Talk:How Facebook Authenticates Your Application

From Facebook Developer Wiki

Jump to: navigation, search

This page currently claims: "There are only two methods that happen outside the context of a session".

However, I believe this claim is out of date. Since the change to the "new" profile style and application permissions systems, several calls no longer require a session. e.g., Notifications.sendEmail says, "This method does not require a session for Web applications.". Similarly, Users.getInfo says, "This call no longer requires a session key"

Am I correct in believing that the "only two methods" claim is out of date? 13:00, 2 October 2008 (PDT)

This documentation seems totally divergent from the code that ships in the demo app, 'page_app_demo', and also varies from real world experience, which shows that all that is required to call this API is "markup" (i.e. the FBML to show in the profile), and the UID.

[edit] examples

Can this page place in some example of how to do this? like a REST example or something?

[edit] Python

If someone would have showed it to me like this it would have been clearer to me:

args = [
( "api_key",settings.FACEBOOK_API_KEY ),
( "call_id", int(time.time()) ),
( "fields","first_name,last_name,profile_url" ),
( "format","JSON" ),
( "method","Users.getInfo" ),
( "uids","XXXXX,XXXXXX,XXXXXX" ),
( "v","1.0" ),
]

sig = md5( "%s%s" % ( "".join( ["%s=%s" % (k,v) for k,v in args] ), secret_key) )
post_data = "%s&sig=%s" % ( "&".join( ["%s=%s" % (f,v) for f,v in args] ), sig )

urlfetch.fetch(
url='http://api.facebook.com/restserver.php',
payload=post_data,
method=urlfetch.POST,
headers={'Content-Type': 'application/x-www-form-urlencoded'}
)

>>> HTTP POST: http://api.facebook.com/restserver.php?api_key=XXXXX&call_id=XXXXXX&fields=first_name,last_name,profile_url&format=JSON&method=Users.getInfo&uids=XXXXX,XXXXXX,XXXXXX&v=1.0


Retrieved from "http://wiki.developers.facebook.com/index.php/Talk:How_Facebook_Authenticates_Your_Application"
reference