Facebook oAuth with PHP

Well one project we have been working on is SSO using facebooks oAuth model, this is the mechanism used to allow users to be authenticated on your own website using the Facebook app API.

This is a great API, and from scratch took about 2 days to reverse engineer and use, this system will be going live shortly on www.planettectnews.com also we have been working on some social media bolt ons.  So the nerdy stuff.

How the flow works, well first of all you click the signin with facebook link, this takes you to facebook if you haven't signed in and asks you to sign in, if your already signed in it goes straight to the APP dialogue.  At this stage you get the usual facebook wants to share your details with such and such app.  When you accept facebook fires a token to a PHP controller that i have written.  This in turn saves the token for use whenever needed.

The first stage now is the controller does a cURL to facebook using the token ID to get a me.js response, using JSON this is carved to useful information and this is stored in a database, a local user is created to incorporate the existing authentication model.

A second cURL using a post fires the new user details at the existing authentication model logging the user in, the local user account based on the facebook details can be synchronised at any stage using the token in an 'offline' poll.

That simples.

The twitter SSO API is scarey familiar using the same UML flow.