I am developing a chatbot in facebook messenger which will allow you to allow to place orders easily and even make payment.
I need to redirect without leaving messenger:
something like that
Do you know how I can achieve this?
When you use the botman studio framework, simply enable your template to enable-> extension:
$question = GenericTemplate::create()
->addImageAspectRatio(GenericTemplate::RATIO_SQUARE);
foreach ($objects as $object) {
$question->addElements([
Element::create($object->code)
->image($object->arch)
->addButton(ElementButton::create("Information")->payload($object->code)->type("postback"))
->addButton(ElementButton::create('add to car')->url('')->enableExtensions('true'))
->addButton(ElementButton::create("back")->payload("back
> and add your domains to your whitelist from config / botman / facebook.php
")->type("postback"))
]);
}
and add your domains to your whitelist from config / botman / facebook.php:
'whitelisted_domains' => [
'https://',
'https://',
],
Add your domains on your facebook page, entering messenger settings, whitelisted_domains and that's all
Related
We have an issue with GA where conversion sources are being lost after a user clicks on a link to our site, goes to the site, and then logs in using Facebook.
My understanding from GTM tips - implement referral exclusions is that our site sees the document.referrer as coming from Facebook and starts a new session, losing the original referrer. If we know the landing page on our site the user sees after logging into Facebook, is it possible to add code to exclude the FB referrer only for that page? I.e, on that one page we have something like (from the linked article):
function() {
var referrals = [
'facebook.com'
];
var hname = new RegExp('https?://([^/:]+)').exec({{Referrer}});
if (hname) {
for (var i = referrals.length; i--;) {
if (new RegExp(referrals[i] + '$').test(hname[1])) {
return null;
}
}
}
return {{Referrer}};
}
We can't simply add facebook.com to the GA exclusion list, as we have campaigns running on Facebook as well, so we'd still need visibility to organic traffic coming from Facebook.
You can copy GA tag and modify the copy with this code. Then fire that copy only on pages where you need to block referrer and block original GA tag on same pages.
If you don't want to have multiple GA pageview tags then use Lookup Table variable based on page paths. For some pages this variable should return your code as a Custom JavaScript variable and a default value should be {{Referrer}}.
Really need some help with this one!
I'm trying to send notifications from a canvas app using the new notifications API but I keep getting the following exception:
OAuthException: (#200) Only web canvas apps can send app notifications
However, the app IS loaded in the Facebook canvas -- I'm making an ajax call to my server when the user takes a particular action which triggers the notification POST request. The user has also authorized the app.
This is the code I'm using:
$graphUrl = $user_id . "/notifications";
$params = array( "access_token" => $admintoken,
"href" => $link,
"template" => "string of text < 180 chars"
);
try {
$result = $facebook->_graph($graphUrl, 'POST', $params);
} catch (Exception $e){
echo $e;
}
I just ran into this too and this is how I solved it, but this may not be relevant to you as you seem certain yours is a Canvas app. Mine is an app that mostly runs off Facebook, but has Facebook integration hooks that means users can authorise my Facebook App and then receive updates about interesting events via the Facebook framework.
I went to edit my App settings in the Facebook Developers app, look on the Settings->Basic page near the bottom. I only had "Website With Facebook Login" checked. I checked "App on Facebook" and this gave me a "Canvas Page" and various other settings. With these filled in and saved, the POST to uid/notifications worked immediately.
Incidentally, going to apps.facebook.com/myappnamehere fails because it redirects to https and the request to my site fails because my SSL isn't set up right, but this didn't prevent notifications being sent under that apps credentials.
Recently, I was facing this same issue and I found that Facebook Web Games are formally known as Facebook Canvas.
So, Just create an Facebook game configuration under Settings->Basic page (You will see add button at the bottom of this page) and your API will start sending notifications.
1:\ Go to developer.facebook.com
2:\ Go to your app Settings \ Basic
3:\ Add new platform from plus at button bottom of the page
4:\ Choose Facebook Canvas
now you may need to fill form with your url
That's it
I am building some forms using the html input tabs in Facebook.
My form actions are post and insert linking to externally hosted php
function files.
The problem is, if the user isn't using Facebook's new https setting, a pop up
is shown with "un secure form"
Is there a why to provide a secure handler externally hosted or is this something
I would have go deeper into Facebook ap making with?
