java - Is it possible to do Server -> Facebook authentication?

Question

My quick investigations appear to suggest that FB has deprecated all auth mechanisms while leaving their custom oauth implementation.

Can someone comment or clarify this statement ?

Why ?

• I want users to authenticate against my app and not FB
• At some later stage i wish to grab some assets from FB such as the current users photo etc.

Answer 1

You will need at least once to let them authenticate with the facebook ID and authorize your app. From that moment, you will receive an access_token in the JSON response that will allow you to perform operations for your user.

There are two types of access tokens:

• Session based: expires in a short term, are used when the user will be logged to FB every time you need to perform an operation.
• Offline access: do not expire and allow the app to perform operations for the user in any moment. This requires the offline_access permission when the app is authorized.

Check here: http://developers.facebook.com/docs/authentication/ for the oauth mechanism and here: http://developers.facebook.com/docs/authentication/permissions/ for the permissions list.