External Flash and Facebook Platform web applications

External Flash and Facebook Platform web applications (see Figure 3) are very similar to web applications on Facebook.com. The main difference is how you handle user login and application authorization. Instead of simply redirecting the browser to Facebook login and/or authorization pages, you use the Facebook JavaScript SDK in conjunction with the Adobe ActionScript 3 SDK for Facebook Platform to display the Facebook login and/or authorization pages in a pop-up window. Although the Facebook login is handled with JavaScript, you usually don't need to write any JavaScript code; you just call methods of classes in the Adobe ActionScript 3 SDK for Facebook Platform. Internally what happens is that code in the ActionScript SDK (specifically methods in the facebook.graph.core.FacebookJSBridge class) calls methods of the Facebook JavaScript SDK. The wrapper page for the application must include the Facebook JavaScript SDK.

Figure 3. An external Flash and Facebook Platform web application

1. The user requests your application on your website; the browser makes an HTTP request to your server. This request is for an HTML page or any application server page but will just be referred to as the HTML page from here on.
2. Your server returns an HTML/JS page embedding your SWF file. The wrapper page must include the Facebook JavaScript SDK whose methods are called by some of the methods in the Adobe ActionScript 3 SDK for Facebook Platform.
3. The users' browser makes a request to your server for the SWF file to embed in the HTML page.
4. Your server returns the SWF file. The application uses the Adobe ActionScript 3 SDK for Facebook Platform code (which calls methods of the Facebook JavaScript SDK) to check and see if there is a current access token for this user and application. If there is not, it presents the Facebook login and/or authorization web page in a pop-up browser window.
5. As the user interacts with the application, it makes asynchronous calls to Facebook using the Adobe ActionScript 3 SDK for Facebook Platform. Every API call must include the access token (this is handled automatically by the SDK) and the Facebook server must have a crossdomain policy file giving SWF files from your server access (which it does).
6. Facebook returns JSON formatted data to your application and your application handles the data.
7. If you want to save any data on your server or do any other server-side processing, your ActionScript code can make calls to your server using typical remote procedure call methods (HTTP, web service, and Flash Remoting requests).
8. If the server needs to talk to Facebook for any reason, it does.
9. Your server-side code handles results from Facebook.
10. Your server returns any data to your Flash Platform application in the user's browser.