|
Hi, I have something I want to understand regarding the oAuth flow in facebook.
I have a facebook application that I created.
When I reach my application site directly (not through facebook) i.e enter my application site URL in the address bar, I reach my application. Let's say: https://myApp.com/fbApp
On the server side there's the oAuth flow ( sending a request for the "code" parameter and then with the "code" parameter another request for the "user access token").
I wanted to know how does Facebook knows who is the user that is making the request for the "code" parameter. I noticed that when I'm loged-in to facebook and I'm going to my site directly (as described above) I'm getting the "user access token" on the server side.
When the first request to facebook is made for the "code" parameter, is their anything else being transferred behind the scenes so facebook knows to identify the current loged-in user?
The 'client id' parameter which is being passed to get the 'code' parameter is the 'app id' which is general to all users so I don't see a user specific info being passed to facebook.
|
|
|
|