I am currently redirecting to this:
https://graph.facebook.com/oauth/authorize?client_id=305384546164461&redirect_uri=http://www.eeisi.com/bridge/auth.php&type=web_server&display=page&scope=publish_stream,%20user_about_me,%20user_likes,%20email
I have no idea why I am required to redirect to the URL specified in my application settings, for my canvas page. The purpose behind this never seems to be mentioned.
So I redirect there, and it asks for permission to use the app... great...
Then it goes to another dialog page, and asks for additional permissions... fine...
AND THEN... it goes to that redirect URL, and then what am I supposed to do?
Am I supposed to create some sort of landing page that redirects back to the canvas page on facebook?
Like...
http://www.eeisi.com/bridge/auth.php <--- the landing page
Am I then supposed to take the resulting auth code:
http://www.eeisi.com/bridge/auth.php?code=(long-fricking-string)
and pass that back to the canvas app page, like so?
http://aps.facebook.com/eebridge/?code=(long-fricking-string)
???
Is that how the whole thing fits together?
You'll want to exchange the code query parameter for an access token.
See step 4 here: http://developers.facebook.com/docs/authentication/server-side/
You're redirected back to your app, as your app should know the application secret - which you'll need to exchange the code for an access_token.