I'm using FB js sdk.
In the function FB.login, if I add one of this permission (pages_user_locale, pages_user_gender, pages_user_timezone) I have this error.
If I remove them, the fb login work fine.
Example of code:
FB.login((loginResponse) => {
...
}, { scope: "public_profile,email,pages_messaging,pages_messaging_phone_number,pages_show_list,pages_manage_metadata,instagram_basic,instagram_manage_messages,pages_read_engagement,business_management,catalog_management,pages_user_locale,pages_user_gender,pages_user_timezone", return_scopes: true });
I found the mistake.
This permission shouldn't request these page permissions using FB Login.
As long as they are approved at app and page level, I should be able to use it.
Related
I'm developing a pure-html/js web application (actually I'm using AngularJS; with "pure" I mean: I'm not using any server side technology) which uses a Facebook-Connect button like this:
<fb:login-button max_rows="1" size="xlarge" scope="email,public_profile,ads_management" show_faces="false" auto_logout_link="false"></fb:login-button>
Such button asks for permission: ads_management and basic user data. I'm testing ad-management functionality.
However, I ask two queries to facebook inside a controller:
$scope.fetchData = function() {
FB.api('/me', function(response){
$scope.$apply(function(){
console.log("InApp::fetchData()");
console.log(response);
console.log("~InApp::fetchData()")
});
});
};
$scope.fetchAccounts = function() {
FB.api('/me/adaccounts', function(response){
$scope.$apply(function(){
console.log("InApp::fetchAccounts()");
console.log(response);
console.log("~InApp::fetchAccounts()");
});
});
};
$scope.fetchAccountData = function(account_id) {
};
$scope.fetchData();
$scope.fetchAccounts();
For narrow-purposes I just printed the contents of a controller. Assume such controller exists, requires the person is logged in Facebook, and the user is currently logged in.
My Issues are:
The Login button does not update the page when I login. This is because no onlogin= was put. Question: How can I assign such attribute in an Angular way? (i.e. the handler coming from the scope).
$scope.fetchData is successfully executed. However, $scope.fetchAccounts is not. I'm asking this because I included the ads_management permission in the button. Question: What am I missing? (error: code: 10
message: "(#10) You do not have sufficient permissions to perform this action"
type: "OAuthException"). Edit - Additional notes: I deauthorized the application in my account, and reauthorized it: It never asks me the ads_management permission in the popup dialog.
The first question, no idea. The second question, your app is not whitelisted for Ads API usage. Look into the Ads APi documentation on how to request access.
I recently integrated the phonegap-facebook-plugin (https://github.com/phonegap/phonegap-facebook-plugin) into both iOS and Android (same app).
I want to do something that I believe to be simple: by-pass the call to native facebook for login/authentication and always use the web dialog. How does one go about accomplishing this?
My login code currently looks like this:
Init code:
//facebook initialization
FB.init({
appId: 'xxxxxxxxxxxx', //'<%#= FB_APP_ID %>',//'',
nativeInterface: CDV.FB,
useCachedDialogs: false
});
And the login call is:
FB.login(function(response) {
if (response.authResponse) {
// connected
me.signInFacebook({
token: response.authResponse.accessToken,
email: response.authResponse.email,
success: function (data) {
// hide login view and show tabview
form.destroy();
// continue whatever action was previously happening
me.continueAction(tabIndexBack, callback);
},
failure: function (response) {
// show errors Ext.Viewport.down('tabscontainerview').setActiveItem(3);
}
});
} else {
//go back
Ext.Viewport.down('tabscontainerview').setActiveItem(3);
alert('fb login error');
}
},{ scope: "email" });
Thanks for your help!!
I created a plugin to facilitate the connection between Facebook and phonegap without using Plugin Native only with Jquery:
https://github.com/studiosoton/faceGap
To bypass native FB login, you can make your own manual facebook authentication flow without using JavaScript SDK of the Facebook (https://developers.facebook.com/docs/facebook-login/manually-build-a-login-flow/v2.3) via inAppBrowser or ChildBrowser plugins.
Your app must initiate a redirect to an endpoint which will display the login dialog:
https://www.facebook.com/dialog/oauth?client_id={app-id}&redirect_uri={redirect-uri}&response_type=token&scope=email
Facebook redirects people to the redirect_uri mentioned above and places an access token along with some other metadata (such as token expiry time) in the URI fragment:
https://www.facebook.com/connect/login_success.html#
access_token=ACCESS_TOKEN...
Your app needs to detect this redirect and then read the access token out of the URI. You can then skip straight to the Inspecting access tokens step.
On the Android version of the plugin, you can force it to use the dialog by modifying the way the plugin calls me.facebook.authorize in the login action of theorg.apache.cordova.facebook.ConnectPlugin class.
You'll need to pass in an additional activityCode parameter with Facebook.FORCE_DIALOG_AUTH:
me.facebook.authorize(cordova.getActivity(), me.permissions, Facebook.FORCE_DIALOG_AUTH, new AuthorizeListener(me));
I'm not entirely sure about iOS, but you might be able to try with openWithBehavior and FBSessionLoginBehaviorForcingWebView
Without any Facebook plugins you can use Facebook functionality,for that use phonegap.facebook.inappbrowser.js using this js you can easily access all Facebook functionality for more information visit this URL : Facebook Integration Step without any plugins
I've been doing user authentication with everyauth and Facebook and all works well. Now, I want to integrate an ability to post to Facebook. Since my app asks only for email scope when users first login, I'll need to get a larger FB scope, and am trying to follow the FB guidelines and only ask for this additional scope when I need it.
