Search code examples
facebookservletspermissionsresponse.redirectfacebook-java-api

Redirecting Facebook 'offline_access' permission page

I am trying to get users' permission for 'offline_access' in an iFrame Facebook application coded with the Facebook Java API. I understand that I need to obtain an 'indefinite session key' after the users approves my application. Currently, I can accomplish what I want, but in a very awkward way that is probably not correct. There must be a better way to do this. Any thoughts/ideas would be appreciated!!

What I've done

In a servlet of my app, I check to see if the user currently has 'offline_access' permission. If they do, I get the url by Permission.authorizeUrl(Permission.OFFLINE_ACCESS). I then call response.redirect to get to the permissions page. Two problems I'm having are:

  1. The redirected permissions page is displayed within the iFrame. Hence, the Facebook book home menu bar etc. are displayed twice. i.e. looking like an app is embedded in another app.
  2. The user will be 'stuck' on the permission page once redirected there. I won't be able to obtain the 'indefinite session key' (by calling client.getCacheSessionKey) unless the user goes back to a page in my app manually.

Possible Work-arounds??

  • Is there a way to open/redirect to the permissions page in a new window? That way maybe I can have a thread in my servlet to keep checking whether the permission is set after the redirection. And then I can get the 'indefinite session key' once I have it and store it somewhere?
  • Is there a way to set an URL for Facebook to go to after permission is set? (much like the pre-auth and post-auth URL settings?) Or somehow take control after the permission page is hit?
  • Any other ways to setup my app maybe?? Being a newbie, I might've totally gotten the idea wrong...
Solution

  • Have you tried using the fb:promot-permission tag in XFBML? That would seem the simplest way of getting the permission granted, and XFBML is fairly easy to set up.