Starting over... upgrading a 4-year-old Facebook Canvas App to the latest PHP SDK (4.0.23).
As I understand it, the flow is something like:
1) Facebook calls my app (mydomain.com/myApp)
2) I need to determine if this Facebook account has logged into my app already - looks like a signed_request comes across if not.
3) I create a FacebookRedirectLoginHelper with my app url (mydomain.com/myApp) and then generate a loginUrl. Then the user should click on that.
4) Facebook puts up a permission request, and if the user accepts, calls back to my app url. This time, instead of a signed_request, I get a code. At this point - do I create a FacebookRedirectLoginHelper again to process to get my session? Or, as the PHP SDK document suggests, do I create a FacebookCanvasLoginHelper?
4a) Reading the code for FacebookCanvasLoginHelper, it seems like I have to invoke $helper->instantiateSignedRequest($signedRequest) before I can use it, else there will be no signed request there. But the signed request I got the first time around does not have oauth data in it, so getSession() fails.
4b) If I use FacebookRedirectLoginHelper, I do get a session back, but there is no signed_request in it. So I can't get the userID. If I push the signed_request that I have into the FacebookSession object, still nothing because that initial signed_request doesn't have it.
What am I missing here? What I need is the Facebook UID of the account, that is stored locally to tell my app who is running it.
Help? Thoughts? I must be missing something, because other people have this working, right?
andy