I am trying to get account linking work in my facebook bot.
According to this url FB Documentation developers are supposed to register an authorization_code and on succesfull login need to pass it as a param along with the redirect URI. But following is not mentioned
How to generate authorization_token ? Some specific method or a random number ? or is it the access token of registered FB Page ?
How to register authorize_token
You can use any authorization_code you like.
You don't need to register your authorize_token
Related
I am new to google oath ,
Referring to the documentation of google
While i Generate the login URL
example
https://accounts.google.com/o/oauth2/auth?
redirect_uri=http://www.mywebapp.com/oauth2callback&
response_type=code&
client_id=104608secret-secret-secret-secret.apps.googleusercontent.com&
scope=https://www.googleapis.com/auth/analytics.readonly+https://www.googleapis.com/auth/userinfo.email&
approval_prompt=force&
access_type=offline
This redirects to an accept page showing google email Id
When the user clicks on “Accept” google will redirect the user to your given redirect_url
when i use chrome and
https://developers.google.com/oauthplayground/
Because it redirects screen to accept.
everything will work fine.
But when i use postman it wont return the "access code" of google
What am i making wrong in the url parameters .
I have to create rest service using the above url.
I have searched So for
How to get dummy google access token to test oauth google api?
How can I verify a Google authentication API access token?
https://developers.google.com/identity/protocols/OAuth2
https://www.themarketingtechnologist.co/google-oauth-2-enable-your-application-to-access-data-from-a-google-user/
But non explained about silent login to get token without accept screen
Your callback url receives a "code".
Then you need to exchange your "code" for an access token.
https://aaronparecki.com/oauth-2-simplified/
https://developers.google.com/oauthplayground/
https://developers.google.com/identity/protocols/oauth2
Have created bot.
Have web site where user has been registered using facebook account.
From facebook manually building login flow :
https://www.facebook.com/v2.8/dialog/oauth?
client_id={app-id}
&redirect_uri={redirect-uri}
In the client_id i am sending my website facebookid.
What parameter should i use for redirect uri to make redirect to bot ?
Is it possible to get this work this way ?
Take a look to the SimpleFacebookAuthBot sample to understand all the pieces.
The RedirectUri must be something in your side that will receive the access code that later will be used to get the access token. Here is the implementation of that callback in the sample above mentioned.
invalid redirect_uri error occured in facebook , linkedin ,google+ logins after adding the social login in the magento my website url is http://www.jobixstore.com/
can anyone let me know what to be add in the following
Authorized Redirect URLs:
Default "Accept" Redirect URL:
Default "Cancel" Redirect URL:
It may help to read up on how OAuth 2.0 works with LinkedIn's APIs. More information can be found here: https://developer.linkedin.com/docs/oauth2
In a nutshell, your Magento platform has to have a "listener" endpoint somewhere that LinkedIn will redirect to. I would hope that if you are using a plugin with Magento of some sort, that it would make it clear to you what the callback value should be.
If you are developing your own OAuth code, you would be free to create whatever endpoint you wanted to receive the token back from LinkedIn, and you would use that value in your application's LI configuration.
I had made a Facebook APP for authorization of users on my Website, I am using OAuth Method. In My Site i have kept a Feature called "Login in With Facebook", when user clicks he gets redirected to Facebook with link
https://www.facebook.com/v2.2/dialog/oauth?client_id=<ID>&redirect_uri=<mysite>&state=<some random hash>&scope=
This looks fine enough, Now Facebook asks for Allow and when Users clicks allow, I get a URL Back on my site with a Special parameter called &code= .. It looks like
http://mywebsite.com/facebook&code=<some huge Random code>&state=<hash>
Now, i would like to know what exactly is code= parameter value says, is it the access Token of the User because i don't see special parameters like access_token=. So can somebody tell me what is code means in OAuth and is it same as Access token. ?? How can i verify it.. Please input your thoughts
Your app needs to exchange that code server-side for an access_token
There's specific documentation for this flow but essentially you take the code, your app ID, app secret, and the redirect_uri you used when opening the dialog initially, and make an API call to exchange the code for an access token
You then use the access token to make API calls on behalf of the user
Facebook provides some documentation on the parameters of oauth login.
Login Dialog OAuth 2
Parameters are:
client_id = Your App ID
redirect_uri = Your App Website URL
display = page, popup, iframe, async, touch. How to display login.
scope = permission names. Permissions your app is asking the user to grant to your app.
state = a string included in the response back to your app.
response_type = code or token or both. Used in different ways depending on authorization flow.
Is there more information about different types of oauth functionality and the parameters that go with it?
I want information on how to structure the URL for oauth. I know of a couple of configurations. For example:
https://www.facebook.com/dialog/oauth?
client_id=YourAppID
&redirect_uri=The URL that you designated in your App Settings for your App
&response_type=token //Whether you want a `code` returned, or a `token` returned, or both
&scope=publish_stream // scope prompts the user for the type of permissions being asked for
I saw a discussion that showed this:
https://graph.facebook.com/oauth/authorize?
client_id=123456789
&redirect_uri=http://example.com/
&scope=publish_stream,share_item,offline_access,manage_pages
Note the difference's of the URL's:
/dialog/oauth?
or
/oauth/authorize?
What does authorize do? Does it GRANT permissions instead of ASKING for permissions? Where is the documentation on this?
https://graph.facebook.com/oauth/authorize is also to logging in the person -- Like authenticating a person and to take permission from person whether to access the requested permissions by app.
oauth/authorize is graph api call.
I think major difference may be when you want to build the login flow manually you should use /oauth/authorize.. else if you are using javascript/Apps api provided by facbook it uses /dialog/oauth. Apps normally need to confirm that the response from the Login dialog was made from the same person who started it. If you're using Facebook's JavaScript SDK it automatically performs these checks so nothing is required, assuming that you're only making calls from the browser. More over we can make graph api calls secure by applying appsecret_proof.