I'm building a windows phone 8.1 app that allow user to login facebook account.
There is my code:
string productId = "myproductid";
string facebookAppId = "myfacebookappid";
string redirectUri = "msft-"+productId+"://authorize";
string scope = "public_profile,email"; // What you want to fetch from the facebook user
string responseType = "token"; // Other response types possible
UriBuilder authUri = new UriBuilder("https://www.facebook.com/dialog/oauth");
authUri.Query = "client_id=" + facebookAppId + "&redirect_uri=" + redirectUri + "&scope=" + scope + "&response_type=" + responseType;
var success = await Windows.System.Launcher.LaunchUriAsync(uriToLaunch);
And code in App.xaml.cs:
protected override void OnActivated(IActivatedEventArgs args)
{
base.OnActivated(args);
if (args.Kind == ActivationKind.WebAuthenticationBrokerContinuation)
{
App.MobileService.LoginComplete(args as WebAuthenticationBrokerContinuationEventArgs);
}
if (args.Kind == ActivationKind.Protocol)
{
ProtocolActivatedEventArgs eventArgs = args as ProtocolActivatedEventArgs;
WwwFormUrlDecoder decoder = new WwwFormUrlDecoder(eventArgs.Uri.Fragment);
string fbAccessToken = decoder.GetFirstValueByName("#access_token");
/* Now you can use the access token to interact with the Facebook API */
}
}
But how to get user's email and profile from "fbAccessToken"?
Thanks.
You can use the graph APIs of facebook
graph.facebook.com/me?access_token={0}
Please refer this link - https://developers.facebook.com/docs/graph-api/using-graph-api/v2.3
Add scope/Extended Permission to get user profile etc.,
string scope ="user_about_me,read_stream,publish_actions,user_birthday,offline_access,email"
Related
It seems that nowdays there's no way to allow to post onto facebook user groups via a new, unreviewed app.
I've created an App with live features availible to gen public, with approvements for email, public_profile, user_friends.
I'm trying to post on the wall of a group I've created and I'm an admin of.
Now, when firing up my code, I get the nasty "OAuthException - #200) (#200) Insufficient permission to post to target..." exception.
Posting my wall work perfectly...
public class HomeController : Controller
{
private const long GroupId = 15473890820xxxx;
//
// GET: /Home/
public ActionResult Index(string code)
{
ViewBag.Message = "Welcome to Facebook App Demo!";
//user denied permissions on Facebook.
if (Request["error_reason"] == "user_denied")
{
//this is not implemented. For reference only.
return RedirectToAction("LogOn", "Account");
}
if (string.IsNullOrEmpty(code))
{
ViewBag.Error = "There was an error while loggin into Facebook. Please try again later.";
return RedirectToAction("LogOn", "Account");
}
var fb = new FacebookClient();
dynamic result = fb.Post("oauth/access_token", new
{
client_id = "93199615018xxxx",
client_secret = "2089ae4447877e7388500b844235xxxx",
redirect_uri = "http://localhost:13301/",
code = code
});
var appToken = result.access_token as string;
// update the facebook client with the access token so
// we can make requests on behalf of the user
fb.AccessToken = appToken;
//get extended App/User Token
dynamic result2 = fb.Get("oauth/access_token", new
{
client_id = "93199615018xxxx"
client_secret = "2089ae4447877e7388500b844235xxxx",
grant_type="fb_exchange_token",
fb_exchange_token = appToken,
// code = code
});
var extendedAppToken = result2.access_token as string;
//generate Extended User Token (valid for 60 days)
Session["Facebooktoken"] = extendedAppToken;
dynamic me = fb.Get("me/accounts");
var response = fb.Get("/me/accounts?access_token=" + extendedAppToken) as JsonObject;
return View(me);
}
[HttpPost]
public ActionResult Index(FormCollection collection) //rename to PostWall
{
ViewBag.Message = "Welcome to Facebook App Demo!";
// Post to the wall..
