I'm developing iPhone application, that is based on communication with server, and I want to use Facebook authentication mechanisms.


Basically, I think it should work like this:

  1. 在我的iPhone应用程序中,用户使用他的电子邮件和密码登录Facebook。

  2. 用户可以访问他的相关Facebook应用程序的数据。

  3. 成功登录后,我的iPhone应用程序会收到访问令牌。

  4. 进一步沟通在我的服务器上,我的iPhone应用程序应该使用收到的Facebook访问令牌(例如:在查询中)。

  5. 当我的服务器从iPhone应用程序接收到一些查询令牌时,应该询问Facebook的这个令牌是有效的(对于谁),如果是的话,服务器应该假定用户通过Facebook进行身份验证。

  1. In my iPhone app, user logs in to Facebook, using his email and password.
  2. User allows access to his data for related Facebook application.
  3. My iPhone app receives access token, after successful log in.
  4. In further communication with my server, my iPhone application should use the received Facebook access token (for example: in queries).
  5. When my server receives some query from iPhone app, with access token, it should ask Facebook that this token is valid (and for who), and if yes, server should assume that user is authenticated with Facebook.


My question is: how the server should ask Facebook if given access token is valid? I think I should somehow check if the token is valid for my Facebook app.


I've tried many Facebook queries to graph API, that I've found, but nothing worked as I expected. Can you provide me some example?

 1 条回答