开发者

How can I get a signed access token from facebook using OAuth 2.0?

I want to identify the an android native app user on my web service. I don't want to include a secret in my java, as that would be trivial to find. Using the javascript sdk on the website, the token is signed and I can verify it with the shared secret on the server, but the android sdk just gets a token.

I had hoped that I could pass the token and the signature to my web service and then I could verify that the actions the user were taking were authorized. Is there a way to get a signature of an access token (and the shared se开发者_如何学运维cret) already granted from facebook?


I ended up just passing the auth token to my web service, having the server verify it's valid (by getting graph.facebook.com/me) and then creating my own signed token that I sent back. I authorize based on that token from then on... Kinda lame.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