When a user signup with facebook in an app, the user profile information can be stored on the client side. What should be the strategy to refresh this?
with example flow like below.
User sign-up with facebook from client
Facebook returns user profile ( on successful user accept), token
client stores the user profile including profile picture url
client uses the url to show user image in client
user changes profile facebook profile image and deletes old image -> client doesn't get to know about
Given that the token may be still valid, what should be the strategy for the client to make sure the user profile picture url is current ?
To keep the user photo current, link to https://graph.facebook.com/{userid}/picture wherever you would be linking to the image url in the client.
[The /picture edge returns an image by default](https://developers.facebook.com/docs/graph-api/reference/user/picture/]
If you want to know specifically when the user has a new profile photo, periodically check the url of the most recent photo you have against the url field returned by https://graph.facebook.com/{userid}/picture with redirect=false. If the urls differ, the user has changed their photo.
Related
I'm using Firebase (angularfire) and Facebook login in my APP to authenticate my users. However today I realized that the profile image URL had been expired, but the Firebase SDK isn't refreshing it.
Is there a way to solve this or should I request the image using the Facebook API?
I solved this by using the photoURL that can be found within: user.providerData[0].photoURL
Where user is the user data returned on
firebase.auth().onAuthStateChanged( user => {})
And [0] is the index of the Authentication Provider of interest. In my case I only have Facebook authentication, thus the index is 0.
Seems that this URL is somehow being updated... (maybe on user sign in?)
Edit: It seems that the URL is indeed being updated on user sign in. So be aware that if the user is "remembered" by the browser, with this method the image will eventually expire, if the user isn't forced to sign in again before expiration.
Firebase only updates this data after you sign in using a provider:
User signs in with Facebook. Facebook provider data populated.
User updates their Facebook photoURL.
User signs in again with Facebook, the photoURL for the facebook provider is updated.
Sign In again is key here. A user reload will not refresh the user properties.
The top level displayName and photoURL won't be updated though. You will need to do that manually with the relevant API.
If this is not good enough for your needs, you should switch to using the Facebook API.
The best way to use Facebook photos from Firebase is through the facebook ID of the user:
const fbUID = userData.providerData[0].uid
const photoURL = 'https://graph.facebook.com/' + fbUID + '/picture?type=large'
This gives you an image that doesn't expire, and it also always stays up to date with the user's facebook profile pic. Even better, it's much higher quality than the original, and it is visible by anyone! Additionally, there is no need to use the Facebook API to request this. You can actually stick that URL into the browser with any fbUID and it will go right to the user's current profile picture.
Use this as your image url
http://graph.facebook.com/\(FBSDKAccessToken.current()?.userID ?? "")/picture?type=large
I am trying to use the liferay inbuild facebook signin feature. By default facebook connect only stores first name,lastname,email and gender.
I want to get the profile picture of user from facebook and store in the database as userpotrait of a user when he sign up with facebook. How can do it in liferay?
You make the url for the profile picture of the user as -
http://graph.facebook.com/<USERID>/picture?type=normal
Try below URL to get facebook profile image.
http://graph.facebook.com/{your user name}/picture
You can easily get api for get this profile image for facebook also below link might help you.
Facebook API - How do I get a Facebook user's profile image through the Facebook API (without requiring the user to "Allow" the application)
For Store the image you will need to convert as a byte steam and store it using below Util class
UserServiceUtil.updatePortrait(long userId, byte[] bytes)
Hope this helps !
what I need: upload photos to user's fan page as a page, using an app for that
what I have: my website which does uploading, and a user, who created fan page and application, and that app's id and secret
what I do:
call FB.init() with that appId
call FB.login() with manage_pages,publish_stream permissions - this prompts FB login popup where user is asked to login and then to authenticate the app. As the result I get app access token.
Send request to https://graph.facebook.com/oauth/access_token?client_id=APP_ID&client_secret=APP_SECRET&grant_type=fb_exchange_token&fb_exchange_token=TOKEN_FROM_ABOVE to get extended app token valid for 2 months (and therefore page tokens will be extended as well as described here)
Send request to https://graph.facebook.com/me/accounts?access_token=TOKEN_FROM_ABOVE to get a list of pages user manages, and let user to choose the page he wants to publish to.
That gives me PAGE access token I can use to publish photos to user's FAN page using /albumId/photos/ API call.
what is the problem:
the "via" link in the photo redirects user to MY website (where user has authenticated his app to upload to his page):
that is because I had to ask user to enter my website's URL in app settings, otherwise Facebook login dialog will complain:
SO MY QUESTIONS ARE:
Am I doing this right? am I missing something probably?
If I am - then how can I get that "via" link to link to user's website?
Thank you.
how can I get that "via" link to link to user's website?
Not at all, because this always links to the app that was used making a post/upload.
What you could try though is having your website redirect when a user is coming to your site from Facebook. Which post/feed story the user is coming from should be passed to your site as parameters; then you’d only have to figure out which user made that post (look it up in your database), and redirect to their homepage.
I ended up adding client's website URL as a query string parameter into "Site URL" field in the application settings - and then I need to modify my site's backend to do redirects:
http://mysite.com/?redirect=http://client-site.com
How can I pull information from MY profile on Facebook and display it on the website I am developing?
I know I can open a dialog to request login to Facebook, but I don't want to login any user. I want to login MY account and get MY info.
Is for contact card purposes.
Thanks!
You could generate an access token, with offline_access and all the other perms you need, and save that with your uid on your server somewhere. Then make a server request to FB for the data when you need it, cache it, and display it?
I am making a Facebook App which will be only used for Facebook Pages.
I need to provide a post-authorize URL to make some action on Database when a user adds the app to their page.
But i cannot find any place to enter the URL.
Someone can help me ?
EDIT: User will only Add App to their page from Application Profile Page on FB
There is no such thing as "post-authorize URL" for applications working as Page tab. You will never know identity of user who added your application on page via application profile page.
Adding application to page doesn't mean that owner of page authorized the app.
Signed request contain information about page and user interacting with page tab application so you may know if user is admin of the page, liked the page and some additional details, it will include personal details only if user authorized application which should be done as separate step.
The way I'd do it:
List all the PAGE ID on which your user is admin:
FQL: select page_id from page_admin where uid=me()
When a page load your application, using the data contained in the signed_request POST parameter, look if the current page is a new page (just assign a boolean in the database to know if the page is already using the application or is new), and if the page is in fact using the app for the forst time, look if you have the admin in your database (remember? you have linked the PAGE ID and the ADMIN ID together in #1)
From there, you can do whatever you want: display a "application not yet authorized" instead of the normal app in order to wait for the user to pay you, etc...