David Clements
2008-Jun-03 21:18 UTC
[Facebooker-talk] Order of authentication methods is causing unnecessary call to API?
Hey Guys, I am wondering if I am missing something here. I am noticing that after a user installs my app I get a request that not only contains an auth_key but also contains a valid session key. Occasionally I am seeing that Facebook server is occasionally sending a connection reset during the auth key authentication method, this caused me to notice that secure_with_token is given precedence in the code: def set_facebook_session returning session_set = session_already_secured? || secure_with_token! || secure_with_facebook_params! do if session_set capture_facebook_friends_if_available! Session.current = facebook_session end end end This seems wrong to me since secure with token makes a round trip to Facebook and secure_with_facebook_params! does not. Any thoughts or insights? Dave -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://rubyforge.org/pipermail/facebooker-talk/attachments/20080603/f41a6d48/attachment.html>
Jonathan Otto
2008-Aug-09 07:12 UTC
[Facebooker-talk] Order of authentication methods is causing unnecessary call to API?
The order you have listed here makes sense to me since secure_with_token checks for the auth_token parameter before doing anything. The current implementation is now to do secure_with_token! last. On Tue, Jun 3, 2008 at 4:18 PM, David Clements <digidigo at gmail.com> wrote:> Hey Guys, > > I am wondering if I am missing something here. I am noticing that after a > user installs my app I get a request that not only contains an auth_key but > also contains a valid session key. > > Occasionally I am seeing that Facebook server is occasionally sending a > connection reset during the auth key authentication method, this caused me > to notice that secure_with_token is given precedence in the code: > > def set_facebook_session > > returning session_set = session_already_secured? || > secure_with_token! || secure_with_facebook_params! do > if session_set > capture_facebook_friends_if_available! > Session.current = facebook_session > end > end > end > > > This seems wrong to me since secure with token makes a round trip to > Facebook and secure_with_facebook_params! does not. > > Any thoughts or insights? > > Dave > > _______________________________________________ > Facebooker-talk mailing list > Facebooker-talk at rubyforge.org > http://rubyforge.org/mailman/listinfo/facebooker-talk > >
David Clements
2008-Aug-09 14:09 UTC
[Facebooker-talk] Order of authentication methods is causing unnecessary call to API?
This issue I was having was that I had a request with both the request token and all the fb_sig params including a valid session key. I think this happens after an install of an app with the post ad url being a canvas page. So perhaps my fix wasn''t deep enough. We could make it so that secure_with_params doesn''t throw an exception if there is an auth token present? Dave On Sat, Aug 9, 2008 at 1:12 AM, Jonathan Otto <jonathan.otto at gmail.com>wrote:> The order you have listed here makes sense to me since > secure_with_token checks for the auth_token parameter before doing > anything. > > The current implementation is now to do secure_with_token! last. > > On Tue, Jun 3, 2008 at 4:18 PM, David Clements <digidigo at gmail.com> wrote: > > Hey Guys, > > > > I am wondering if I am missing something here. I am noticing that after > a > > user installs my app I get a request that not only contains an auth_key > but > > also contains a valid session key. > > > > Occasionally I am seeing that Facebook server is occasionally sending a > > connection reset during the auth key authentication method, this caused > me > > to notice that secure_with_token is given precedence in the code: > > > > def set_facebook_session > > > > returning session_set = session_already_secured? || > > secure_with_token! || secure_with_facebook_params! do > > if session_set > > capture_facebook_friends_if_available! > > Session.current = facebook_session > > end > > end > > end > > > > > > This seems wrong to me since secure with token makes a round trip to > > Facebook and secure_with_facebook_params! does not. > > > > Any thoughts or insights? > > > > Dave > > > > _______________________________________________ > > Facebooker-talk mailing list > > Facebooker-talk at rubyforge.org > > http://rubyforge.org/mailman/listinfo/facebooker-talk > > > > >-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://rubyforge.org/pipermail/facebooker-talk/attachments/20080809/54b3ae44/attachment-0001.html>