That said, it may be possible to *detect* an existing authorization by checking for the existence of those cookies. Actually getting the info out of them to create a connection may prove more difficult, however. At one time it was fairly easy to do, but then FB changed their cookie structure and I can't say for sure what's in there now. Sounds like I need to do another investigation into the contents of the cookie. I can say that if the access token is available in the cookie then you should be able to get at it using @CookieValue (but that would require you to write a Spring MVC controller to receive it).
I was initially thinking that RestTemplate could be used for this call, but after some more thought I'm not sure if this would work.
Looks like my last reply overlapped with Craig's last reply. After further reflection, I don't think an AJAX approach can't be used because response headers can't be accessed, but I think I have found a (low tech) way of detecting a connection which was instigated by a spring-social app.
A simple hidden frame embedded in a page, with src="https://graph.facebook.com/oauth/authorize?client_id=...&response_type=code&redirec t_uri=<your_redirect_url>" will result in a callback to your_redirect_url with a code parameter if the user is already logged in. If you have a controller at <your_redirect_url> which takes this code, exchanges for an access token and creates your connection, I think this may work.
In fact, this is exactly what the ProviderSignInController does - if you register a ConnectionSignUp instance with your UsersConnectionRepository and register a ProviderSignInController with your application, you could get implicit sign up by having a hidden frame with "https://graph.facebook.com/oauth/authorize?client_id=...&response_type=code&redirec t_uri=http://localhost:8080/signin/facebook>" for example.
Good point on the cookies...I clearly hadn't had enough of my morning caffeine when first thinking about it.
That's a nice tip...and I suspect it would work. But it is a bit kludgy/hackish. A cleaner approach, I think, would be to let some JS determine the authorization status and send the details of the authorization (access token, et al) to the server-side for the purposes of establishing a connection in Spring Social. I'm reasonably certain that will work, although it would require some JS on the client-side and some custom (e.g., not currently implemented in Spring Social) server-side work to receive the authorization details.
As long as the client-side code and the server-side code are using the same App ID when working with FB, the authorization-stuff should work fine between both sides because it's the same authorization. (e.g, same App ID, same authorization.)
The trick of using js to pass access token works
For Facebook Connect to work you need to Setup Application on Facebook and obtain its App ID/API Key and Application Secret.Use your store name as application name and read and accept terms of service. The Facebook Connect Wizard is just what it sounds like – a way to incorporate Facebook Connect into your website in three steps. Just enter in your URL, upload a file to your server so that Facebook Connect can talk to your site.