/** * Stores CSRF state and returns a URL to which the user should be sent to * in order to continue the login process with Facebook. The * provided redirectUrl should invoke the handleRedirect method. * If a previous request to certain permission(s) was declined * by the user, rerequest should be set to true or the permission(s) * will not be re-asked. * * @param string $redirectUrl The URL Facebook should redirect users to * after login. * @param array $scope List of permissions to request during login. * @param boolean $rerequest Toggle for this authentication to be a rerequest. * @param string $version Optional Graph API version if not default (v2.0). * @param string $separator The separator to use in http_build_query(). * * @return string */ public function getLoginUrl($redirectUrl, array $scope = [], $rerequest = false, $version = null, $separator = '&') { $version = FacebookRequest::getDefaultGraphApiVersion($version); $state = $this->generateState(); $this->storeState($state); $params = ['client_id' => $this->app->getId(), 'redirect_uri' => $redirectUrl, 'state' => $state, 'sdk' => 'php-sdk-' . FacebookRequest::VERSION, 'scope' => implode(',', $scope)]; if ($rerequest) { $params['auth_type'] = 'rerequest'; } return 'https://www.facebook.com/' . $version . '/dialog/oauth?' . http_build_query($params, null, $separator); }
public function testPreppingABatchRequestProperlySetsThePostParams() { $batchRequest = $this->createBatchRequest(); $batchRequest->add(new FacebookRequest(null, 'bar_token', 'GET', '/foo'), 'foo_name'); $batchRequest->add(new FacebookRequest(null, null, 'POST', '/bar', ['foo' => 'bar'])); $batchRequest->prepareRequestsForBatch(); $params = $batchRequest->getParams(); $expectedHeaders = json_encode($this->defaultHeaders()); $version = FacebookRequest::getDefaultGraphApiVersion(); $expectedBatchParams = ['batch' => '[{"headers":' . $expectedHeaders . ',"method":"GET","relative_url":"\\/' . $version . '\\/foo?access_token=bar_token&appsecret_proof=2ceec40b7b9fd7d38fff1767b766bcc6b1f9feb378febac4612c156e6a8354bd","name":"foo_name"},' . '{"headers":' . $expectedHeaders . ',"method":"POST","relative_url":"\\/' . $version . '\\/bar","body":"foo=bar&access_token=foo_token&appsecret_proof=df4256903ba4e23636cc142117aa632133d75c642bd2a68955be1443bd14deb9"}]', 'include_headers' => true, 'access_token' => 'foo_token', 'appsecret_proof' => 'df4256903ba4e23636cc142117aa632133d75c642bd2a68955be1443bd14deb9']; $this->assertEquals($expectedBatchParams, $params); }
public function testParamsAreNotOverwritten() { $app = new FacebookApp('123', 'foo_secret'); $request = new FacebookRequest($app, $accessToken = 'foo_token', $method = 'GET', $endpoint = '/foo', $params = ['access_token' => 'bar_access_token', 'appsecret_proof' => 'bar_app_secret']); $url = $request->getUrl(); $expectedParams = 'access_token=bar_access_token&appsecret_proof=bar_app_secret'; $expectedUrl = '/' . FacebookRequest::getDefaultGraphApiVersion() . '/foo?' . $expectedParams; $this->assertEquals($expectedUrl, $url); $params = $request->getParams(); $expectedParams = ['access_token' => 'bar_access_token', 'appsecret_proof' => 'bar_app_secret']; $this->assertEquals($expectedParams, $params); }