After authorization, Facebook redirects to my website but userID is not set

A user visits my application's canvas page which directs them to authorize the application. It then redirects 开发者_如何转开发them to my website where I use the PHP SDK to look up information about the user.

Unfortunately the userID is returning 0 after the redirect from Facebook.

$fb_user = $facebook->getUser();

This ONLY happens immediately after authorization. If the user navigates to another page on my site, or reloads the page, the correct UID is returned and everything works as expected.

Could the redirect happen before Facebook completes the authorization? Does Facebook send the userID in the redirect? (Can that be configured?)

Work-around for this issue:

On my canvas page, I access the request_ids and append them to the query string of the url for the authorization request. The authorization will forward the request_ids parameter on to my website.

Javascript on an "authorize" link:

top.location = "http://www.facebook.com/dialog/oauth?client_id=MY_CLIENT_ID&scope=PERMISSIONS,MORE_PERMISSIONS&redirect_uri=http://www.MY_WEB_SITE.com/?request_ids=<?php echo $_REQUEST['request_ids']; ?>";

Then, on my website, I check for the Faecbook user_id. If that is 0, I look for the request_id parameter. If there, I make an api call to the graph to get the associated user_id. I use the user_id INSTEAD OF calling /me:

if ($fb_user===0){ //if Facebook doesn't return the user (the bug)

    $request_ids = explode( ',', $_REQUEST['request_ids'], 1 ); //get the request_ids param, limit this to one since all request_ids will reference the same user_id
    $request_info = $facebook->api('/' + $request_ids[0],'GET'); //get the request info
    $fb_user_profile = $facebook->api('/' + $request_info['to']['id']); // $request_info['to']['id'] is the associated user_id (who the request was sent to)
}
else {
    $fb_user_profile = $facebook->api('/me');
}

A call to /me returns nothing since Facebook isn't returning a logged-in user. (The bug.)

This is boiled down a little bit, but you get the idea...

We get this, the first page after the authorisation callback either gives no user, no perms or both. Should be logged as a bug

Adam's workaround works great, but due to some reasons it didn't fully suit me. My solution was to get all required user data from JS authorization and write it into php session. Hope, it will help someone.

JS auth function:

FB.login( function( response ) {
    if ( response.authResponse ) {
        FB.api('/me', function( response ) {
            $.ajax({
                url: 'action.php',
                type: 'POST',
                data: {
                    id:             response.id,
                    name:           response.name,
                    birthday:       response.birthday,
                    location_id:    response.location.id,
                    location_name:  response.location.name,
                    gender:         response.gender,
                    email:          response.email
                },
                success: function() {
                    location.href = 'some-page.php';
                }
            });
        });
    } else {
        alert("Please agree to the Facebook permissions.");
    }
}, { scope:'user_location, user_birthday, email, publish_actions' } );

Action.php

session_start();
$_SESSION['user_info']['id']                = $_REQUEST['id'];
$_SESSION['user_info']['name']              = $_REQUEST['name'];
$_SESSION['user_info']['birthday']          = $_REQUEST['birthday'];
$_SESSION['user_info']['location']['id']    = $_REQUEST['location_id'];
$_SESSION['user_info']['location']['name']  = $_REQUEST['location_name'];
$_SESSION['user_info']['gender']            = $_REQUEST['gender'];
$_SESSION['user_info']['email']             = $_REQUEST['email'];