troubleshooting Question

facebook apps signed_request is empty after user authorizes the app

Avatar of rajoo_sharma
rajoo_sharma asked on
3 Comments1 Solution1601 ViewsLast Modified:

In our facebook canvas app, just after user authorizes the app, the signed_request is passed empty, i.e. the very first time.

The logic of the app is fairly simple,
1. If user is not a page fan, show an image that says click like to get the discount coupon
2. If user is a fan but not authorized the app, run the OAuth dialog to get the permission
3. If user is a fan and already authorized the app, show the discount coupon.

The problem is at the point 2, just after user authorizes the app, the signed_request parameter is empty therefore the discount coupon can not be displayed, when you click the tab again or refresh the page you get the discount coupon because the app gets the signed_request parameter.

So why it is not passed just after the authorization? Following is from my app:
$f1 = new Fb_ypbox();

if($signed_request = parsePageSignedRequest()) {
	if($signed_request->page->liked) {//user already likes us
		$signed_request = $_REQUEST["signed_request"];
		list($encoded_sig, $payload) = explode('.', $signed_request, 2);
		$data = json_decode(base64_decode(strtr($payload, '-_', '+/')), true);
		if (empty($data["user_id"])) {//User has not authorized the app, call the OAuth dialog to get the permission
			echo '<a href="#" id="fb_box_fb_login_btn" style="font-size:20px;">Click here to get your code</a>';
			echo '<script type="text/javascript">';
			echo 'call_oautho_dialog = true;';
			echo '</script>';
		} else {//User has already authorized, show the details
			$user_data = $f1->getUserData();
			$result = get_settings();
			for($i=0; $i<count($result); $i++) {
				$settings[$result[$i]['meta_key']] = $result[$i]['meta_value'];
			$settings['locked_content'] = stripslashes($settings['locked_content']);		
			$settings['locked_content'] = str_replace('{picture}', $fb_image, $settings['locked_content']);
			$settings['locked_content'] = str_replace('{name}', $user_data['name'], $settings['locked_content']);

			//Here comes your content that only can be seen by users who have connected
			echo '<div style="margin-top:40px;">'.$settings['locked_content'].'</div>';
	} else {//User is not a fan, request him to like our page
		echo '<img src="include/images-custom/faceboook-page-unlike.jpg" alt="Like us to get the discount coupon" />';
} else {//User is a fan and has also authorized us but the signed_request is empty, and this is the issue when someone very first time authorizes the app, this appears
	echo 'Refresh the page';

Join the community to see this answer!
Join our exclusive community to see this answer & millions of others.
Unlock 1 Answer and 3 Comments.
Join the Community
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 3 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros