Simple question really, I've been looking all over the Internet probably for the past few days for several hours a day looking for some solid information on OpenID and Facebook Connect integration on a website.
I have seen the same names popup such as Janrain offering their solution, but I see a lot of websites such as Invision Power Board forums and even here at StackOverflow utilising different solutions.
The main two logins we wish to accept on our site are Facebook and Twitter. I've really been looking for a tutorial, or at least a guide to incorporating this functionality into a PHP website.
If anyone has any information or any pointers that would be great.
Thanks!
In continuing with our efforts toward greater openness, we are excited to announce that Facebook is now an OpenID relying party.
Make sure the URL of your site is defined when configuring the Facebook application. Create an OAuth2 Token asset. On the Details screen, enter the ID and Secret provided to you by Facebook in the Client ID and Client Secret fields. In the Authorisation Endpoint field, enter https://graph.facebook.com/oauth/authorize.
You can simply request https://graph.facebook.com/me?access_token=xxxxxxxxxxxxxxxxx if you get an error, the token is invalid. If you get a JSON object with an id property then it is valid. Unfortunately this will only tell you if your token is valid, not if it came from your app.
I'd start with the official docs. They're pretty good.
http://developers.facebook.com/docs/authentication/
http://dev.twitter.com/pages/sign_in_with_twitter
The twitter one is a little more obtuse, but it's still pretty easy to follow.
For Twitter, just use their simple JavaScript SDK:
But I would really avoid implementing these services myself. E.g. Twitter anywhere is maybe painless to setup, but then you rely on their JavaScript. It's been down before and then your page takes ages to load or doesn't load at all.
I haven't tried the new Facebook APIs, but 2 years ago, I wasted a way a week of my life trying to integrate their API and the general idea I got was -- unless you know someone at Facebook that can check out some log or let you know why this API doesn't respond like it's supposed to, you're just on your own.
We do use Janrain's engage product (free). It works really, really well.
Dealing with all these services directly is a royal (!) PITA. They are down, change how they work, mis-behave -- it's good to outsource that to someone who seems to know all the ins and outs. In our case Janrain.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With