Facebook loads your app into an iframe (using POSTing a form).
When the user is using https with facebook they use the Secure Canvas URL property from the app settings, and when the user is not on secure browsing they use the Canvas URL.
Because of that, your page is not loaded from https but http, which is why that warning is shown to the user by the browser.
What you can do is to check when your page is loading which protocol is used and if it's not https then reload the page from https.
Something like (using window.location object):
var location = window.location;
if (location.protocol != "https:") {
window.location.href = "https://" + location.host + "/" + location.pathname + location.search
}
Or if you don't expect to have urls in your querystring you can simply replace:
window.location.href = window.location.href.replace("http", "https");
Problem is, when a user clicks on FB Login button on my site, Facebook API throws him with a window which ask for access permissions(which is the usual flow). But when the user chooses the proxy mail address (anonymous), then I want to force the user to login only using his real email id.
How am I supposed to handle this ?
I can detect that user used proxy email and prevent him from registering, but then I can't remove my app from his list of authorized apps - meaning I can't get him to that initial dialog for choosing which email he will provide.
You can't force the user to go through the authorization dialog again, because as far as Facebook is concerned, the user has installed your application and nothing else needs to happen. The best thing you can do here is write your own form which informs the user that the Facebook proxy e-mail address is unacceptable and you need a real e-mail address. Unfortunately, this does not force the user to give you their Facebook account e-mail address, or even a real e-mail address. This is the best we have via Facebook though, and it's just something we have to deal with.
UPDATE 5/10/11
I was browsing around the Facebook documentation, and found a method that exists in the old Legacy REST API which actually allows you to remove extended permissions for your app from a user. I think you could use this exact API call to manage getting non-proxy addresses from your Facebook user, while still using the native install dialog.
I tested this using the FB JS SDK and it worked! The method you need to use is the auth.revokeExtendedPermission method. Here are 2 examples of calling that method via the JS SDK and the PHP SDK.
Javascript:
<script>
FB.api({
method: 'auth.revokeExtendedPermission',
perm: 'read_stream'
}, function(response)
{
console.log(response)
});
</script>
PHP:
<?php
$facebook->api(array(
'method' => 'auth.revokeExtendedPermission',
'perm' => 'email',
'uid' => $uid
));
Because these use the Legacy REST API they're not as "supported" as the new Graph API. I've not seen anything regarding migrating this feature to the Graph API. Hopefully they will.
Invoke revocation of the app through graph api (as below) with the php sdk then redirect user back through your dialog with this non-proxy requirement explained.
private function revokeAccess() {
$access_token = $this->facebook->getAccessToken();
$result = $this->facebook->api(array(
'method' => 'auth.revokeAuthorization',
'uid' => $this->{facebook id here},
'access_token' => $access_token
));
return $result;
}
This code is php.
This completely removes the app.
Returns 1 on success; 0 on failure.
$this->facebook == facebook object from the facebook php sdk.
I'm trying to integrate my project with Facebook. I'm taking baby steps at first and just trying to login, get a Facebook session, and get some user data. I'm developing it locally so my Facebook application settings are:
site URL: http://127.0.0.1:8888/mySite/
The canvas URL is the same as above. I haven't specified a site domain.
However, when I click on the login button, I get an error:
API Error Code: 191
API Error Description: The specified URL is not owned by the application
Error Message: redirect_uri is not owned by the application.
At the moment I haven't written any server-side code to deal with redirects, etc. All I've done is add the JavaScript SDK based on the tutorial in Facebook for Websites.
What have I done wrong? It's obviously something to do with my Facebook application settings, but I can't see what!
UPDATE:
To answer the API Error Code: 191
The redirect_uri should be equal (or relative) to the Site URL.
Tip: Use base URLs instead of full URLs pointing to specific pages.
NOT RECOMMENDED: For example, if you use www.mydomain.com/fb/test.html as your Site URL and having www.mydomain.com/fb/secondPage.html as redirect_uri this will give you the 191 error.
RECOMMENDED: So instead have your Site URL set to a base URL like: www.mydomain.com/ OR www.mydomain.com/fb/.
I went through the Facebook Python sample application today, and I was shocked it was stating clearly that you can use http://localhost:8080/ as Site URL if you are developing locally:
Configure the Site URL, and point it
to your Web Server. If you're
developing locally, you can use
http://localhost:8080/
While I was sure you can't do that, based on my own experience (very old test though) it seems that you actually CAN test your Facebook application locally!
