Occasionally I write more geeky posts that I don’t expect all my readers to understand. I’m going to start prefacing those with “Geeky:” so you can know to ignore them in the future. This is obviously one of those, so if the title doesn’t make sense to you, I don’t blame you for skipping over it all.
I have started playing recently with Facebook’s new Open Source Javascript Client Libraries. It has actually been quite fun to work with, in that they separate all the code out in a manner that’s easy to access, read, and understand how it works. Also, if I ever choose, I can host the Javascript files themselves on my own servers and reduce that potential failure point were Facebook’s servers to go down. (granted, you’re still relying on the Facebook API for them to work fully) I can also contribute to the source in the event I feel something might work better (via my own Github fork).
One problem I’ve come across with the new libraries is that they have simplified the Javascript session cookies so that rather than 5 or 6 separate cookies all getting set and needing to be parsed on the client in order to identify the authorized user, only one cookie is set, and can be parsed using simple URI string parsing functions. This is actually a bonus in that there is less work to be done to authorize the user. However, it means any old server-side clients that parse those cookies the old way will also need to be modified. If you don’t modify your server-side client library to recognize the new cookies, your libraries will not be able to authenticate or authorize the user properly.
I needed a solution for the server side that worked well with the new format. The specific code I’m writing is in PHP so it made sense to go with Facebook’s default PHP libraries, and I created a version of facebook.php that worked with the new Javascript SDK. To set it up is simple – just take this file, unzip it, and replace the facebook.php in your default PHP Facebook client library install with the one you just unzipped.
Unfortunately, the file isn’t backwards compatible, so you will need to choose between either the new Open Source Javascript SDK or the old Facebook Javascript Client libraries. This is because if you use the new Javascript SDK when you log the user out it only deletes the new format of session cookie. Your PHP Client Libraries will set the old format if you don’t replace them with the version above.
There may still be a way to make all this backwards compatible, but for my purposes I haven’t had need to look into it. Also, I’ve only tested this for my own use-cases, so there may be bugs. Please send me a patch if you find any bugs and I’ll update my own version of the file. As soon as it’s possible hopefully we can get this into the Facebook version as well. I’m going to also update the Github Wiki for the new Javascript SDK so others can benefit.
Let me know if anything needs to be updated. You can download the zipped facebook.php file here.