Facebook: submitting a native Windows app for review - facebook

I built a native Windows app (non Windows-Store) that uses the Facebook API.
I wanted to make it public which means going through their review process which means (among other things) selecting the app's platform.
Sadly a native Windows app is not one of the choices: Facebook app platform selection screenshot
I found 2 unanswered questions on SO on the same topic:
one
two
How should this be done in a proper way?
Thanks in advance.
PS:
I found a post a few days ago where the poster said he registered such an app by setting the platform to "web site" (I didn't keep the link).
This does not look like a good long term solution and also I don't have a domain to provide.

In short, you must set your platform to Web.
The reason for this can be found in the official documentation on building your native logon flow. There is no secure way of creating a logon flow without a server, as this would imply storing your App Secret inside your binary or app config file.
So the recommended (and only supported) way is to create a server which stores the App Secret and handles authentication for you. And use this server from the WebBrowser/WebView control which you embed into your native application.
This means you use the logon flow from a web browser via a custom server and you should have a domain for it (a domain is quite cheap nowdays, it should not be a problem). So you are building a web app embedded into a native app.
For a successful login review do the following:
Choose Web as your platform
On the Settings page in the Advanced tab choose Native App.
Create a screencast (Start your app, logon, use all the requested permissions and that's it. Do not edit it!) and upload it to the web (YouTube/Vimeo/...)
When submitting provide a link to your screencast.

Related

Is it allowed to use Data retrieved from an Instagram Basic Display API App in Development Mode for production purposes?

My use case is fairly simple: I want do display the latest images of an Instagram profile I own on a public website I own.
For this purpose I've written an integration of the Instagram Basic Display API, registered an app with https://developers.facebook.com/apps/, implemented an automated access token renewal mechanism and everything works locally.
So, as I'm about to publish this feature to the website, I'm not able to find any official policy from Facebook that clearifies whether or not I'm required to put this app in "Live Mode".
Technically, "Live Mode" has no benefits to my use case and I'd find it way out of proportion to go through an App Review process, just to display a list of images that are my own anyway. So my question is:
Given this scenario, is it allowed to keep said App in "Development Mode", while still using its data for production purposes?
And: Are there any official statements on this, that any of you might be aware of and that I'm just not able to find?
I found this: https://developers.facebook.com/blog/post/2019/09/23/live-mode-for-production-use/
But even though the headline is fairly unambiguous, the article itself doesn't help making the issue any clearer...
It is OK to use Development mode in such case: https://developers.facebook.com/docs/app-review/introduction
If your app will only be used by app users who have a role on the app or claimant Business, App Review is not required and your app does not need to be switched to Live mode.

Is it possible to create a desktop app using facebook oauth 2.0 authentication without requiring a browser interaction?

Is it possible to have a client app which can authenticate using Facebook but without requiring browser(I mean no embedded browser in the code)?? User inputs the username/password and allow access to app using the client app only.
Any Suggestions will be of great help.
Thanks,
Tara Singh
Edit: I have created app in Python which requires browser interaction. Now I want to get rid of that and do it using my client app only. Any Links/Tutorials??
Thanks Again
I know this is an old question and it's answered but I thought 'horse mouth GET'. From Facebook: https://developers.facebook.com/docs/authentication/...
Our OAuth 2.0 implementation does not
include explicit desktop app support.
However, if your desktop app can embed
a web browser (most desktop frameworks
such as .NET, AIR and Cocoa support
embedding browsers), you can use the
client-side flow with one
modification: a specific redirect_uri.
Rather than requiring desktop apps to
host a web server and populate the
Site URL in the Developer App, we
provide a specific URL you can use
with desktop apps:
https://www.facebook.com/connect/login_success.html...[cont]
Actually the answer is absolutely not.
In order to authorize your app a user has to enter their facebook username and facebook password on facebook site and you need web browser for this. There is no way to skip this step (you can't ask what their username and password are and then exchange it automatically for access token). You can read more about this here.
absolutely yes, but, we'll need to know which programming language you want to use before we can give much advice.
For example, it's possible using httpclient for java and python to encapsulate all the functionality you need, others can chime in with libraries that they use for C, C++, perl, etc.
[edit]
search for httpclient and how it's used with python. if you run wireshark on your system, you will be able to watch the data interchange (if you don't understand the http protocol completely) and then implement that in your code.[/edit]
Some good links in this regard:
http://developers.facebook.com/blog/post/289/
https://developers.google.com/identity-toolkit/
https://developers.google.com/accounts/docs/OpenID
http://facebooktoolkit.codeplex.com/
http://csharpsdk.org/
http://blogs.msdn.com/b/appfabric/
Apparently now you can, if you're a beta tester for their newest feature: https://developers.facebook.com/docs/authentication/devices/ Reminds me of PIN's on Wifi
Yes and no,
I've had the same problem with my server. It was console only, so I had to make a solution. First I've logged in using the lobo java webbrowser. I've transfered the cookies of lobo to my server.

