Facebook

Authentication Users Password

Presentation

Facebook is a famous social network service. Facebook uses OAuth2 protocol to allow applications to reuse its own authentication process (it means, if your are connected to Facebook, other applications can trust Facebook and let you in).

You need Net::Facebook::Oauth2 package.

You need to register a new application on Facebook to get an application ID and a secret. See https://developers.facebook.com/apps on how to do that.

Configuration

In Manager, go in General Parameters > Authentication modules and choose Facebook for authentication module. You can also use Facebook as user database.

Then, go in Facebook parameters:

  • Authentication level: authentication level for this module.
  • Facebook application ID: the application ID you get
  • Facebook application secret: the corresponding secret
  • User field: Facebook field that will be used as default user identifier

If you use Facebook as user database, declare values in exported variables:

  • use any key name you want. If you want to refuse access when a data is missing, just add a “!” before the key name
  • in the value field, set the field name. You can show them using Facebook Graph API explorer and have a list of supported fields in the Graph API User reference. For example:
    • cn ⇒ name
    • mail ⇒ email
    • sn ⇒ last_name
Do not query user field in exported variables, as it is already registered by the authentication module in $_user.
Browser implementations of formAction directive are inconsistent (e.g. Firefox doesn't block the redirects whereas Chrome does). Administrators may have to modify formAction value with wildcard likes *.

In Manager, go in :

General Parameters > Advanced Parameters > Security > Content Security Policy > Form destination

You can use the same Facebook access token in your applications. It is stored in session datas under the name $_facebookToken