Differences

This shows you the differences between two versions of the page.

Link to this comparison view

documentation:2.1:authfacebook [2019/01/15 15:55] (current)
Line 1: Line 1:
 +====== Facebook ======
  
 +^  Authentication ​ ^  Users  ^  Password ​ ^
 +|  ✔  |  ✔  | |
 +
 +===== Presentation =====
 +
 +[[http://​facebook.com|Facebook]] is a famous social network service. Facebook uses [[http://​en.wikipedia.org/​wiki/​OAuth2|OAuth2]] protocol to allow applications to reuse its own authentication process (it means, if your are connected to Facebook, other applications can trust Facebook and let you in).
 +
 +You need [[https://​metacpan.org/​release/​Net-Facebook-Oauth2|Net::​Facebook::​Oauth2]] package.
 +
 +You need to register a new application on Facebook to get an application ID and a secret. See [[https://​developers.facebook.com/​apps]] on how to do that.
 +
 +===== Configuration =====
 +
 +In Manager, go in ''​General Parameters''​ > ''​Authentication modules''​ and choose Facebook for authentication module. You can also use Facebook as user database.
 +
 +Then, go in ''​Facebook parameters'':​
 +  * **Authentication level**: authentication level for this module.
 +  * **Facebook application ID**: the application ID you get
 +  * **Facebook application secret**: the corresponding secret
 +  * **User field**: Facebook field that will be used as default user identifier
 +
 +If you use Facebook as user database, declare values in exported variables:
 +  * use any key name you want. If you want to refuse access when a data is missing, just add a "​!"​ before the key name
 +  * in the value field, set the field name. You can show them using [[https://​developers.facebook.com/​tools/​explorer|Facebook Graph API explorer]] and have a list of supported fields in the [[https://​developers.facebook.com/​docs/​graph-api/​reference/​user/​|Graph API User reference]]. For example:
 +    * cn => name
 +    * mail => email
 +    * sn => last_name
 +
 +<note important>​Do not query user field in exported variables, as it is already registered by the authentication module in ''​$_user''​.</​note>​
 +
 +<note important>​
 +Browser implementations of formAction directive are inconsistent (e.g. Firefox doesn'​t block the redirects whereas Chrome does).
 +Administrators may have to modify formAction value with wildcard likes *.
 +
 +In Manager, go in : 
 +
 +''​General Parameters''​ > ''​Advanced Parameters''​ > ''​Security''​ > ''​Content Security Policy''​ > ''​Form destination''​
 +</​note>​
 +
 +<note tip>You can use the same Facebook access token in your applications. It is stored in session datas under the name ''​$_facebookToken''</​note>​