Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

OpenID and FB Connect Tutorial

Simple question really, I've been looking all over the Internet probably for the past few days for several hours a day looking for some solid information on OpenID and Facebook Connect integration on a website.

I have seen the same names popup such as Janrain offering their solution, but I see a lot of websites such as Invision Power Board forums and even here at StackOverflow utilising different solutions.

The main two logins we wish to accept on our site are Facebook and Twitter. I've really been looking for a tutorial, or at least a guide to incorporating this functionality into a PHP website.

If anyone has any information or any pointers that would be great.

Thanks!

like image 624
lethalMango Avatar asked Oct 20 '10 23:10

lethalMango


People also ask

Does Facebook support OpenID connect?

In continuing with our efforts toward greater openness, we are excited to announce that Facebook is now an OpenID relying party.

How do I use OAuth on Facebook?

Make sure the URL of your site is defined when configuring the Facebook application. Create an OAuth2 Token asset. On the Details screen, enter the ID and Secret provided to you by Facebook in the Client ID and Client Secret fields. In the Authorisation Endpoint field, enter https://graph.facebook.com/oauth/authorize.

How do I verify my Facebook login backend?

You can simply request https://graph.facebook.com/me?access_token=xxxxxxxxxxxxxxxxx if you get an error, the token is invalid. If you get a JSON object with an id property then it is valid. Unfortunately this will only tell you if your token is valid, not if it came from your app.


2 Answers

I'd start with the official docs. They're pretty good.

http://developers.facebook.com/docs/authentication/

http://dev.twitter.com/pages/sign_in_with_twitter

The twitter one is a little more obtuse, but it's still pretty easy to follow.

like image 129
Brent Avatar answered Sep 20 '22 17:09

Brent


For Twitter, just use their simple JavaScript SDK:

  • http://dev.twitter.com/anywhere/begin

But I would really avoid implementing these services myself. E.g. Twitter anywhere is maybe painless to setup, but then you rely on their JavaScript. It's been down before and then your page takes ages to load or doesn't load at all.

I haven't tried the new Facebook APIs, but 2 years ago, I wasted a way a week of my life trying to integrate their API and the general idea I got was -- unless you know someone at Facebook that can check out some log or let you know why this API doesn't respond like it's supposed to, you're just on your own.

We do use Janrain's engage product (free). It works really, really well.

Dealing with all these services directly is a royal (!) PITA. They are down, change how they work, mis-behave -- it's good to outsource that to someone who seems to know all the ins and outs. In our case Janrain.

like image 39
Till Avatar answered Sep 18 '22 17:09

Till