try
{
if (Session["Facebooktoken"] != null)
{
string message = collection["txtPost"].ToString();
FacebookClient client = new FacebookClient(Session["Facebooktoken"].ToString());
dynamic result = client.Post(GroupId+"/feed", new
{
message = message
});
ViewBag.SaveMessage = "Successfuly Post on your wall : " + result.id;
}
else
{
return RedirectToAction("LogOn", "Account");
}
}
catch (Exception ex)
{
ModelState.AddModelError("", ex.Message);
}
return View();
}
public ActionResult About()
{
return View();
}
}
public class AccountController : Controller
{
//
// GET: /Account/
public ActionResult LogOn()
{
return View();
}
[HttpPost]
public ActionResult LogOn(LogOnModel model, string returnUrl)
{
var facebookAppId = "93199615018xxxx";
var facebookAppSecret = "2089ae4447877e7388500b844235xxxx";
var facebookRedirectUrl = "http://localhost:13301/";
//
var facebookScope = "email,publish_pages,publish_actions,manage_pages,user_managed_groups,user_hometown,user_website";
if (facebookAppId != null && facebookAppSecret != null && facebookRedirectUrl != null && facebookScope != null)
{
var url = string.Format(#"https://www.facebook.com/dialog/oauth/?client_id={0}&redirect_uri={1}&scope={2}", facebookAppId, facebookRedirectUrl, facebookScope);
Response.Redirect(url, true);
}
return this.RedirectToAction("Index", "Home");
}
}
Any clue on how to set up an testing environment for above functionality without the extra-round of establishing a fully fledged App that has to be reviewed by Facebook admins? I've looked on testing versions for Apps and Users, but no groups either.
Many thanks in advance
Darren, thanks for your considerations. It seems like due to my privacy restrictions I couldnt get any group info of my personal account. Either programmatically, nor manually in Facebooks Graph API Explorer.
It worked finally on an business (fan)'Page' profile by getting an 'long-lived' Page Access Token in facebooks Access Token Debuger.
Yes, user_managed_groups and publish_actions had been enabled.
i am creating an application in asp.net, which will use the user's facebook data using its api's,
but in order to access the Fb api's we need to perform the OAuth(2.0) first.
i did that too by using the DotNetOpenAuth library in the following code:
private static readonly FacebookClient client = new FacebookClient
{
ClientIdentifier = ConfigurationManager.AppSettings["fbAppID"],
ClientCredentialApplicator = ClientCredentialApplicator.PostParameter(ConfigurationManager.AppSettings["fbSecret"]),
};
protected void Page_Load(object sender, EventArgs e)
{
IAuthorizationState authorization = client.ProcessUserAuthorization();
if (authorization == null)
{
// Kick off authorization request
client.RequestUserAuthorization();
}
else
{
var req = WebRequest.Create("https://graph.facebook.com/oauth/access_token?client_id=" + ConfigurationManager.AppSettings["facebookAppID"] + "&client_secret=" + ConfigurationManager.AppSettings["facebookAppSecret"] + "&grant_type=fb_exchange_token&fb_exchange_token=" + Uri.EscapeDataString(authorization.AccessToken));
var request = WebRequest.Create("https://graph.facebook.com/me?access_token=" + Uri.EscapeDataString(authorization.AccessToken));
using (var response = request.GetResponse())
{
using (var responseStream = response.GetResponseStream())
{
var graph = FacebookGraph.Deserialize(responseStream);
this.nameLabel.Text = HttpUtility.HtmlEncode(graph.Name);
}
}
}
}
my question here is, how can i get the long-lived access token of facebook using the DotNetOpenAuth library, so that user do not need to login again and again and i can store that somewhere.
please help me.
