post facebook feed on Flash AIR Desktop using AS3 - facebook

I need to share Facebook feed using https://graph.facebook.com/me/feed, so I searching and researching until I stumble upon FacebookGraphAPIDesktop.swc. But I failed to login, I already populate the required field (APP_ID, APP_ORIGIN) and make an adjustment on facebook app page too (App Domains & Site URL).
I already init the FacebookDesktop class and try to make a login connection using
var permissions:Array = ["email"];
FacebookDesktop.login(onLogin, permissions);
But it show popup windows contain JSON Invalid redirect_uri, OAuthException, code: 191
Any direction for dong this? bassically I need to show facebook OAUTH login popup and show feed dialog after the login success.
The environment is Flash AIR 17 running on Desktop (not mobile)

When working with Facebook for desktop and not using your own backend servers for login support, set the redirect URI to to https://www.facebook.com/connect/login_success.html.
If you are using your own servers, then the redirect URI should be set to the page that is going to handle the response from Facebook.
In either case, you will need to make sure that you log in to your app on the Facebook developer portal and set the app settings for desktop login and set that redirect URI in there.

Related

FB login with devise

I am using devise in my rails app and doing FB login via oauth
I am successful in doing login from laptop but not through chrome android
Error url is https://m.facebook.com/v2.11/dialog/oauth?client_id=1709176549128219&redirect_uri=http%3A%2F%2Fconsiliumnsit.herokuapp.com%2Fusers%2Fauth%2Ffacebook%2Fcallback&response_type=code&scope=public_profile%2Cemail&state=c96b3d4ce6d9afd513a8239307092ef7be4c6a2c6888765b
When you created your app in facebook developer console you added a redirect uri. The request you are currently sending is coming from a url that you have not currently added. Go edit your project and add it
http://consiliumnsit.herokuapp.com/users/auth/facebook/callback
its on the left facebook login -> settings look for Valid OAuth redirect URIs you can add more then one

Does facebook allow login on any unknown domain policywise?

I am thinking of distributing a Flash game that can inject Facebook JS into any webpage that will host it (many free Flash game portals). I can window.open Facebook login dialog when the host page sets allowScriptAccess.
One of my ideas how to workaround the crossdomain login issue (how to get accessToken back to my Flash game hosted on unknown domain, without fighting cross domain JS and all those browser issues)
Flash generates unique token (tag)
Flash opens comet connection with the tag to our server
Flash opens OAUTH dialog, forwarding tag in redirect_uri to allowed
domain
User signs in with Facebook credentials and is redirected to
redirect_uri with active accessToken (CODE) and tag
Facebook redirects to our server passing accessToken
Our server grabs CODE and tag from GET params and extracts accessToken
Our server forwards accessToken to Flash by comet recognized by the
tag
Finally - Flash can use facebook features with valid accessToken
As I am not a lawyer and those facebook policy docs are not understandable to me...
Question: Would facebook allow this kind of login on any domain? I feel I would be working around some security this way.
The facebook platform policy does not limit you from doing what you want. As long as you pass the login process through your domain (you don't have any other option) and add a "logout" link, you will be fine.

