I am building a new Universal Windows 10 UWP App, and trying to do a Facebook login.
On Facebook, I have set the Windows App section of my app to have the identifier of my app:
Windows : s-1-15-xxxxxxxxxxxx
Windows Phone : fef49b712e5a843cbfeb0c9d780423fc (Not the actual one)
In the package manifest file, I have added the protocol of:
msft-fef49b712e5a843cbfeb0c9d780423fc
Which means I set my redirect_uri parameter to:
msft-fef49b712e5a843cbfeb0c9d780423fc://authorize
When running on a phone (with Windows 10 Mobile Preview) the service works fine, it opens up the Facebook app on the phone (using fbconnect://authorize?.....), which in turn authenticates, and then opens my app back up - perfect!!
However, when trying the same on the desktop it doesn't work. In my Launcher.LaunchUriAsync() is set to have a fallback Uri of the standard Facebook web dialog (https://www.facebook.com/dialog/oauth?.....) - This is because there is no Facebook app for Windows 10 that supports login.
Sending the same redirect_uri through to Facebook, it opens up the web browser (Edge) and asks for permissions etc. once the permissions have been given, nothing happens. It seems as though the protocol handling isn't working.
Any thoughts would be useful.
On desktop, try using the WebAuthenticationBroker instead of Launcher.LaunchUriAsync as described in this example: http://dotnetbyexample.blogspot.de/2015/06/custom-oauth-login-to-facebook-for.html
private async Task<string> AuthenticateFacebookAsync()
{
try
{
var fb = new FacebookClient();
var redirectUri =
WebAuthenticationBroker.GetCurrentApplicationCallbackUri().ToString();
var loginUri = fb.GetLoginUrl(new
{
client_id = AppId,
redirect_uri = redirectUri,
scope = ExtendedPermissions,
display = "popup",
response_type = "token"
});
var callbackUri = new Uri(redirectUri, UriKind.Absolute);
var authenticationResult =
await
WebAuthenticationBroker.AuthenticateAsync(
WebAuthenticationOptions.None,
loginUri, callbackUri);
return ParseAuthenticationResult(fb, authenticationResult);
}
catch (Exception ex)
{
return ex.Message;
}
}
Use WebAuthenticationBroker.GetCurrentApplicationCallbackUri().AbsoluteUri for redirect_uri.
And update the same uri in facebook developer console.
https://developers.facebook.com/apps//settings/
Facebook developer console
Related
I'm new to creating extensions so please bear with me.I'm trying to create an extension that shares the current page URL via Facebook. I followed the instructions Facebook developers site and created a project but i don't know what to put up as the app domain because local host works but chrome-extension://"id" doesn't.
On clicking share button, Error appears"Can't Load URL: The domain of this URL isn't included in the app's domains. To be able to load this URL, add all domains and subdomains of your app to the App Domains field in your app settings."
What do I put as the app domain and url?
I had the same problem. This is my solution:
Turn on Embedded Browser OAuth Login in facebook login settings (https://developers.facebook.com/apps/ -> choose your app -> Add product)
Implement manually login flow (https://developers.facebook.com/docs/facebook-login/manually-build-a-login-flow). Open oauth url in new tab, listen on changes and than when tab update to success page get from url access token, save token to storage and remove tab.
User facebook graph api (https://developers.facebook.com/docs/graph-api)
Use chrome.identity api to avoid protocol issue. It's looks like:
let options = {
interactive: true,
url: 'https://www.facebook.com/dialog/oauth?' +
stringifyQuery(Object.assign({
app_id: 'your app id here',
redirect_uri: `https://${chrome.runtime.id}.chromiumapp.org/provider_cb`,
response_type: 'token',
access_type: 'online',
}))
};
chrome.identity.launchWebAuthFlow(options, function (redirectUri) {
if (chrome.runtime.lastError) {
callback(new Error((chrome.runtime.lastError as string)));
return;
}
const response = parseUrl(redirectUri);
access_token = response[`#access_token`];
callback(null, access_token);
});
I'm struggling to post a picture from my Windows Phone 8 App using the Facebook API.
I start the process with the following
Browser.Visibility = Visibility.Visible;
var authUrl = facebookClient.GetLoginUrl(new
{
client_id = Constants.Facebook.AppId,
client_secret = Constants.Facebook.AppSecret,
scope = "publish_stream",
response_type = "token",
display = "touch",
redirect_uri = "https://www.facebook.com/connect/login_success.html"
});
Browser.Navigate(authUrl);
My Browser Navigated event only fires once with the following URL:
https://m.facebook.com/login.php?skip_api_login=1&api_key=281638808668585&signed_next=1&next=https://m.facebook.com/dialog/oauth?redirect_uri=https%253A%252F%252Fwww.facebook.com%252Fconnect%252Flogin_success.html&scope=publish_stream&response_type=token&client_id=281638808668585&ret=login&cancel_uri=https://www.facebook.com/connect/login_success.html?error=access_denied&error_code=200&error_description=Permissions+error&error_reason=user_denied%23_=_&display=touch&_rdr
I can remember the app showing me the login window once, after which I had to allow access, but it has not done so again.
I believe the Browser need to keep redirecting till facebookClient.TryParseOAuthCallbackUrl(e.Uri, out oauthResult)is successfull, after which I can continue to post the picture but it never gets there, any ideas? I don't get any exceptions
I have created a native app on Windows Phone 7.
The user of the app will provide his login credentials to us when he registers as a new user. What i want to do is to give a handle of share on facebook in my app.
On clicking on the handle the selected image should be posted on to the user's wall and just display a message to the user that the image is posted successfully or not.
