I just finished a writeup on the necessary JS changes to support Facebook’s OAuth 2.0 upgrade, and then Hilary did a followup post on the server-side.
The upgrade enabled right now, but it gets forced out on October 1st. These two posts should give you all you need to know to get your site ready for Facebook’s upgrade:
Part 2: PHP / Backend – Server Side changes for Facebook’s OAuth 2.0 upgrade
Also worth noting, there’s a lot of good information on Facebook’s Developer Blog.