If possible use Facebook SDK for .Net to create access token for long time. may be 60 days.
using Facebook;
var cl = new FacebookClient(short_lived_access_token);
dynamic result = client.Post("oauth/access_token", new
{
client_id = "your app id",
client_secret = "your app secret",
grant_type = "fb_exchange_token",
fb_exchange_token = client.AccessToken
});
var long_lived_access_token = result.access_token;
I am stucked in authenticating my application running on Shiro with Facebook OAuth. I really don't know what am I doing wrong. Bascially, my problem is when I get a "code" from Facebook. I want shiro to authenticate it using that code.
This is my authentication code.
FacebookToken token = null;
try{
org.apache.shiro.subject.Subject currentUser = SecurityUtils.getSubject();
//currentUser.logout();
//This is done to avoid temporary multiple url hit.., when the user is not logged out
token = new FacebookToken(code);
currentUser.login(token); //returns true if valid
result = true;
}catch (UnknownAccountException uae) {
log.info("There is no user with username of " + token.getPrincipal());
} catch (IncorrectCredentialsException ice) {
log.info("Password for account " + token.getPrincipal() + " was incorrect!");
} catch (LockedAccountException lae) {
log.info("The account for username " + token.getPrincipal() + " is locked. " +
"Please contact your administrator to unlock it.");
}
// ... catch more exceptions here (maybe custom ones specific to your application?
catch (AuthenticationException ae) {
log.info("Authentication exception Here.");
}
Here is my facebook token class:
public class FacebookToken implements AuthenticationToken {
private static final long serialVersionUID = 1L;
private String code;
public FacebookToken(){
}
public FacebookToken(String code){
this.code = code;
}
public Object getCredentials() {
return null; //Credentials are handled by facebook
}
public String getCode() {
return code;
}
public void setCode(String code) {
this.code = code;
}
public Object getPrincipal() {
return null; //Not known facebook does the login
}
I have the realm for facebook that is extending authorization realms.
public class FacebookRealm extends AuthorizingRealm {
}
and finally here is my shiro.ini file:
[main]
#authc.loginUrl = /login
#authc.successUrl = /hello
#logout.redirectUrl = /hello
# ------------------------
# Database
# Own Realm
jdbcRealm = com.shiro.common.controller.MyCustomRealm
facebookRealm = com.facebook.login.FacebookRealm
# Sha256
sha256Matcher = org.apache.shiro.authc.credential.Sha256CredentialsMatcher
# base64 encoding, not hex in this example:
sha256Matcher.storedCredentialsHexEncoded = false
sha256Matcher.hashIterations = 1024
#Facebook Credential matcher
fbCredentialsMatcher = com.facebook.login.FacebookCredentialsMatcher
jdbcRealm.credentialsMatcher = $sha256Matcher
facebookRealm.credentialsMatcher = $fbCredentialsMatcher
# User Query
# default is "select password from users where username = ?"
jdbcRealm.authenticationQuery = SELECT password, salt FROM User WHERE email = ?
# permissions
jdbcRealm.permissionsLookupEnabled = true
jdbcRealm.userRolesQuery = select roleName from UserRole where email = ?
jdbcRealm.permissionsQuery = select permission from RolesPermission where roleName = ?
# Connection
ds = com.mysql.jdbc.jdbc2.optional.MysqlDataSource
ds.serverName = localhost
ds.user = root
ds.password = root123
ds.databaseName = testdb
jdbcRealm.dataSource=$ds
#authc.usernameParam = email
#authc.passwordParam = password
#authc.failureKeyAttribute = shiroLoginFailure
# Use Built-in Chache Manager
builtInCacheManager = org.apache.shiro.cache.MemoryConstrainedCacheManager
securityManager.cacheManager = $builtInCacheManager
#securityManager.realms = $facebookRealm,$jdbcRealm
securityManager.realms = $facebookRealm
# -----------------------------------------------------------------------------
[urls]
#/hello = authc
#/login = authc
#/admin.jsp = authc, perms["admin:access"]
Now when do i debug and reach at currentuser.login methods and go inside, it throws an exception saying
Realm [FacebookRealm#52039826] does not support authentication token [FacebookToken#132d9844]. Please ensure that the appropriate Realm implementation is configured correctly or that the realm accepts AuthenticationTokens of this type.