Facebook login with multiple domains

I know that facebook allow me to specify multiple domains for my app.
But in the "Website with Facebook Login" i can only specify one url.
Is it possible for me, to authenticate users on domain.se, domain.dk and domain.net with the same App ? Or should i still create one app, for each domain ?
It is technically possible to use Facebook Connect on multiple domains, there are some limits (5 domains max).
So the key to doing this is adding all domains in the App Domain field under your app settings.
The PROBLEM, however, is that Facebook only lets you add domains that are derived from your Canvas URL or Site or Page tag URLs, so if you try to enter anything else you get an error that looks like this:
The SOLUTION is to create App on Facebook, Website, and Facebook Tab using the ADD PLATFORM button and then put in URLs that point to your other domains. Here is an example of what I mean:
If you use a unique domain for each field you can max out with 5 different domains. I have tested this technique with up to 3 domains, but i think it should work for all 5.
Note: Facebook admin features change from time to time, so all of this is subject to change
As long as you listed all the desired App Domains in application settings you should be able to authenticate users on any of them.
"Website with Facebook Login" is really only intended to be used as link to your site/application.
Update 2 (July 2016):
App domains must match the domain of the Secure Canvas URL, Mobile Site URL, Unity Binary URL, Site URL or Secure Page Tab URL.
Update (December 2013):
At the time of writing original answer it was possible to list any domains in application settings but from that time the UI of Application Settings (as well as way of handling Application Domains) changed at least couple of times, at some point you could only list domains that derive from one of application's canvas pages.
As of December 2013 it is possible (again) to list domains that do not derive from application canvas URL.
Assuming your domains are being served by the same web server and you have access to that web server, you can use the manual login procedure: https://developers.facebook.com/docs/facebook-login/manually-build-a-login-flow to login from as many domains as you wish.
Assume your domains are site1.com,site2.com.... Instead of using the Facebook javascript API, you will simply place a plain old Log In with Facebook button on each site which will redirect the browser to the facebook login page as described in the above article. In the state variable you can specify a code which indicates which of your sites is requesting a login. In the redirect you will use a single service domain which you assign to your web server (e.g. fb.mywebserver.com) and which you specify as the verified redirect url in the facebook login settings page. All the sites will redirect to this same url, avoiding the problem of supporting multiple domains.
Once the user has logged in, the browser will redirect to fb.mywebserver.com and pass it the state, which tells you which site is requesting login and a code which you can use on the back end to retrieve the user's info using the Facebook graph apis. You store this info with a uid in your data store then using the info in state, you redirect to to the appropriate site including a parameter that indicates a Facebook login (e.g. site1.com?fbc={some uid}). The browser will obediently then call site1.com?fbc... Your web server will receive this request and detect the fbc parameter which tells it to associate the corresponding Facebook logged in user with this site. It can then retrieve the logged in users info using the uid and, for example, return a session cookie for this user along with the page. If you generate the page on the server you can, of course, also include a welcome "user" or alternatively, your client code can do an ajax call to retrieve that information.
From the user's standpoint they press the Login with Facebook button, are redirected to a Facebook login page where they login and then are redirected back to your site in a logged in state. Not quite as nice as having the login popup but likely acceptable.
A similar process can be used for google logins as well
Best thing I've found to do in the development/production scenario is add a "Test App", then add a platform for your development web site - as you have to provide where the "page tab url" lives if you use that as a platform.
Facebook requires your "page url" to be live / accessible if you need to apply for status or permission review.
This got me around the "login in development" / "login in production" scenario.

Facebook User Authentication in C#/WPF?

I am new to Facebook app development and have stumbled across a road block. After reading the documentation, I sort of understand that the process of using Facebook login is done in there steps: user authentication -> app authorization -> app authentication. I see where the app authroization/authentication is done, but I can't seem to figure out how to bring up a "user login" screen of Facebook on my WPF. Can anyone advise? Thanks!
First of all you need to register a application in Facebook. Don't forget to give a canvas url when registering an application. After registration you should get app id and app secret values.
https://www.facebook.com/dialog/oauth?client_id=YOUR_APP_ID&redirect_uri=YOUR_URL
YOUR_APP_ID means your application id
YOUR_URL means that application canvas url.
Wpf has a web browser control, you just call the Navigate function and give this url. You should get a Facebook login dialog.
After giving the correct user id and password, Facebook should popup a permission dialog then click the Allow button , you should get a code with redirect url. Then you should parse the code from this url and create a web request to get an access token:
https://graph.facebook.com/oauth/access_token?client_id=YOUR_APP_ID&redirect_uri=YOUR_URL& client_secret=YOUR_APP_SECRET&code=THE_CODE_FROM_ABOVE
YOUR_APP_ID is application id
YOUR_URL is application redirect url
YOUR_APP_SECRET means application secret
THE_CODE_FROM_ABOVE code get from above.
After executing this request, you should get an access token. Using this token you can access Facebook functionality from your application.

Facebook authorization within non-facebook iframe without redirecting

I have a facebook application (not written by me, but have some control of its content) and its designed to run as a canvas iframe app, using the new(er) OAuth login stuff. I want to embed it in an external (i.e. non-facebook) iframe , which works fine when authenticated + authorized as its just a page that talks to facebook.
However, when not authenticated + authorized to run the app, obviously it needs to ask for permissions/login. It does this by redirecting to the relevant auth pages, which works if you do top.location.href, but I'd really like to do it within the iframe e.g. using self.location.href . This doesn't seem to be permitted by facebook as instead of redirecting you to the right page you get a facebook logo and a link to bust out of the iframe and go to the auth page, which I don't want to do.
Is it possible to handle the auth stuff within the iframe, and if so, how? Would really appreciate any info on this!
You should use JavaScript framework of facebook-connect that open a pop-up for permissions
Check this tutorial
http://thinkdiff.net/facebook/graph-api-javascript-base-facebook-connect-tutorial/