So I picked up an old application of mine and edited its name, Site URL and Canvas URL:
Site URL: http://localhost:80/fblocal/
I downloaded the latest Facebook PHP-SDK and threw it in my xampp/htdocs/fblocal/ folder.
But I got the same error as yours! I noticed that XAMPP is doing an automatic redirection to http://localhost/fblocal/ so I changed the setting to simply http://localhost/fblocal/ and the error was gone BUT I had to remove the application (from privacy settings) and re-install my application and here are the results:
After that, asked for the publish_stream permission, and I was able to publish to my profile (using the PHP-SDK):
$user = $facebook->getUser();
if ($user) {
try {
$post = $facebook->api('/me/feed', 'post', array('message'=>'Hello World, from localhost!'));
} catch (FacebookApiException $e) {
error_log($e);
$user = null;
}
}
Results:
For me, it was a missing app domain. Go into the app, and make sure that you have the root of your site set up as an app domain. See screenshot.
This is just because of a URL mistake.
Whatever website URL is specified should be correct.
I mentioned website URL as http://localhost:3000/
and domain as localhost, but in my browser I was running http://0.0.0.0:3000/.
When I ran server as localhost:3000 it solved the problem.
As I mentioned, the site URL as localhost Facebook will redirect to the same, if we are running
0.0.0.0:3000, it will rise error that "Given URL is not allowed by the Application configuration".
I was also facing the same problem when I am using the facebook authentication method.
But I rectify that issue with following changes in Facebook api (Apps >> My App >> Basic).
I removed the url which i have given in
===> App on Facebook (Canvas URLs)
I gave site url only in
===> Website with Facebook Login option
Then i gave that AppId and App Secret in my webpage.
So by clicking on login button, It ask for access permissions then it redirect it to give url (Website with Facebook Login ).
I fixed this by passing the redirect url to the FacebookRedirectLoginHelper::getAccessToken() in my callback function:
Changing from
try {
$accessToken = $helper->getAccessToken();
}
...
to
try {
$accessToken = $helper->getAccessToken($fbRedirectUrl);
}
...
I am developing on a vagrant box, and it seems FacebookRedirectLoginHelper::getCurrentUrl() had issues generating a valid url.
Had the same problem:
$params = array('redirect_uri' => 'facebook.com/pages/foobar-dev');
$facebook->getLoginUrl($params);
When I changed the redirect_uri from the devloper page to the live page, 191 Error came up.
So I deleted the $params:
$facebook->getLoginUrl();
After the app-request now FB redirects to the app url itself f.e.: my.domain.com
What I do now is checking in index.php of my app if I'm inside FB iframe or not. If not I redirect to the live FB page f.e.:
$app = 'facebook.com/pages/foobar-live';
$rd = (isset($_SERVER['HTTP_REFERER'])) ? parse_url($_SERVER['HTTP_REFERER'], PHP_URL_HOST) : false;
if ($rd == 'apps.facebook.com' || (!isset($_REQUEST['signed_request']))) {
echo '<script>window.parent.location = "'.$app.'";</script>';
die();
}
I have noticed also that even if you specify your website under secion - Website With Facebook Login -> Site url as e.g. http://example.com, but if your App Domains section is empty, and you open website as www.example.com you will get this error, too. To avoid it in "App Domains" section write example.com, that will allow subdomains, like www.example.com, something.example.com etc
in the facebook App Page, goto the basic tab. find "Website with Facebook Login" Option.
you will find Site URL: input there put the full URL ( for example http://Mywebsite.com/MyLogin.aspx ). this is the URL you can use with the call like If the APP ID is 123456789
https://graph.facebook.com/oauth/authorize?client_id=123456789&redirect_uri=http://Mywebsite/MyLogin.aspx&scope=publish_actions
Something I'd like to add, since this is error 191 first question on google:
When redirecting to facebook instead of your own site for a signed request, you might experience this error if the user has secure browsing on and your app does redirect to facebook without SSL.
Working locally...
I couldn't get the feeds api to work, but the share api worked pretty much straight away with no problems.
For me it's the Valid OAuth Redirect URIs in Facebook Login Settings. The 191 error is gone once I updated the correct redirect URI.