Please suggest me whether am I doing correct, or not !! Am i missing any configuration or any thing else. Thank you !!
You should extend your FacebookRealm with the following method:
#Override
public boolean supports(AuthenticationToken token) {
return token instanceof FacebookToken;
}
or add the following line to your ini:
facebookRealm.authenticationTokenClass=<realpackage>.FacebookToken
I am using FB SDK in .net, and on my website there are multiple Facebook emails configured by the user.
Whenever the user wants to post any message on FB, he can pick any email and should be able to login on FB.
The problem is that if the user already logged-in in to FB but wants to post message on some other FB account we are not able to show him the login screen and the message gets posted on the already logged-in account.
Even though we have users auth_type=reauthenticate but this also didn't help to show login screen each time. I need a mechanism like on twitter to force login on FB.
Can anyone please provide help?
A Facebook App – Take note of your App ID and App Secret
Json.NET Installed in your Bin. Download Here: http://json.codeplex.com
The following references need to be added to the page your app will be set up on:
using Newtonsoft.Json.Linq;
using Newtonsoft.Json.Serialization;
using System.Collections.Generic;
using System.Security.Cryptography;
This is the HTML content:
<div id="fb-root"></div>
function runLogin() {
FB.init({
appId : 'ENTERYOURAPPIDHERE',
status : true,
cookie : true,
xfbml : true,
channelURL: 'ENTERTHEPAGEYOURAPPURLPOINTSTOHERE', // channel.html file
oauth : true
});
<div id="dontLike">
PAGE IS <b>NOT</b> Liked
</div>
</form>
Open up your code-behind for the page. We validated the code signed request.
public bool ValidateSignedRequest()
{
var VALID_SIGNED_REQUEST = Request.Form["signed_request"];
string applicationSecret = "YOURAPPSECRET";
string[] signedRequest = VALID_SIGNED_REQUEST.Split('.');
string expectedSignature = signedRequest[0];
string payload = signedRequest[1];
// Attempt to get same hash
var Hmac = SignWithHmac(UTF8Encoding.UTF8.GetBytes(payload), UTF8Encoding.UTF8.GetBytes(applicationSecret));
var HmacBase64 = ToUrlBase64String(Hmac);
return (HmacBase64 == expectedSignature);
}
private string ToUrlBase64String(byte[] Input)
{
return Convert.ToBase64String(Input).Replace("=", String.Empty)
.Replace('+', '-')
.Replace('/', '_');
}
private byte[] SignWithHmac(byte[] dataToSign, byte[] keyBody)
{
using (var hmacAlgorithm = new HMACSHA256(keyBody))
{
hmacAlgorithm.ComputeHash(dataToSign);
return hmacAlgorithm.Hash;
}
}
public Dictionary<string, string> DecodePayload(string payload)
{
//Remove the bad part of signed_request
//Begin
string[] sB64String = payload.Split('.');
payload = payload.Replace((sB64String[0] + "."), string.Empty);
//End
var encoding = new UTF8Encoding();
var decodedJson = payload.Replace("=", string.Empty).Replace('-', '+').Replace('_', '/');
var base64JsonArray = Convert.FromBase64String(decodedJson.PadRight(decodedJson.Length + (4 - decodedJson.Length % 4) % 4, '='));
var json = encoding.GetString(base64JsonArray);
var jObject = JObject.Parse(json);
var parameters = new Dictionary<string, string>();
parameters.Add("page", ((bool)jObject["page"]["liked"]).ToString());
parameters.Add("admin", ((bool)jObject["page"]["admin"]).ToString());
return parameters;
}
protected void pageLike()
{
string pageLiked = string.Empty;
var signed_request = Request.Form["signed_request"];
var json = DecodePayload(signed_request);
foreach (KeyValuePair<string, string> objKVP in json)
{
//Note You can also see if a user is an admin by replacing the objKVP.Key with admin
if (objKVP.Key == "page" && objKVP.Value == "True")
{
Response.Redirect("https://www.YOURSITE.com/facebook/app/pageLiked.aspx");
litJson.Text += objKVP.Key + " - " + objKVP.Value + "<br />";
}
}
}
protected void Page_Load(object sender, EventArgs e)
{
pageLike();
}
You can see this example at this link: http://blog.daniellecopp.com/2012/03/19/detect-if-facebook-user-likes-your-page-with-asp-net-2/#comment-52
I'm using DotNetOpenAuth v3.5.0.10357 and each time a user authenticates against Facebook I get a different claimed identifier back. The token looks to be encrypted so I assume DNOA is somehow encrypting the token along with the expiry. Can anyone confirm this? Or am I using it wrong:
public ActionResult FacebookLogOn(string returnUrl)
{
IAuthorizationState authorization = m_FacebookClient.ProcessUserAuthorization();
if (authorization == null)
{
// Kick off authorization request
return new FacebookAuthenticationResult(m_FacebookClient, returnUrl);
}
else
{
// TODO: can we check response status codes to see if request was successful?
