You can definitely use canvas page URL itself. IN the same page you can put the following code. I have done that and working perfectly fine.
if(isset($_REQUEST["code"]))
{
$code = $_REQUEST["code"];
$my_url = "https://apps.facebook.com/CANVAS_APP_URL/";
$token_url = "https://graph.facebook.com/oauth/access_token?". "client_id=" . $app_id . "&redirect_uri=" . urlencode($my_url)
. "&client_secret=" . $app_secret . "&code=" . $code;
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $token_url );
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$output1 = curl_exec($ch);
curl_close($ch);
$tokenarray = explode("&", $output1);
$tokenarray1 = explode("=", $tokenarray[0]);
$access_token = $tokenarray1[1];
$urltoopen = 'https://graph.facebook.com/me?access_token=' . $access_token;
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $urltoopen);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$output = curl_exec($ch);
curl_close($ch);
echo $output;
}
Hope this helps !!
~ ABW