Then we get to the IdentityFactory. \u00a0Yii has a nice configuration system in place for its components, so I did some Identity components extending the standard Yii UserIdentity that was included with the Yii distribution. I have the login entry point call on the identity factory which checks a param in the config and returns an instance of the appropriate object.<\/p>\n
These objects are where all authentication type specifics happen. \u00a0Lets take a look at a simple flow diagram:<\/p>\n
So the IdentityFactory chooses which identity we’re using based on the config. \u00a0It will send the request over to the FacebookIdentity, which gets all the info needed for the UserIdentity class to query the database, update information there, and then set the user session.<\/p>\n The more interesting part is the connection between FacebookIdentity and the Facebook SDK. \u00a0For this I made use of a Yii extension. \u00a0I used yii-facebook-opengraph<\/a>, which, while not the most mature of facebook connect extensions, is the most actively developed and the closest to functional. \u00a0(Last year Facebook made a huge change to their SDK which is not at all backwards compatible so they broke most extensions that exist and most developers did not make updates to their extensions.) \u00a0This extension only needed one method added to help deal with the Facebook problem with access tokens<\/a>.<\/p>\n <\/p>\n","protected":false},"excerpt":{"rendered":" Note: There many ways to implement this, but this seemed to make the most sense to me at the time. A login can either come from someone clicking a login link and being sent to a login page or we can force the login and not allow guests. \u00a0The login\/logout button is easy enough, just […]<\/p>\n","protected":false},"author":4571,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[63924,3163,63928,63937],"tags":[5741,981,63936,63930,63943],"class_list":["post-33","post","type-post","status-publish","format-standard","hentry","category-atg","category-php","category-quizmo-atg","category-yii","tag-authentication","tag-facebook","tag-facebook-sdk","tag-php-2","tag-yii-2"],"jetpack_featured_media_url":"","_links":{"self":[{"href":"https:\/\/archive.blogs.harvard.edu\/acts\/wp-json\/wp\/v2\/posts\/33","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/archive.blogs.harvard.edu\/acts\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/archive.blogs.harvard.edu\/acts\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/archive.blogs.harvard.edu\/acts\/wp-json\/wp\/v2\/users\/4571"}],"replies":[{"embeddable":true,"href":"https:\/\/archive.blogs.harvard.edu\/acts\/wp-json\/wp\/v2\/comments?post=33"}],"version-history":[{"count":9,"href":"https:\/\/archive.blogs.harvard.edu\/acts\/wp-json\/wp\/v2\/posts\/33\/revisions"}],"predecessor-version":[{"id":43,"href":"https:\/\/archive.blogs.harvard.edu\/acts\/wp-json\/wp\/v2\/posts\/33\/revisions\/43"}],"wp:attachment":[{"href":"https:\/\/archive.blogs.harvard.edu\/acts\/wp-json\/wp\/v2\/media?parent=33"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/archive.blogs.harvard.edu\/acts\/wp-json\/wp\/v2\/categories?post=33"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/archive.blogs.harvard.edu\/acts\/wp-json\/wp\/v2\/tags?post=33"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}![\"Facebook](\"http:\/\/blogs.law.harvard.edu\/acts\/files\/2012\/03\/Yii_Facebook_auth-251x300.jpg\")
<\/a><\/p>\n\r\n\r\n\/\/ had to add this function to deal with php's poor handling of expired access tokens\r\npublic function setAccessToken($access_token){\r\nreturn $this->_getFacebook()->setAccessToken($access_token);\r\n}\r\n\r\n<\/pre>\n