Apstrata allows you to easily interact and integrate with Facebook's APIs by providing you with a native server-side scripting object: the apsdb.social.facebook object. Using the method exposed by this facebook object, you can implement authentication scenarios using your end user's Facebook credentials and invoke any Facebook graph API. Apstrata also provides you with utility scripts that you can deploy to your Apstrata application back-end, which will even facilitate more the integration of your application with Facebook.
Example : sign in you users with Facebook
Asking a user to sign-in to an application using his Facebook - or other social network - credentials is a very common scenario. This is why we assume in this example that you decide to implement it as a feature of the cool mobile game app that you are currently developing.
Before we start digging into the code, let us just remember the Facebook OAuth authentication process:
- Step 1: ask for authorization. A request is sent to Facebook along with a Facebook application id and secret, the authorization scope that is requested by the application (e.g. read the user's email address) and a callback URL. Facebook validates the requests and, if valid, returns an authorization URL to which the end user should be redirected.
- Step 2: end user authenticates and approves. The end user enters his Facebook credentials and grant the application access to what was defined in the authorization scope. Once this step is successfully achieved, Facebook redirects the request initiator to the provided callback URL, passing a temporary code along with the callback.
- Step 3: get definitive token from Facebook. The code has to be sent again to Facebook in order to obtain a definitive authentication token.
So let us now see how steps 1 and 3 above are easily implemented using Apstrata server-side scripts.