I'm trying to get the code to use with /oauth/access_token to get the access_token for a facebook app. From what I've read (here and in the facebook dev docs about access token), I have to make a request at that adress :
http://www.facebook.com/dialog/oauth/?client_id=269256053176066&redirect_uri=https%3A%2F%2Fwww.outils.ch%2Ffacebook%2Fgroupemutuel%2Fcanevas%2Fadvices%2F&scope=publish_stream,manage_pages
And it should give me back as a get parameter the code to use to generate the access_token. This is where I'm stuck, it redirect me to the facebook app page, but without any code. I've been on this since yesterday and can't figure what I'm missing and dont find any similar post.
Well I finally find out where was the problem, the page was redirecting automatically to the facebook app page (whitout the code). I was able to find the code with chrome console in network tab.
Related
I am new to Facebook App. I am developing my first Facebook Canvas App which links to a webpage hosting on my server.
I can now access the app by either:
(1) go to the Facebook App (http://apps.facebook.com/myappname), or
(2) directly access the webpage through URL(http://mywebsite.com/myapp).
I have set http://mywebsite.com/myapp as my canvas page in FB dashboard settings.
I want to avoid (2) by requiring user to login FB first before they can access the page. I would like to know how can I do that?
This may be a stupid question, but I have read the FB API documents (FB official guide talks a lot about setting custom login page) and searched through a lot of questions but they doesn't seem to fit what I need.
UPDATE:
I have tried something like putting the following in my webpage:
<script> top.location.href = 'http://apps.facebook.com/myappname'</script>
In this case, if user access the page by (1), there's no problem. If user access the page by (2), user will be redirected to Facebook.
However in the client side we can still view the content of the webpage even if user is not logging in to Facebook. I want to achieve this in the server side.
Thank you very much!
I have already solved the problem by using examples from Facebook PHP SDK version 3.
https://github.com/facebookarchive/facebook-php-sdk/blob/master/examples/example.php
We have an fb canvas made from .net mvc that works well via desktop but it doesn't work well in mobile app. We send request then if someone on fb mobile tap on request and opens up the web app, the signed_request returned is different than the desktop counterpart. The payload is missing and it seems shorter than the desktop's. I'm trying to read it as "code" and try getting auth token via https://graph.facebook.com/oauth/access_token?client_id=xxxx&code=[code]&redirect_uri=???. The problem with this is I don't know what the redirect_uri supplied or maybe it's not a code.
Can you guys help me with this or there's no other way but once they click request via mobile app we have them relogin in our web app to grab their fbuserid? And if there's another approach in handling mobile app requests.
Mobile Web URL and the signed_request
This is already outdated so maybe there's a solution already.
Thank you
I'll answer my own question. What you can do is add an extra authorization in your login flow when then access your canvas url via facebook mobile app. You send them to
https://graph.facebook.com/oauth/authorize?client_id=
passing the redirect uri and scope then grab the new generated "code" param and grab the aut token via graph api. Then you can access their facebook detail as you would normally. I've read answers like there's no signed request in mobile web and approach it differently without stating what that approach is. Hope someone can be helped by this answer.
Thanks
I'm trying to build a Facebook app, but everytime I click in authorize, I got an error.
In the code, I'm calling the Facebook API like this:
https://www.facebook.com/dialog/oauth?
client_id=MY_APP_ID
&display=popup
&redirect_uri=http://www.my-url.com/823/
&scope=user_about_me
But instead of authorizing the user, the browser redirect to this URL:
https://www.facebook.com/dialog/permissions.request
And I always get this error:
SECURITY WARNING: Sharing the above URL with anyone is the same as
sharing your Facebook password with them - it will give them access to
your Facebook account. Despite what you may have been promised, you
will not receive cash, a gift card, or free airline tickets in
exchange for this URL.
My Facebook Settings Page:
http://i.stack.imgur.com/g9S9m.png
What am I doing wrong?
Any help would be appreciated! :)
PS: I just tried to change the "redirect_uri", from my site's URL(www.my-url.com/823/) for the canvas page(apps.facebook.com/my-app), and it works.
But I want it to redirect to my site, not for the canvas page.
I had another application that was removed by Facebook last week. The domain I'm trying to use is the same of that old app removed. Is it possible that Facebook put the domain in a black list? Or am I just missing something?
Have you tried to replace the « Website with Facebook Login » by the original URL? (Without the example path (823))
By the way, don't forget to complet app domains.
The problem was that my app was removed by Facebook. When this happens, Facebook puts the site domain in a black list.
The solution was to redirect to the canvas page.
I have a facebook application (not written by me, but have some control of its content) and its designed to run as a canvas iframe app, using the new(er) OAuth login stuff. I want to embed it in an external (i.e. non-facebook) iframe , which works fine when authenticated + authorized as its just a page that talks to facebook.
However, when not authenticated + authorized to run the app, obviously it needs to ask for permissions/login. It does this by redirecting to the relevant auth pages, which works if you do top.location.href, but I'd really like to do it within the iframe e.g. using self.location.href . This doesn't seem to be permitted by facebook as instead of redirecting you to the right page you get a facebook logo and a link to bust out of the iframe and go to the auth page, which I don't want to do.
Is it possible to handle the auth stuff within the iframe, and if so, how? Would really appreciate any info on this!
You should use JavaScript framework of facebook-connect that open a pop-up for permissions
Check this tutorial
http://thinkdiff.net/facebook/graph-api-javascript-base-facebook-connect-tutorial/
just to recap the process:
I call https//graph.facebook.com/oauth/authorize?client_id=.. to get a code.
This redirects the user to the facebook login page. They login. A FB session is created in their browser.
The browser redirects to http//www.mysite.com/connect/callback?code=..
I take that code and exchange it for a token: https//graph.facebook.com/oauth/access … ent_id=...
I use that token to call the Graph and REST APIs, doing stuff on the users behalf like querying on me.
To clarify, I know the token works as I can request information on /me.
My problem is that when I access facebook.com in another tab, I get told that I need to log in and it kicks me out.
I've added in functionality to curl to save cookies and I get:
# Netscape HTTP Cookie File
# http://curl.haxx.se/rfc/cookie_spec.html
# This file was generated by libcurl! Edit at your own risk.
.facebook.com TRUE / FALSE 1134567810 datr 1121456789-111cabef6e8b649338941b9ab289739a38803ec932211a0bec3ee8
Is this correct? Is there anything more that should be there?
Should I be able to authenticate to FB with my external site and then access FB without getting kicked out?
Thanks for any help, I will appreciate it.
Ignore this, as I was always using 1 tab for the facebook page and refreshing it. Apparently theres something in the links of facebook that carry session data. Once I started closing the link when I logged out of facebook and then opening either a new window or tab and then logging into facebook, its fine.