var baseTokenUrl = "https://graph.facebook.com/me?access_token=";
var requestUrl = String.Format("{0}{1}", baseTokenUrl, Uri.EscapeDataString(authorization.AccessToken));
var claimedIdentifier = String.Format("{0}{1}", baseTokenUrl, authorization.AccessToken.Split('|')[0]);
var request = WebRequest.Create(requestUrl);
using (var response = request.GetResponse())
{
using (var responseStream = response.GetResponseStream())
{
var graph = FacebookGraph.Deserialize(responseStream);
var token = RelyingPartyLogic.User.ProcessUserLogin(graph, claimedIdentifier);
this.FormsAuth.SignIn(token.ClaimedIdentifier, false);
}
}
return RedirectAfterLogin(returnUrl);
}
}
Here's the code for FacebookAuthenticationResult:
public class FacebookAuthenticationResult : ActionResult
{
private FacebookClient m_Client;
private OutgoingWebResponse m_Response;
public FacebookAuthenticationResult(FacebookClient client, string returnUrl)
{
m_Client = client;
var authorizationState = new AuthorizationState(new String[] { "email" });
if (!String.IsNullOrEmpty(returnUrl))
{
var currentUri = HttpContext.Current.Request.Url;
var path = HttpUtility.UrlDecode(returnUrl);
authorizationState.Callback = new Uri(String.Format("{0}?returnUrl={1}", currentUri.AbsoluteUri, path));
}
m_Response = m_Client.PrepareRequestUserAuthorization(authorizationState);
}
public FacebookAuthenticationResult(FacebookClient client) : this(client, null) { }
public override void ExecuteResult(ControllerContext context)
{
m_Response.Send();
}
}
Also, I am using the RelyingPartyLogic project included in the DNOA samples, but I added an overload for ProcessUserLogin that's specific to facebook:
public static AuthenticationToken ProcessUserLogin(FacebookGraph claim, string claimedIdentifier)
{
string name = claim.Name;
string email = claim.Email;
if (String.IsNullOrEmpty(name))
name = String.Format("{0} {1}", claim.FirstName, claim.LastName).TrimEnd();
return ProcessUserLogin(claimedIdentifier, "http://facebook.com", email, name, claim.Verified);
}
It looks as though FacebookClient inherits from WebServerClient but I looked for the source on GitHub and I don't see a branch or a tag related (or at least not labeled) with the corresponding v3.5 version.
Facebook does not support OpenID. Claimed Identifier is an OpenID term. Facebook uses OAuth 2.0, so you're mixing up OpenID and OAuth.
Facebook sends a different access token every time, which is normal for the OAuth protocol. You have to use the access token to query Facebook for the user id that is consistent on every visit.
I think you need to add the offline_access permission in the token request as well, see https://developers.facebook.com/docs/reference/api/permissions/