I added the following code to my everyauth configuration as per the docs:
everyauth
.facebook
.appId(conf.fb.appId)
.appSecret(conf.fb.appSecret)
//TODO add custom redirect for when authentication is not approved
.scope(function (req, res) {
console.log('Setting FB scope');
console.log('Session: ' + util.inspect(req.session));
var session = req.session;
switch (session.userPhase) {
case 'share-media':
return 'email,user_status';
default:
return 'email';
}
})
All is well when an unauthenticated user logs into the application. The problem is that when I want to "up the ante" on FB scope, which I do by setting req.session.userPhase to 'share-media', and then present a link to /auth/facebook to confirm they want to allow posting to FB. When this happens, I get an error that req.session is undefined from the above code (all of req is undefined).
I assume this is since a previously logged-in user is essentially re-authenticating, but isn't that how I would get more scope from Facebook? Am I going about this the wrong way?
Thanks!!!
I changed my Facebook App to OAuth 2.0. Now the Login window ignores the user permissions.
The new login button code is as follows:
<fb:login-button show-faces="true" width="400" max-rows="2" scope="read_stream, publish_stream, email"></fb:login-button>
when I use perms instead of scope it works.
I have oauth:true in FB.init(). In the app settings oauth2 is active.
(Everything I did and learned was in an effort to be able to publish to a Facebook Timeline from a 3rd party website. I don't know your motive/goal. It might not be the same as mine.)
I am using JS SDK with javascript commands, not xfbml markup.
I am using the beta version of the JS SDK: set the host to connect.beta.facebook.net instead of connect.facebook.net
I have oauth:true in my FB.init() function.
I have app settings for OAuth 2.0 enabled at developers.facebook.com.
This is my FB.login():
FB.login(
function(response) {
if (response.authResponse) {
// handle a successful login
}
},
{
scope: 'publish_stream' // I need this for publishing to Timeline
}
);
One thing I did to debug this was to check the value of FB._oath. If it is undefined, you have a problem. If it is true, you can proceed to the next challenge.
So after lots of trial and error, I finally got FB._auth===true
I used the old rest api for showing the Permission Dialog in Facebook before.
Now, with the new graph API, what can I do? (I'm in IFrame Apps).
I know that I can cheat and popup the permission in a seperate window:
FB.login(function(response) {
if (response.session) {
if (response.perms) {
// user is logged in and granted some permissions.
// perms is a comma separated list of granted permissions
} else {
// user is logged in, but did not grant any permissions
}
} else {
// user is not logged in
}
}, {perms:'offline_access'});
like that.. call the FB.login again (let say I want people to click on a different button and trigger the extended permisison dialog)
However,it looks ugly,and it doesn't look like a dialog.
Is there a way to generate the dialog? I try to figure out whether FB.ui can help but there is only little information about that.
In addition, I don't think the 'response' callback ever execute. Neither I click "Don't allow" or "allow", won't trigger any call back. any idea?
hihih..anyone can help me?
Finally. find out the solution from another website.
first. after FB.init( ... ); do that:
FB.provide("UIServer.Methods",
{ 'permissions.request' : { size : {width: 575, height: 300},
url: 'connect/uiserver.php',
transform : FB.UIServer.genericTransform }
} );
Then, whenever you need to call the permssion dialog, do that:
FB.ui({method: "permissions.request", "perms": 'email,offline_access'},
callBack);
It took me so long to figure out by looking at the FB object and find out there is UIServer with permissions.request then from that, I keep searching and find this solution. and FB.ui talks nothing about it.. and FB.provide is not documented. THANKS facebook.
You don't need to use javascript or any SDK for this although it would make it easier. You need only to redirect the user to a url like this:
https://graph.facebook.com/oauth/authorize?
client_id=...&
redirect_uri=http://www.example.com/callback&
scope=user_photos,user_videos,publish_stream
You should always redirect the user to the top window either with javascript or the link.
window.top.location = <login_url> or Login
If you are using the PHP SDK or the C# SDK you could have the sdk generate the url for you, but the process is the same.
Also, not that the redirect_uri has to be on the same domain as your iFrame application's url. This will cause Facebook to redirect your user outside of Facebook to your website, you then should redirect the user back to the app inside of facebook. For example:
User clicks login
user goes to Facebook login page
User clicks allow
Facebook redirects the user to http://www.example.com/callback
Your app redirects the user to http://apps.facebook.com/myapp/loggedin
One of the answers suggests a hack in which you call FB.provide() and then FB.ui() to pop up the extended permissions dialog. That solution doesn't work for me, but there is a documented solution now that does. Just call FB.login() to get the permissions you need.
FB.login(function(response){
if (response.authResponse) {
alert('success!');
} else {
alert('fail!');
}
},{scope: 'email'});
Even better, you can ask for extended permissions with the login button.