<div dir="ltr">This issue I was having was that I had a request with both the request token and all the fb_sig params including a valid session key. I think this happens after an install of an app with the post ad url being a canvas page.<br>
<br>So perhaps my fix wasn't deep enough. We could make it so that secure_with_params doesn't throw an exception if there is an auth token present? <br><br><br>Dave<br><br><div class="gmail_quote">On Sat, Aug 9, 2008 at 1:12 AM, Jonathan Otto <span dir="ltr"><<a href="mailto:jonathan.otto@gmail.com">jonathan.otto@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">The order you have listed here makes sense to me since<br>
secure_with_token checks for the auth_token parameter before doing<br>
anything.<br>
<br>
The current implementation is now to do secure_with_token! last.<br>
<div><div></div><div class="Wj3C7c"><br>
On Tue, Jun 3, 2008 at 4:18 PM, David Clements <<a href="mailto:digidigo@gmail.com">digidigo@gmail.com</a>> wrote:<br>
> Hey Guys,<br>
><br>
> I am wondering if I am missing something here. I am noticing that after a<br>
> user installs my app I get a request that not only contains an auth_key but<br>
> also contains a valid session key.<br>
><br>
> Occasionally I am seeing that Facebook server is occasionally sending a<br>
> connection reset during the auth key authentication method, this caused me<br>
> to notice that secure_with_token is given precedence in the code:<br>
><br>
> def set_facebook_session<br>
><br>
> returning session_set = session_already_secured? ||<br>
> secure_with_token! || secure_with_facebook_params! do<br>
> if session_set<br>
> capture_facebook_friends_if_available!<br>
> Session.current = facebook_session<br>
> end<br>
> end<br>
> end<br>
><br>
><br>
> This seems wrong to me since secure with token makes a round trip to<br>
> Facebook and secure_with_facebook_params! does not.<br>
><br>
> Any thoughts or insights?<br>
><br>
> Dave<br>
><br>
</div></div>> _______________________________________________<br>
> Facebooker-talk mailing list<br>
> <a href="mailto:Facebooker-talk@rubyforge.org">Facebooker-talk@rubyforge.org</a><br>
> <a href="http://rubyforge.org/mailman/listinfo/facebooker-talk" target="_blank">http://rubyforge.org/mailman/listinfo/facebooker-talk</a><br>
><br>
><br>
</blockquote></div><br></div>