The problem is that facebook has not provided with a developent environment for Windows Phone 7 native apps.
I want some alternate solution to this.
thanks for the link. I had already visited the link earlier. I have implemented facebook integration in wp7. Its working properly and i am able to make wall posts.
Here's my code,
//Users clicks on Share on facebook button
private void btnFacebookPost_Click(object sender, RoutedEventArgs e)
{
//Check if access tokens are already set.
if (App.accessTokens == null)
{
GetAccessTokens();
}
else
{
//Use the access tokens to post on facebook
}
}
private void GetAccessTokens()
{
// Navigate user to facebooks login page
// if user has already authenticated your app you'll receive the access tokens directly
webBrowser.Source = new Uri("https://www.facebook.com/dialog/oauth?client_id='your app id'&redirect_uri=https://www.facebook.com/connect/login_success.html&response_type=token&scope='whatever extended permissions you require'");
}
//On The Navigated event of web browser check for access tokens
//Use the facebook c# sdk to get the access tokens from the url
void webBrowser_Navigated(object sender, System.Windows.Navigation.NavigationEventArgs e)
{
FacebookClient fbClient = new FacebookClient();
FacebookOAuthResult oauthResult;
if (fbClient.TryParseOAuthCallbackUrl(e.Uri, out oauthResult))
{
// The url is the result of OAuth 2.0 authentication
if (oauthResult.IsSuccess)
{
App.accessTokens = oauthResult.AccessToken;
}
else
{
var errorDescription = oauthResult.ErrorDescription;
var errorReason = oauthResult.ErrorReason;
}
}
else
{
// The url is NOT the result of OAuth 2.0 authentication.
}
}
Now use the access tokens with the facebook sdk for C#.net to make the wall posts or any other transactions as required.
The problem with this method is that the application user and the facebook's logged in user may be different thus making a transaction to different account.
Since the SSO for WP7 is not available this method should do the trick.
This post { AppSecret with Windows Phone 7 }
indicates that the WP7 sample doesn't use the AppSecret to login from windows phone, but the current sample in the 5.3.2 download does use the secret.
However, FacebookOAuthClient.cs throws exceptions if it isn't provided. Also, http://blog.prabir.me/post/Facebook-CSharp-SDK-Writing-your-first-Facebook-Application.aspx
shows a sample without using the AppSecret.
Reading Facebooks developer docs it appears that the secret is intended for backend (webserver) auth to facebook, not client apps, and that it is poor practice, maybe insecure, and probably fattening to include your secret in your client application.
Do I misunderstand the guidance, or is there some way to authenticate with the facebook-c#-sdk without using the secret?
Thanks!
In WP 7.0 there was a problem with Fragment in Url (all after # was truncated). Facebook return auth token in Url Fragment, so without it it was impossible to authentificate like desktop/mobile app. The solution was to switch to Web mode, where you can receive auth token if you know AppSecret, so it was the only solution for that (but with security gaps).
In WP 7.1 Fragment Url bug was closed and now you can use normal authentification mode (without AppSecret on client).
If you could access anything of mine WITHOUT first having me authorize the app (solely using the app ID without an access token or a app secret), then that would be a HUGE security hole. Not only to my profile, but to any app out there since the app id is public.
The short answer is, you are required to have a user (or other type of) access token or an app secret to get information.
I figured out the problem was not with the SDK, but the Windows Phone 7 sample included. That sample uses the server-side flow. The changes necessary to the example were:
changing:
loginParameters["response_type"] = "code";
to:
loginParameters["response_type"] = "token";
and removing the entire labda function in webBrowser1_Navigated:
...
// The url is the result of OAuth 2.0 authentication.
if (oauthResult.IsSuccess)
{
var oauthClient = new FacebookOAuthClient { AppId = AppId, AppSecret = AppSecret };
// we got the code here
var code = oauthResult.Code;
oauthClient.ExchangeCodeForAccessTokenCompleted +=
(o, args) =>
{
...
and replaced it with this:
if (_fLoginMode && oauthResult.IsSuccess && !string.IsNullOrEmpty(oauthResult.AccessToken))
{
Dispatcher.BeginInvoke(() => NavigationService.Navigate(new Uri("/FacebookInfoPage.xaml?access_token=" + oauthResult.AccessToken, UriKind.Relative)));
}
And, of course removing the AppSecret constant
I have developed a Facebook app using the C# SDK and it is working fine. Now I want to also enable it on mobiles, so I tried to set the "mobile url" to the same one as my canvas url (which is a cloudapp.net address). However, when I try to access it from a mobile, it seems to go into a redirect loop involving my canvas url, the apps.facebook url and the m.facebook/apps url. Sometimes it goes out of the loop and I get the facebook error message saying : "the mobile version of the app is unavailable because it is misconfigured. It appears to be caught in a redirect loop."
I think it may have to do with the fact that the facebooksettings in the webconfig file specify that my cloudapp page should redirect to the apps.facebook.com page, which then redirects to the mobile url and so on. Can someone tell me how to solve this problem - I just want my mobile url to be the same as my canvas url.
Thanks.
If the request is from mobile add extra logic
For v6,
var fb = new FacebookClient();
var desktopLoginUrl = fb.GetLoginUrl(new { .... });
var mobileLoginUrl = fb.GetLoginUrl(new { ...., mobile = true });
For v5,
var urlBuilder = new UrlBuilder(oauthClient.GetLoginUrl(...));
urlBuilder.Host = "m.facebook.com";
var loginUrl = urlBuilder.Uri;