User Access Tokens with Facebook Graph API

jstolpe · jstolpe · commit da1534e68316 · 2021-10-13T12:36:50.000-05:00
diff --git a/facebook_graph_api/defines.php b/facebook_graph_api/defines.php
@@ -0,0 +1,7 @@
+<?php
+	// fb defines
+	define( 'FB_APP_ID', '{FB-APP-ID}' );
+	define( 'FB_APP_SECRET', '{FB-APP-SECRET}' );
+	define( 'FB_REDIRECT_URI', '{REDIRECT-URI}' );
+	define( 'FB_GRAPH_VERSION', 'v12.0' );
+	define( 'FB_GRAPH_DOMAIN', 'https://graph.facebook.com/' );
diff --git a/facebook_graph_api/functions.php b/facebook_graph_api/functions.php
@@ -0,0 +1,83 @@
+<?php
+	/**
+	 * Make a a curl call to an endpoint with params
+	 *
+	 * @param string $endpoint we are hitting
+	 * @param string $type of request
+	 * @param array $params to send along with the request
+	 *
+	 * @return array with the api response
+	 */
+	function makeApiCall( $endpoint, $type, $params ) {
+		// initialize curl
+		$ch = curl_init();
+
+		// create endpoint with params
+		$apiEndpoint = $endpoint . '?' . http_build_query( $params );
+		
+		// set other curl options
+		curl_setopt( $ch, CURLOPT_URL, $apiEndpoint );
+		curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true );
+
+		// get response
+		$response = curl_exec( $ch );
+
+		// close curl
+		curl_close( $ch );
+
+		return array( // return data
+			'type' => $type,
+			'endpoint' => $endpoint,
+			'params' => $params,
+			'api_endpoint' => $apiEndpoint,
+			'data' => json_decode( $response, true )
+		);
+	}
+
+	/**
+	 * Get facebook api login url that will take the user to facebook and present them with login dialog.
+	 *
+	 * Endpoint: https://www.facebook.com/{fb-graph-api-version}/dialog/oauth?client_id={app-id}&redirect_uri={redirect-uri}&state={state}&scope={scope}&auth_type={auth-type}
+	 *
+	 * @param string $scope comma separated list of permissions being requested from the user..
+	 * @param string $state random generated to verify request is from facebook.
+	 * @return string
+	 */
+	function getFacebookLoginUrl( $permissions, $state ) {
+		// endpoint for facebook login dialog
+		$endpoint = 'https://www.facebook.com/' . FB_GRAPH_VERSION . '/dialog/oauth';
+
+		$params = array( // login url params required to direct user to facebook and promt them with a login dialog
+			'client_id' => FB_APP_ID,
+			'redirect_uri' => FB_REDIRECT_URI,
+			'state' => $state,
+			'scope' => $permissions,
+			'auth_type' => 'rerequest'
+		);
+
+		// return login url
+		return $endpoint . '?' . http_build_query( $params );
+	}
+
+	/**
+	 * Get an access token with the code from facebook.
+	 *
+	 * Endpoint https://graph.facebook.com/{fb-graph-version}/oauth/access_token?client_id{app-id}&client_secret={app-secret}&redirect_uri={redirect_uri}&code={code}
+	 *
+	 * @param string $code code returned from facebook, exchange for access token
+	 * @return array $response
+	 */
+	function getAccessTokenWithCode( $code ) {
+		// endpoint for getting an access token with code
+		$endpoint = FB_GRAPH_DOMAIN . FB_GRAPH_VERSION . '/oauth/access_token';
+
+		$params = array( // params for the endpoint
+			'client_id' => FB_APP_ID,
+			'client_secret' => FB_APP_SECRET,
+			'redirect_uri' => FB_REDIRECT_URI,
+			'code' => $code
+		);
+
+		// make the api call
+		return makeApiCall( $endpoint, 'GET', $params );
+	}
diff --git a/facebook_graph_api/get_user_access_token.php b/facebook_graph_api/get_user_access_token.php
@@ -0,0 +1,47 @@
+<?php
+	// include our defines file
+	include 'defines.php';
+
+	// include php functions
+	include 'functions.php';
+
+	// allow us to user php session
+	session_start();
+
+	if ( isset( $_GET['logout'] ) ) { // log user out
+		// clea session
+		unset( $_SESSION );
+
+		// refresh page
+		header( 'get_user_access_token.php' );
+	}
+
+	if ( !isset( $_SESSION['fb_access_token'] ) && isset( $_GET['code'] ) && isset( $_GET['state'] ) && $_GET['state'] == $_SESSION['fb_state'] ) { // we have get vars from facebook
+		// get access token and setit in the session
+		$accessToken = getAccessTokenWithCode( $_GET['code'] );
+		$_SESSION['fb_access_token'] = $accessToken['data'];
+	} elseif ( !isset( $_SESSION['fb_access_token'] ) ) {
+		// create state for fb
+		$_SESSION['fb_state'] = mt_rand( 1, 1000000 );
+
+		// get fb login url
+		$fbLoginUrl = getFacebookLoginUrl( 'email,public_profile', $_SESSION['fb_state'] );
+	}
+?>
+<h1>Facebook Graph API Get User Access Token</h1>
+<hr />
+<h3>$_SESSION</h3>
+<pre><?php print_r( $_SESSION ); ?></pre>
+<hr />
+<?php if ( isset( $fbLoginUrl ) ) : // need to display login with facebook to user ?>
+	<a href="<?php echo $fbLoginUrl; ?>">
+		Login With Facebook
+	</a>
+	<br />
+	<br />
+	href: <?php echo $fbLoginUrl; ?>
+<?php else : // user is logged so show logout ?>
+	<a href="get_user_access_token.php?logout=1">
+		Logout
+	</a>
+<?php endif; ?>
