Facebook OAuth Example

Facebook does not conform to RFC 6749. According to RFC 6749, the request for the access token should be in FORM format, and the response should be in JSON format. With Facebook, the request is in QUERY format, and the response is in FORM format, so you need to use processors to configure them correctly.

In this example, Facebook’s ExpireTime is named ‘expires’ instead of 'expires_in' as called for in RFC 6749, so the user should directly specify an expiry time.

Another way to get expire time is to use TokenProcessor, which can handle the input data and return standard JSON data. In this case, MessageValue is the value to retrieve from the response body, because the valid response is in FORM format. By retrieving access token and expire time from MessageValue, the token processor can return standard parameters that conform to RFC 6749 and JSON format.

OAuth Tab Field	Sample Values
Authorization URI	https://graph.facebook.com/oauth/authorize
AccessToken URI	https://graph.facebook.com/oauth/access_token
Text field below the Using Processors check box	<Authorization> <AuthorizationProcessors> <AuthorizationProcessor> document.getElementById('email').value='test@gmail.com'; document.getElementById('pass').value='xxxxxx'; document.getElementById('loginbutton').click(); </AuthorizationProcessor> </AuthorizationProcessors> </Authorization> <AccessToken> <RequestMsgStyle>QUERY</RequestMsgStyle> <ResponseMsgStyle>FORM</ResponseMsgStyle> <ExpireTime>1000</ExpireTime> </AccessToken> <TokenProcessor> VAR accesstoken; VAR expires; ...//Get access token and expire-time value from MessageValue MessageValue = "{access_token:" + accesstoken +", expires_in:" + expires+ "}"; </TokenProcessor>