Auth.getSession es
From Facebook Developer Wiki
Contents |
Description
Devuelve la session key, atravez de un auth_token al aƱadir la aplicacion o uno creado por auth.createToken. Recorda que el auth_token caduca aun que alla fallado el Auth.getSession. ;)
Parameters
| Required | Name | Type | Description | |
| required | api_key | string | The application key associated with the calling application. If you specify the API key in your client, you don't need to pass it with every call. es la key de la aplicacion | |
|---|---|---|---|---|
| sig | string | An MD5 hash of the current request and your secret key, as described in the How Facebook Authenticates Your Application. Facebook computes the signature for you automatically. | ||
| v | string | This must be set to 1.0 to use this version of the API. If you specify the version in your client, you don't need to pass it with every call. vercion de la plataforma por el momento 1.0 | ||
| auth_token | string | El obtenido del ADD de la aplicacion o por auth.createToken | ||
| optional | format | string | The desired response format, which can be either XML or JSON. (Default value is XML.) | |
| callback | string | FALTA TRADUCIR Name of a function to call. This is primarily to enable cross-domain JavaScript requests using the <script> tag, also known as JSONP, and works with both the XML and JSON formats. The function will be called with the response passed as the parameter. | ||
| generate_session_secret | bool | FALTA TRADUCIR Whether to generate a temporary session secret associated with this session. This is for use only with non-infinite sessions, for applications that want to use a client-side component without exposing the application secret. Note that the app secret will continue to be used for all server-side calls, for security reasons. |
Response
FALTA TRADUCIRIf the user has successfully logged in, this returns valid values for each field. The expires element is a Unix time that indicates when the given session expires. If the value is 0, the session never expires. See Authorizing Applications for more information.
For desktop applications, the top-level element auth_getSession_response has an additional element named secret that should be used as the session's secret key as described in the authentication guide.
Example Return JSON
Error Codes
| Code | Description | |
| 1 | An unknown error occurred. Please resubmit the request. | |
|---|---|---|
| 2 | The service is not available at this time. | |
| 4 | The application has reached the maximum number of requests allowed. More requests are allowed once the time window has completed. | |
| 5 | The request came from a remote address not allowed by this application. | |
| 100 | One of the parameters specified was missing or invalid. For example, not passing auth_token to login.php can cause this error. | |
| 101 | The API key submitted is not associated with any known application. | |
| 104 | Incorrect signature. |
Notes
For desktop applications this method should be called at the https endpoint instead of the http endpoint, and its return value is slightly different (as noted above). It is worth to be noted that this method will still work even if it is called at the http endpoint, but it is less secure.
Note also that this function does not require a session_key or call_id (although specifying a call_id does not cause any problems). The session key can be stored for the duration of the session, and the uid can be stored indefinitely.
For facebook canvas pages, the session key is passed using POST to your page with the id 'fb_sig_session_key'.
