Google App Engine: Facebook server side authentication

When you’re working with devices without JavaScript or in cases where the user has disabled JavaScript you’ll need to work out strategies to do your stuff on the server-side. A classic case is form validation using JavaScript, which fails when you don’t have a server side verification system and allows users to post junk onto your site.

I’ve just converted a small script shown in this example on Facebook’s site that does the same thing, but on PHP. This code closely emulates the one that leads to the link above.

Another case you might need this is because Facebook has scrapped its Python API support since OAuth 2.0 has been introduced.

There are some limitations to this application, one of which is as Facebook prevents POST headers, you can’t integrate this method into a canvas.
It builds upon the sessions example I’ve covered in the previous post.

The build up of the program is as follows:

There are 3 files:

  1. state_variable.py : A class that generate state variable –  a unique combination of 13/27 characters that Facebook generates when you make a request. the variable ‘code’ in the URL of a Facebook application.
  2. session_module.py: This is a class that handles the sessions. It must be inherited by any class that uses sessions. Refer to the post (the link) which covers it for more information on it.
  3. main.py: This is the main Python program that Google App Engine handles. The two step procedure to check whether the URL has the ‘code’ request variable in the request header if so continue with OAuth authentication, else redirect the user to the Facebook page on which he gives permissions/authenticates the application.

It really is a primitive code for sandboxing purposes, you’ll need to refine the code with exception handling and other stuff to actually deploy it.

Any bugs/suggestions are always welcome. I really don’t know if I’ll be working on this in any near future. I just wanted this application in public, so that if anybody needs it they can build upon this code.

The link to the code repository is here.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.