Creating Facebook App

Im new to facebook applications. I recently created a webapp that consisted of html & php. But recently Ive decided that integrating my webapp within facebook would be useful. Any tips on where to start? Ive looked over developers.facebook.com and im confused. It appears they are in the process of updating. Ive come across a few guides but there from a few years ago. This app will run completely within facebook and im probably gonna have to rewrite all the code. Any guides or suggestions?
Thanks!
You didn't specify the programming language you're using but if you're developing asp, start by looking into Facebook c# sdk here: http://facebooksdk.codeplex.com/
If you're using any other language (i.e. php), try looking into respective software dev. kits (i.e. facebook php sdk). They will facilitate your job in comparison to starting raw development all by yourself.
Tim, if you want to get into the business of working with Facebook, you need to know right away that they are always in the process of updating. That being said, you should learn some Facebook terminology so you can do more research and figure out what you want to do.
Applications that run within the Facebook interface are called Canvas Apps. Your application is hosted on your own server, and Facebook simply adds an iframe in their UI that points to your app's URL.
Another way to go to create a webapp that uses your own design, but still utilizes a single sign-on system from Facebook. This used to be called a Connect App but now they don't really have a name for it. Basically, you can use Facebook's authorization system to pull Facebook user data into your own database, which basically eliminates the need for a registration page. The authorization system prompts the user to allow your app to get specific data about them - once they authorize it, your app has access to do whatever the user gave it permission to do.
The best document to wrap your brain around is about authentication: http://developers.facebook.com/docs/authentication/
Give that a whirl, and good luck!

iPhone: Pass information from web page to app that's downloaded from App Store

I'm trying to glue information from a web page to an iPhone app that said web page suggests to download. I control both the web page and the downloadable app.
Scenario is like this:
User visits my web page, on which I recognize the user (he may have logged in, and I store his info in a cookie). I then present a link to him to an app in the App Store that he should download for "enhanced experience" of this web service of mine.
Now, when the user launches the downloaded app on his iPhone, I like to re-identify the user who previously visited said web page.
All would be easy if an iPhone app could read Safari's cookies. But it can't.
A somewhat lame solution could be that the web server stores the visitor's IP address and uses that to recognize him once he launches the iPhone app. But that's not reliable.
Another one would be to give the user a token (code) that he needs to remember and then re-enter in the app. Still quite awkward, I think.
Any better suggestions?
Simply put, you can't do this.
One thing you could consider is a custom URL scheme to launch the app. You could send the user an email that uses this custom link. However there's a couple of problems with this:
the user may not have the account that they used to register for your site set up on their iPhone. This might seem unlikely, but say the user signed up for your site 5 years ago with their Hotmail account and they have since switched to Gmail.
it's unlikely that the email would fit into their workflow. They would probably download the app and just launch it by touching the icon instead of clicking a link in a received email.
You could also put the custom URL as a link on your web page, but again, this won't fit into the workflow because they have to go to the App Store app to do the download.
Consider this - if you've got some sort of website that has an authentication step, it's probably a fair bet to say that the user is the type of person who already has an application such as Facebook installed on their iPhone. They are already used to the paradigm of having to enter their credentials into an application despite the fact that they may have already done it in Safari.
If you could read the unique iPhone device ID from javascript on your web page, you could look for that again when the application connected...
But I cannot find any means of reading this from Javascript in Mobile Safari, I thought I'd post in case there is a way now to give you another option to consider.
OK, we found a somewhat working solution: The html code can create a cookie. Later, when the app runs, it can't directly read that cookie, of course (due to the sandboxing of iPhone apps). However, it can connect to the server, then open a http URL pointing to the server and including a unique token that it has gotten from the server beforehand. This leads to launching Safari, accessing the server. The server can now read the aforementioned cookie and finally establish the connection with the help of the token.
Just stumbled over this question and I'm curious if you thought about using a UIWebView.
Where the question is - does UIWebView share cookies with safari?
If it does the rest should be easy.
UIWebView's DON'T share cookies with Safari. So unfortunately that is not an option.

How to get facebook data from app?

I'm writing a sort of visualization desktop (non-web) application, just for fun.
However, ideally I'd want it to be able to pull information from the user's facebook account. (after getting its credentials, of course)
What's the best way to do this? Should I register a new 'facebook app' even though I'm not really making it web-based? I've never written a facebook app before.
I'm using Java as my prog language, btw.
Thanks!
Yes. Facebook supports desktop applications, but they must go through a special authentication mechanism. Essentially, the user will need to be directed to facebook through a web browser window as part of the authentication process.
Here is the documentation on the authentication process: http://wiki.developers.facebook.com/index.php/Login_Desktop_App
There is a relatively polished Java library for facebook here: http://code.google.com/p/facebook-java-api/
If the Java library above does not meets your needs, you can build an implementation on your own. Essentially, you will need to interact with the Facebook REST server, as described at the top of the page here: http://wiki.developers.facebook.com/index.php/API
Edit: After doing some more research I have a few more resources to provide:
Here is a list of some applications written using Java for facebook:
http://wiki.developers.facebook.com/index.php/Facebook_apps_written_in_Java
And there's even a neat desktop application that is open source here:
http://code.google.com/p/fb-photo-uploader/
Good luck!