Difference between #1 and #2 of Facebook DeAuthorize callback URL and its response data.

unchanged
Title
Facebook DeAuthorize callback URL and its response data.
unchanged
Category
Tutorials
unchanged
Tags
facebook
changed
Content
Facebook Deauthorize callback is used to getting notification to the app owner
when a user uninstall our app from their fan page or profile.

We have an option in Facebook’s advanced section  of app settings named
“Deauthorize Callback“.Here we can specify a URL in ourserver.If we are
setting a URL in this section facebook will send a signed request to the
specified URL when a user uninstall our app from their fanpage or
profile.Facebook providing 2 functions to decode the signed Request and get the
encoded data using our app secret key.

Here is what i have done in my callback URL to get the singned request details,



~~~
[php]
<?php

if(isset($_REQUEST[‘signed_request’]))
  {   
$data=$this->parse_signed_request($_REQUEST[‘signed_request’],’YOUR_FB_SECRET_KEY’);

}

?>
~~~

But whats the problem here is that we cannot identify the structure of decoded
array $data.because this process is a hidden call so that we cannot print this
using print_r();

so what i have done is that stored it to a file by serializing after that i
restored this object by unserialize from that file in my server.

here is the code for that:

~~~
[php]
 $s=serialize($data);
 file_put_contents(‘yourfilename’,$s);
~~~

 The above 2 process is happening at the time of uninstall callback.after this 2
processes i executed one more code to get this from that file and print it out.



~~~
[php]
if(file_exists(‘yourfilename’))
  {
    $s=file_get_contents(‘yourfilename’);
    $data=unserialize($s);

    echo “<pre>”;
    print_r($data);
    echo “</pre>”;
  }
~~~
Then i got a result like below:



~~~
[php]
Array
    {
     [algorithm]=>HMAC-SHA256
     [issued_at]=>134534232 
     [profile_id]=>324556365474
     [user]=>Array(
                        [country]=>in
                        [locale]=>en_US

                        )
    [user_id]=>0

    }
~~~
Here  i got the fan page id as profile_id from this array .that is the fan page
id which is uninstalled my app if it is a user profile the we will get the user
facebook id in “user_id” from this array.

here is that 2 functions from facebook:
 
 

~~~
[php]
function parse_signed_request($signed_request, $secret) {
  list($encoded_sig, $payload) = explode(‘.’, $signed_request, 2); 

  // decode the data
  $sig = $this->base64_url_decode($encoded_sig);
  $data = json_decode($this->base64_url_decode($payload), true);

  if (strtoupper($data[‘algorithm’]) !== ‘HMAC-SHA256’) {
    error_log(‘Unknown algorithm. Expected HMAC-SHA256’);
    return null;
  }

  // check sig
  $expected_sig = hash_hmac(‘sha256’, $payload, $secret, $raw = true);
  if ($sig !== $expected_sig) {
    error_log(‘Bad Signed JSON signature!’);
    return null;
  }

  return $data;
}

public function base64_url_decode($input)
{
  return base64_decode(strtr($input, ‘-_’, ‘+/’));
}
~~~

By using this function you can decode that signed request and get the id of  the
uninstalled fan page or profile id.

Regards,

sirin k

[Yii developer](http://www.nintriva.com "Yii developer")