So I have a code that logs a user in and then should get a list of the user's Pages in which he is an admin of.
FB.login(function (r) {
if (r.authResponse) {
FB.api("/me/accounts", "GET", { access_token: r.authResponse.accessToken }, function (response) {
..//
});
} else {
// not auth / cancelled the login!
}
}, { scope: "manage_pages, publish_pages, publish_actions" });
The problem I think is the user access token generated does not have manage_pages permission even though I asked for it during log in. I confirmed this by getting the user access token generated after logging in and then using Facebook's Access Token Debugger. How do I get a user access token with manage pages permission?
Related
i have submitted my app to verification and have advanced permission over pages_show_list
but after login web when i debug the user token and see it's persmission it gives me that the permission pages_show_list is declined here is my function ;
FB.login(function(response)
{
if (response.authResponse)
{
window.location.href = url;
}
}
,{ auth_type: 'reauthenticate' },{scope: 'public_profile,email,pages_show_list', return_scopes: true});
So how can i get the permission
thanks
I have the following code to display the users on my site.
function getFBData()
{
FB.api(
'/*fbID*/',
function (response) {
if (response && !response.error) {
/*CODE*/
}
}
);
}
getFBData();
It was working fine when a user is logged in, via Facebook plugin, into the site. But nothing is fetched when the user is not logged in.
Is a user really needed to be logged in to execute FB.api?
Actually user must be logged in to Facebook to use Facebook Api,
you can use the code below to check the state of the user to either get his data if connected or ask him to login again.
FB.init({
appId: 'xxxxxxxxxxxxxxxxxxx',
channelUrl: '//www.yoursite.com/fbsdk-channel.aspx',
status: true,
cookie: true,
xfbml: true,
oauth: true
});
FB.getLoginStatus(function (response) {
if (response.status === 'not_authorized') {
/* The user has already logged into FB but not authorized the your webpage */
}
else if (response.status === 'connected') {
/* The user has logged into FB and authorized the "App" to get their user information */
}
else { /* The user has not yet logged into FB */ }
}
It depends, you CAN use FB.api without authorization, but only for API calls that need an App Access Token. For API calls with a User Token, you do need authorization. Of course you canĀ“t grab details of a user (by ID) without authborization, so in your case you must authorize the user.
More information about Access Tokens and login:
https://developers.facebook.com/docs/facebook-login/access-tokens
http://www.devils-heaven.com/facebook-access-tokens/
http://www.devils-heaven.com/facebook-javascript-sdk-login/
Trying to get Meteor Facebook login to work. It functions fully in that it uses Facebook API and requests the correct permissions from the users account and then logs in successfully.
The problem is it doesn't save the permission requested information even though its been approved and only the basic name and ID are available in Meteor.user().services.facebook. Is this code not working because it's not saving the users details on login? I can't find a resource that details how to save or extract the other data.
Simply trying to console log the data to see that it's been extracted out of the Facebook user account on log in.
Within Meteor.isClient code:
Template.login.events({
'click #facebook-login': function(event) {
Meteor.loginWithFacebook({ requestPermissions: ['email', 'public_profile', 'user_friends', 'user_likes']}, function(err){
if (err) {
throw new Meteor.Error("Facebook login failed");
}
console.log(Meteor.user().services.facebook.name);
console.log(Meteor.user().services.facebook.id);
console.log(Meteor.user().services.facebook.email);
console.log(Meteor.user().services.facebook.gender);
});
},
'click #logout': function(event) {
Meteor.logout(function(err){
if (err) {
throw new Meteor.Error("Logout failed");
}
});
}
The config code:
ServiceConfiguration.configurations.remove({
service: 'facebook'
});
ServiceConfiguration.configurations.insert({
service: 'facebook',
appId: 'correctAppID',
secret: 'CorrectSecret'
});
For Facebook v2.4 API after you have requested for certain permissions you can then access them by making a graph API call and requesting them with a valid auth token. The code is as follows:
if (user.hasOwnProperty('services') && user.services.hasOwnProperty('facebook') ) {
var result = Meteor.http.get('https://graph.facebook.com/v2.4/' + user.services.facebook.id + '?access_token=' + user.services.facebook.accessToken + '&fields=first_name, last_name, birthday, email, gender, location, link, friends');
console.log(result.data.first_name);
console.log(result.data.last_name);
console.log(result.data.birthday);
console.log(result.data.email);
console.log(result.data.gender);
console.log(result.data.location);
console.log(result.data.link);
console.log(result.data.friends);
}
Following the standard example from the docs, but it's not working.
Funny thing is that if I do Ti.API.info(fb.getPermissions()), publish actions is listed.
Here's the output from that line:
[INFO] : permissions=
[INFO] : publish_actions,status_update,publish_stream,read_stream,manage_pages
Code:
var fb = require('facebook');
fb.appid = '1234567';
fb.permissions = ['publish_actions', 'status_update', 'publish_stream', 'read_stream','manage_pages']; // Permissions your app needs
fb.authorize();
fb.forceDialogAuth = true;
var data = {
caption: 'This is a test',
picture: blob
};
fb.requestWithGraphPath('me/photos', data, 'POST', function(e){
if (e.success) {
alert("Publish is ok");
} else {
if (e.error) {
alert(e.error);
} else {
alert("Unkown result");
}
}
});
publish_stream is deprecated since years, and competely senseless if you use publish_actions anyway.
That being said, the error message means that the authorization process was not successful. If you are trying as Admin of the Facebook App, you should debug your Access Token after authorization, and make sure that you get asked for the permissions in the process.
If you are NOT trying with an Admin/Developer/Tester of the App, it is most likely because the permissions need to get approved in the Login Review first: https://developers.facebook.com/docs/facebook-login/review
How can I allow a user to revoke access to my application using their API service, SDK. http://developers.facebook.com/docs/sdks/
Looking at the documentation I can't find anything about revoking the access.
For the FB JavaScript SDK:
FB.api('/me/permissions', 'delete', function(response) {
console.log(response); // true
});
in the graph API for the user object you can issue an HTTP DELETE request to /PROFILE_ID/permissions to revoke authorization for an app.
from the official documentation (developers.facebook.com/docs/reference/api/user/):
You can de-authorize an application or revoke a specific extended
permissions on behalf of a user by issuing an HTTP DELETE request to
PROFILE_ID/permissions with a user access_token for that app.
Parameter Description Type Required permission The permission you
wish to revoke. If you don't specify a permission then this will
de-authorize the application completely. string no You get the
following result.
Description Type True if the delete succeeded and error
otherwise. boolean
For anyone who would find this helpful, I was losing sleep and wrecking my brain for days trying to get this to work;
FB.api('/me/permissions', 'DELETE', function(response) {
if (response == true) {
window.top.location = 'logout-facebook.php';
} else {
alert('Error revoking app');
}
});
I finally got this to work when I observed that the "response" being returned was not a boolean but a JSON object.
The JSON object being returned was either;
{
success: "true"
}
OR
{
success: "false"
}
Following that, the correct code was;
FB.api('/me/permissions', 'DELETE', function(response) {
if (response.success == true) {
window.top.location = 'logout-facebook.php';
} else {
alert('Error revoking app');
}
});
Hope this helps someone!
With PHP SDK V 5
$DeletePermsUser = $fb->delete('/{user-id}/permissions/',[],$access_token);