Upload photos to facebook app page using server-side script - facebook

I have a server-side script, that should upload photo-albums to my facebook app page. How can script obtain page access token?
I know it's possible on client-side, when user logs in into facebook, and then asks for page access token using me/accounts query. But server-side script can not authorize as a user. So how this can be done?
UPDATE: I actually found how the same goal - uploading albums to app page from server-side script - can be achieved in another way, by manually creating never expired page token. It's described in here: https://stackoverflow.com/a/43570120/4050723
But still I wonder, if this can be done programmaticaly, from script.

There is no way to generate a User Token server side, it always needs user interaction. And you do need a User Token to get a Page Token.
You can create an Extended Page Token with an Extended User Token though, as you have found out already.
More information:
https://developers.facebook.com/docs/facebook-login/access-tokens/
http://www.devils-heaven.com/facebook-access-tokens/

Related

Auto Posting to Multiple Facebook Pages using Graph API - Auth Issues

I am pulling my hair out trying to understand what Facebook wants me to do to post to a FaceBook Page as a System User that has Admin and Page Privileges to and Owned by our business (We have Facebook Business Manager).
In a nut shell all I want to do is make this call:
https://graph.facebook.com/v2.5/${MyPageID}/feed
What I don't get is the access_token part.
I can generate access tokes for Apps, for Pages but all result in 403 returned from FaceBook. I have gone as far and checking every box available on the generate access token popup on the graph api and still I get 403 "Forbidden" so I am detailing the little I understand of the insanity that is FaceBook Auth in the hope that someone can explain where I am going wrong.
1) To Post as a System User to a Page I have to Create a FB App (I Would prefer just to post direct to the pages and skip the App part, My System User has Admin Access on All pages)
2) To Access the App I need an App Token.
3) To Create an App token I need a User Token.
4) To Create a user token I need to log in to Facebook and have all sorts of permissions on the App. (I can't log in as the System User! FB asks me to login as myself. I am not sure if this breaks the Auth Token generated?)
5) Then there are all sorts of swapping tokens to get a Permanent App token, Another point of potential failure!
6) IF the stars and moon align and you stand on your head the permanent App key can be passed to the above call as the access_token
I don't understand how to link the Pages I want to post to with the App created. Do I have to have 1 App for Each Page?
I have got one page to work, We initially used that App to Auth against the Instant Article Graph API:
https://graph.facebook.com/v2.5/${MyPageID}/instant_articles
I could not use the above token for the /feed url, I had to generate a new token with extra publish permissions and the page published with no problems, however when I change the ${MyPageID} to another page using the same access_token I get the 403.
I tried Creating a new App, I have no clue how they link to a specific page So the App to me seems sort of redundant.
Any help with what I am doing wrong or how I can go about simply posting to various FB Pages with a System User using the /feed api ?
The calls are made form a Spring Boot Java APP using HTTP Posts.
How to get a System User Auth and Page Auth:
1) Generate a User Token for an App (Button above the System User):
https://business.facebook.com/settings/system-users/${System User ID}?business_id=${your_business_manager_id}
System user has Page Admin on each page you need to post to.
App is just an FB app, not sure what it does other that it is a grouping I generate a token against.
I chose: (manage_pages, publish_pages, publish_actions, pages_manage_instant_articles, pages_show_list)
2) Check your access token:
https://developers.facebook.com/tools/debug/accesstoken/?access_token=${The access token you got from the step above}&version=v2.12
This will provide you with the App ID the Token is for and how long it lasts (we need a Permanent token)
3) Using Graph API Explorer gets the Accounts this token has access to:
https://developers.facebook.com/tools/explorer/${Your FB APP ID}/?method=GET&path=me%2Faccounts&version=v2.12
4) Using the output above find Page Auth for each page you wan to publish to
5) Post to each page in turn:
https://graph.facebook.com/v2.5/${MyPageID}/feed

Facebook App access token to manage pages without having user to login to get user access token

I've read alot of topis, alot of docs. Literally i read them since morning.
From what I got there are few kind types of tokens: App token, App access token, User Token, User access token, Page access token.
While tokens with access allow some kind of action. the non-access tokens seem to allow me to generate a token of access type. Corrent me if I'm wrong. Docs are terrible and some answers are outdated due to facebook updates.
So basically, what I look for is to be able to:
$permanent_token = 'A token, which will allow me to generate access tokens whenever I request';
// And that token could be used for:
file_get_contents('https://graph.facebook.com/v2.1/me/accounts/?access_token='.$permanent_token);
// Some code here to extract page access token and write it to variable $app_token
file_get_contents('https://graph.facebook.com/v2.1/{page_id}/ratings/?access_token='.$app_token);
// Note: I may've missed some steps... those are the ones I lack I think.
Without having to make any user (including me) to login. It's more like I need some kind of API Key and method to generate access token.
And would prefer NOT to use facebook SDK. Just pure graph url calls.
This is the most import page to read about Access Tokens: https://developers.facebook.com/docs/facebook-login/access-tokens
There is the App Token, the User Token and the Page Token. A User Token can be extended to 60 days, a Page Token can be extended to be valid forever.
/me/accounts needs a User token, so there is no permanent Token to use that endpoint.
/{page_id}/ratings/ needs a Page Token and you probably want an extended one.
How to get an Extended Page Token is explained very well int he Facebook docs, here are some articles:
https://developers.facebook.com/docs/facebook-login/access-tokens
http://www.devils-heaven.com/facebook-access-tokens/
http://www.devils-heaven.com/extended-page-access-tokens-curl/
Btw, i suggest not using file_get_contents but CURL.
And in order to get a User Token or Page Token, you MUST authorize/login with a User account. One that is admin of the Page, obviously.
If You are trying to get photos and captions like me, You could do like this:
Enter on facebook developer page: facebook developer
Create an app to the page. (I created to a not mine page)
Access on facebook developer menu: Tools & support and select access token tools.
There you'll find: User token - App token.(There some important text on the top)
copy App token. (should not be hard coded where is possible to see like on javascript)
create a php file to return a JSON.
use file_get_contents($url) function to get a facebook JSON.
echo the file_get_contents return.
finally, get on your page your own returned JSON from the created php file with the data desired and use it.
Obs: My URL is something like this: https://graph.facebook.com/desiredpage/photos?type=uploaded&access_token=013245667890|qwer-adsFGsfgsdGsfg
pay attention to the token on the URL that I pasted.

