facebook php sdk - ask for additional permissions later

1.2k views Asked by At

I am using the following code to check if the user has given permission to publish on user's wall. I don't want to get this permission initially at login because according to facebook that is a bad practice since user isn't aware what this permission might be used for. So at the time when user clicks on publish to facebook wall, I want to check if user has already given the permission to publish and if not ask for the permission. My code checks which permissions I have and stores in an array list of permissions which I don't have and require from the user.

Problem: But when I get the url and I click on it, it simply redirects me to the redirect url instead of asking permissions.

My code is as follows:

<?php
$permsNeeded = array();
$permsNeeded[] = "email";
$permsNeeded[] = "publish_stream";

require_once( 'includes/Facebook/HttpClients/FacebookHttpable.php' );
require_once( 'includes/Facebook/HttpClients/FacebookCurl.php' );
require_once( 'includes/Facebook/HttpClients/FacebookCurlHttpClient.php' );
require_once( 'includes/Facebook/Entities/AccessToken.php' );
require_once( 'includes/Facebook/Entities/SignedRequest.php' );

require_once( 'includes/Facebook/FacebookSession.php' );
require_once( 'includes/Facebook/FacebookRedirectLoginHelper.php' );
require_once( 'includes/Facebook/FacebookRequest.php' );
require_once( 'includes/Facebook/FacebookResponse.php' );
require_once( 'includes/Facebook/FacebookSDKException.php' );
require_once( 'includes/Facebook/FacebookRequestException.php' );
require_once( 'includes/Facebook/FacebookOtherException.php' );
require_once( 'includes/Facebook/FacebookAuthorizationException.php' );
require_once( 'includes/Facebook/GraphObject.php' );
require_once( 'includes/Facebook/GraphSessionInfo.php' );

use Facebook\HttpClients\FacebookHttpable;
use Facebook\HttpClients\FacebookCurl;
use Facebook\HttpClients\FacebookCurlHttpClient;

use Facebook\Entities\AccessToken;
use Facebook\Entities\SignedRequest;

use Facebook\FacebookSession;
use Facebook\FacebookRedirectLoginHelper;
use Facebook\FacebookRequest;
use Facebook\FacebookResponse;
use Facebook\FacebookSDKException;
use Facebook\FacebookRequestException;
use Facebook\FacebookOtherException;
use Facebook\FacebookAuthorizationException;
use Facebook\GraphObject;
use Facebook\GraphSessionInfo;

FacebookSession::setDefaultApplication("$appid","$appsecret");
$facebook = new FacebookRedirectLoginHelper("$redirectto");

if(isset($_SESSION['token'])){
    $fbsession = new FacebookSession($_SESSION['token']);
    try{
        $fbsession->Validate($id, $secret);
    }catch(FacebookAuthorizationException $e){
        $fbsession = '';
    }
}

if ( isset( $fbsession ) ) {
    $_SESSION['token'] = $fbsession->getToken();
    $request = new FacebookRequest( $fbsession, 'GET', '/me/permissions' );
    $response = $request->execute();
    $graphObject = $response->getGraphObject();
    $totalproperties = count($graphObject->getPropertyNames());
    $permsArray = array();
    for ($i = 0; $i < $totalproperties; $i++) {
        $permsArray[] = $graphObject->getProperty($i)->GetProperty('permission');
    }
    $permsToPrompt = array();
    for ($i = 0; $i < count($permsNeeded); $i++) {
        if (!in_array($permsNeeded[$i],$permsArray)) {
            $permsToPrompt[] = $permsNeeded[$i];
        }
    }
    if (count($permsToPrompt) > 0) {
        $scopeparams = implode(",",$permsToPrompt);
        $params = array(
            'scope' => $scopeparams
        );
        $helper = new FacebookRedirectLoginHelper($weburl);
        $loginUrl = $helper->getLoginUrl($params);
        echo $loginUrl;
        echo "<a href=\"$loginUrl\">test</a>";
        //header("Refresh:0;URL=$reloadurl");
    }
    else {
        //Post
    }
}

?>

On echo this returns the following url

https://www.facebook.com/v2.2/dialog/oauth?client_id={app_id_here}&redirect_uri={redirect_url_is_written_here}&state={some_value_here}&sdk=php-sdk-4.0.12&scope=publish_stream
1

There are 1 answers

0
Niraj Shah On BEST ANSWER

The way you're asking for permissions is incorrect. You should change your code to this instead:

$params = array( 'email', 'publish_actions' );
$helper = new FacebookRedirectLoginHelper( $weburl );
$loginUrl = $helper->getLoginUrl( $params );

The parameter $params passed to getLoginUrl is an array of permissions. You don't need to add scope like the old PHP SDK.