I have changed the way my facebook page tab app asks for permissions.
I was using the javascript approach with FB Dialog and now I am using the redirect approach (in which the user is redirected to a FB page where the permissions are asked and then is redirected back to the facebook page tab).
The reason of the change is that I believe this approach will present less bugs and issues than using the javascript dialogs.
When using the redirect approach, I need to specify the URL that the user will be redirected after providing permissions. I would like that this url was the url of the facebook page tab with the app installed.
When building the url of redirect, I know the current page_id and my app_id. With these info, I need to build the facebook page tab url, which should look like this:
https://www.facebook.com/pages/PAGE-SLUG/{#APP_ID}?sk=app_{#APP_ID}
The problem is that I don't know what is the PAGE-SLUG. The tests I have run with the url above (using the PAGE-SLUG as anything) end up redirecting to the correct URL. However, knowing that Facebook is a very unstable platform, I would like to know it there is any better approach to building this redirect url.
EDIT: the above approach has a problem. The redirect loses the SSL protocol and uses the HTTP link when the facebook user doesn't use SSL by default.
It's very simple actually, you can call the Graph API with PHP like so:
$facebook->api("/{PAGE_ID}");
// change {PAGE_ID} to the page id you are redirecting back to
the return value is a json array with "link" in it -> that's the URL you are looking for :-)
Example Return:
{
"id": "XXXXXXXXX",
"name": "My Demo Page",
"picture": "",
"link": "https://www.facebook.com/pages/My-Demo-Page/XXXXXXXXX",
"likes": 123456,
"category": "Product/service",
"can_post": true,
"type": "page"
}
You can also query by the page name, if you know it, for example:
querying the Graph API with:
$facebook->api("/coca-cola");
Will result in:
{
"id": "40796308305",
"name": "Coca-Cola",
"picture": "https://fbcdn-profile-a.akamaihd.net/hprofile-ak-snc4/174560_40796308305_2093137831_s.jpg",
"link": "https://www.facebook.com/coca-cola",
"likes": 40680159,
"cover": {
"cover_id": "10150682306963306",
"source": "https://fbcdn-sphotos-a.akamaihd.net/hphotos-ak-snc7/s720x720/416803_10150682306963306_40796308305_9337341_812683101_n.jpg",
"offset_y": 0
},
"category": "Food/beverages",
"is_published": true,
"website": "http://www.coca-cola.com",
"username": "coca-cola",
"founded": "1886",
"description": "Created in 1886 in Atlanta, Georgia, by Dr. John S. Pemberton, Coca-Cola was first offered as a fountain beverage at Jacob's Pharmacy by mixing Coca-Cola syrup with carbonated water. \n\nCoca-Cola was patented in 1887, registered as a trademark in 1893 and by 1895 it was being sold in every state and territory in the United States. In 1899, The Coca-Cola Company began franchised bottling operations in the United States. \n\nCoca-Cola might owe its origins to the United States, but its popularity has made it truly universal. Today, you can find Coca-Cola in virtually every part of the world.",
"about": "The Coca-Cola Facebook Page is a collection of your stories showing how people from around the world have helped make Coke into what it is today.",
"location": {
"latitude": -33.816989983333,
"longitude": 150.84844081667
},
"can_post": true,
"checkins": 80,
"talking_about_count": 297576,
"type": "page"
}
Edit:
A more clear explanation:
According to Facebook own documentation, It's not clear what happens if the user decided not no accept the application. I think the user will redirect back to the redirect_uri, which then you can check if you have "user_id" in the signed_request, but I'm not 100% sure... Creating a simple app demo and checking :-)