Automatic post to my facebook page from Node.js server

I have a Node.js server running a social network site and I also have a facebook page for that site. For certain actions performed by users on my site, I want to post details on the facebook page of my app.
I referred to Thuzi facebook node sdk here on how to post to facebook wall. However, it requires app id, app secret and a temporary access token. App id and app secret are constant so I can put them somewhere in my config file and use from there. But how do I get the access token without any interaction from front-end ? All posts will be published by our app only and that too on our own page. I just want this to be triggered by the end user's actions. Any help ?
I am using Sails.js framework btw.
You would need to use an Extended Page Token for that, you only need to create it once and it will stay valid forever. And you will post "as Page" with a Page Token. How to get an Extended Page Token:
Create an App
Use the Graph API Explorer to generate a User Access Token (by authorizing the App with the manage_pages and publish_actions permission)
Extend the User Access Token (valid for 60 days)
Request an Extended Page Token by calling /me/accounts
Store that Extended Page Token on your server and use it for posting on the Page wall.
Here are some additional resources, explaining everything in detail:
https://developers.facebook.com/docs/facebook-login/access-tokens/
https://developers.facebook.com/docs/graph-api/reference/v2.1/page/feed
http://www.devils-heaven.com/facebook-access-tokens/
http://www.devils-heaven.com/extended-page-access-tokens-curl/
I am also digging more in to this nowdays As I am working on a node module for this.
Till now I got to know that we can create a temporary access_token and we can than extend that token upto max 60 days.
For this after getting temporary token you need to make a call to this url to get a access token with 60 days validity.
https://graph.facebook.com/oauth/access_token?client_id=&client_secret=&grant_type=fb_exchange_token&fb_exchange_token=

Posting to a Facebook Page Wall from a Web Server

I've been reading documentation and Stack Overflow link all morning, but I'm just not understanding the correct process to authorize a web server to post to a Facebook page wall.
What I'm not clear on is why I have to post to Facebook as a Facebook User, using an access_token, meaning that this user has to log into Facebook manually to authorize my app.
I'm not trying to authorize a User, nor any of my visitors to do anything with their accounts, so I don't need any permissions from them. Instead, I'm trying to authorize my Web Server to post updates to its wall as a specific Page.
Why do I have to use a user access_token to do this? I'm not attempting to impersonate the user, I'm trying to post to the page as the page...
Is it possible to authorize a user and get their access token without having to create a login page on the Web Server? I don't want to have to require the user to login to make this work, I thought that was the point of having an app ID and Secret?
I guess my question is this: Is it not possible to allow a web server to post to a Facebook page wall as that page, without having to present a login dialog to a specific user? If it is possible, what is the correct workflow to set this up?
In order to post to a Page as a Page, you have to use a Page Access Token. You get that with a User Access Token, and you can extend it so it will stay valid forever.
Steps:
Request a User Access Token with the manage_pages permission (valid for up to 2 hours)
Extend the User Access Token (valid for up to 60 days)
Get the Extended Page Access Token for your Page with the User Session
Store and User The Page Access Token in the publish call
It may sound a bit complicated, but there are many tutorials for this and you donĀ“t actually need to program it, you can just use the Graph API Explorer.
Here are some Links about the Access Tokens:
https://developers.facebook.com/docs/facebook-login/access-tokens/
http://www.devils-heaven.com/facebook-access-tokens/ (see "Extended Page Access Token" for a step by step tutorial)

Facebook with dotnetopenauth

I have created an App on facebook and I am using this app to authorize an user via dotnetopenauth.
Here I would pass APPID and APPSECRET and get the token which would be used to call Facebook Graph to get facebook user details.
If I'm doing this for the first time, user would be asked to enter username/passowrd on the Facebook website and then the session is created in the browser and it will redirect to my website as a Facebook user. This means that if I open a new tab in the current window and open facebook, user will see his/her page directly without asking for username/password. - this is obvious and understandable.
// code
request = WebRequest.Create("https://graph.facebook.com/me?access_token=" + Uri.EscapeDataString(strAccessToken));
response = request.GetResponse();
My query is:
After the scenario above, if user logs out from Facebook website OR I close the browser window, the facebook session is lost. However, I still have the access token (string in the above code) that I got while authenticating.
So, As of this moment I am not storing any user information from Facebook (not even cookies or anything else). I am just requesting user to authorize my application as a Facebook user. When user does that, I get the access token which I can use it to make calls to Graph and REST APIs. This access token usually remains same, so I really dont need to pass the applicaition id and secret to get the token next time onwards. Actually I can request the graph APIs and REST APIs with the stored token and request user details. I have tested this and works fine.
What I am looking for is, if user opens www.facebook.com, user should see his/her personal facebook page which obviosuly is possible only if I have a session in the current browser. Hence, my question was: how do I use my access token OR what call should I make with my access token so that I can set the browser session for the facebook user? Is it possible technically?
Regards,
AG
No. Your access token is used by your web server to call facebook. It's impossible (and undesirable) for this to impact the user's browser in a way that would set a facebook.com cookie so that the user would be implicitly logged into Facebook by your use of the access token.