print_r($data);
    echo “</pre>”;
  }

Then i got a result like below:

Array
    {
     [algorithm]=>HMAC-SHA256
     [issued_at]=>134534232 
     [profile_id]=>324556365474
     [user]=>Array(
                        [country]=>in
                        [locale]=>en_US
 
                        )
    [user_id]=>0
 
    }

Here i got the fan page id as profile_id from this array .that is the fan page id which is uninstalled my app if it is a user profile the we will get the user facebook id in “user_id” from this array.

here is that 2 functions from facebook:

function parse_signed_request($signed_request, $secret) {
  list($encoded_sig, $payload) = explode(‘.’, $signed_request, 2); 
 
  // decode the data
  $sig = $this->base64_url_decode($encoded_sig);
  $data = json_decode($this->base64_url_decode($payload), true);
 
  if (strtoupper($data[algorithm]) !== ‘HMAC-SHA256) {
    error_log(Unknown algorithm. Expected HMAC-SHA256);
    return null;
  }
 
  // check sig
  $expected_sig = hash_hmac(sha256’, $payload, $secret, $raw = true);
  if ($sig !== $expected_sig) {
    error_log(Bad Signed JSON signature!’);
    return null;
  }
 
  return $data;
}
 
public function base64_url_decode($input)
{
  return base64_decode(strtr($input, ‘-_’, ‘+/’));
}

By using this function you can decode that signed request and get the id of the uninstalled fan page or profile id.

Regards,

sirin k

Total 1 comment

#9678 report it
MAHESH.E.U at 2012/09/03 04:15am
good one

That was great

Leave a comment

Please to leave your comment.

Write new article
  • Written by: sirin k
  • Category: Tutorials
  • Yii Version: 1.1
  • Votes: +3
  • Viewed: 9,042 times
  • Created on: Sep 1, 2012
  • Last updated: never
  • Tags: facebook