From v2.3, allow JSON formatted token response

oklahomer / p5-Facebook-OpenGraph

https://metacpan.org/release/Facebook-OpenGraph

Other

14 stars 5 forks source link

From v2.3, allow JSON formatted token response #8

Closed oklahomer closed 9 years ago

oklahomer commented 9 years ago

The changelog states that /oauth/access_token endpoint is now returning JSON formatted string.

Manually Build a Login Flow If you build your own Login flow, there is an update to the OAuth code exchange that now conforms to the latest OAuth RFC spec. See details in the changelog entry, see Facebook Platform Changelog, API version 2.3.

The detailed spec. is described at Confirming identity.

The response you will receive from this endpoint will be returned in JSON format and, if successful, is {“access_token”: <access-token>, “token_type”:<type>, “expires_in”:<seconds-til-expiration>} If it is not successful, you will receive an explanatory error message.

Remember they used to return the seconds till expiration with a name of "expires", but now it is named "expires_in".

coveralls commented 9 years ago

Coverage remained the same at 99.28% when pulling 31f65aa999f2cb2c34a2ac3518b5659cd9f5fa81 on feature/v2.3/token into a0dbcd6049540ae8aa832a4aafdf63fffe88a184 on master.

coveralls commented 9 years ago

Coverage increased (+0.01%) to 99.28% when pulling b92ff90a397b5a939f89b447de2dc846c038676d on feature/v2.3/token into a0dbcd6049540ae8aa832a4aafdf63fffe88a184 on master.

coveralls commented 9 years ago

Coverage increased (+0.01%) to 99.28% when pulling a3f53ca7f5b191e98d2d596c3c9aa0ee3eef0812 on feature/v2.3/token into a0dbcd6049540ae8aa832a4aafdf63fffe88a184 on master.

oklahomer commented 9 years ago

Checking response body if it matches with m/\A { .+ } \z/xms to see if it's JSON formatted doesn't seem to be a smart way. The best way I think is to see the requesting API version and parse the response body appropriately. The tricky part is that Graph API automatically decide the API version when:

Requester doesn't supply API version
The requested API version is no longer supported

So we should see the actual API version used on the current call, and parse the response body. There must be a header field that returns the API version.

oklahomer commented 9 years ago

facebook-api-version HTTP header is guaranteed to be given.

New 'facebook-api-version' HTTP header: In all API versions, we now return an HTTP response header called 'facebook-api-version' which indicates which API version your app is actually experiencing - this may be different to the API version you specify in your request due to upgrades.

Perfect.

coveralls commented 9 years ago

Coverage increased (+0.03%) to 99.31% when pulling 7b5151026030aaec1229f4c12009d57bec024d24 on feature/v2.3/token into a0dbcd6049540ae8aa832a4aafdf63fffe88a184 on master.

coveralls commented 9 years ago

Coverage increased (+0.03%) to 99.31% when pulling 63a4a8967ca6583ce4d9b13e2f9577c905ddb93e on feature/v2.3/token into a0dbcd6049540ae8aa832a4aafdf63fffe88a184 on master.