I want to build an XMPP client on android, I've got it running perfect with authentication using Digest-MD-5, however when I try to convert it to X-FACEBOOK-PLATFORM it keeps failing.
可以将文章内容翻译成中文,广告屏蔽插件可能会导致该功能失效(如失效,请关闭广告屏蔽插件后再试):
问题:
回答1:
So basically the X-FACEBOOK-PLATFORM authentication uses only a part of a access token. That is called the session key.
The access token is seperated by "|" characters, so you split the access token and only take the characters that are in the center. Refer below.
******|a681464febcefb8*-**|******
long callId = new GregorianCalendar().getTimeInMillis() / 1000L; String sig = "api_key=" + apiKey + "call_id=" + callId + "method=" + method + "nonce=" + nonce + "session_key=" + sessionKey + "v=" + version + appSecret; try { sig = MD5(sig); } catch (NoSuchAlgorithmException e) { throw new IllegalStateException(e); } String composedResponse = "api_key=" + URLEncoder.encode(apiKey, "utf-8") + "&call_id=" + callId + "&method=" + URLEncoder.encode(method, "utf-8") + "&nonce=" + URLEncoder.encode(nonce, "utf-8") + "&session_key=" + URLEncoder.encode(sessionKey, "utf-8") + "&v=" + URLEncoder.encode(version, "utf-8") + "&sig=" + URLEncoder.encode(sig, "utf-8"); 回答2:
I never got FB chat to work with my appSecret but used sessionSecret instead. You can get it using oldish REST API.
http://developers.facebook.com/docs/reference/rest/auth.promoteSession/
This way you can keep your appSecret as a secret. Also it's worth noticing X-FACEBOOK-PLATFORM authentication rarely succeeds on first try but requires 3-6 retries usually. Beats me why though as I'm using same session key and secret..