I'm developing a web app that uses FB data for some FB posts. I have a bunch of post ids and am fetching the data related to them using batched requests. Then am showing a summary of each post (number of comments, shares, likes) and link to the actual FB page (https://www.facebook.com/). But clicking on the link shows a 404 page on FB!!
Example, the node_id, '69983322463_10152179775342464' will return data in the graph explorer. But when you access https://www.facebook.com/69983322463_10152179775342464 it returns 404!
In case my question is not clear:
GET https://graph.facebook.com/69983322463_10152179775342464?access_token={a valid access token} returns data.
But GET https://www.facebook.com/69983322463_10152179775342464 (with or without an access_token param) returns a 404
Is there some field in the API response that signifies that the page does not exist anymore?
Thanks,
mano
This is because not every post is public. Only publicly available posts can be accessed directly.
For rest you need a valid access token to GET its details. When you tried the post id in graph api explorer it showed the result since an access token was applied.
So, you simply use a valid access token, may be any app access token (app_id|app_secret)- that never expires, and make the /GET request.
Eg: \GET /69983322463_10152179775342464?access_token={app-access-token}
Related
I'm trying to fetch the friends of a user who has a lot of them (> 8,000). I have the correct token (which I verifed in the Debug section of the Facebook Graph Explorer) and I'm issuing the standard Graph request in the Explorer:
/<fbid>?fields=friends
But the request fails with a 500 in my code and with a "Request failed" in the Facebook Explorer.
Any thoughts?
I think that's because the system is unable to handle the request. Try to use limit and offset parameters in the query:
/<fbid>/friends?offset=0&limit=500
In my index page, I have this link for me to auth with the facebook.
Test
Inside my TestServlet, it will auth and get the access token for me to query the graph api. I will query and store the info into a list of 200 results. The results are forward to my jsp page (test.jsp).
Inside my test.jsp:
URL will show http://xxx.herokuapp.com/test?code=xxx
As I don't wish to display all 200 results at the same time, I only load 20 results at a time. I have a link to the next page <a href='/test?page=${page+1}&code=${code}'>Next Page</a> where the page is the current page number 1 and code is the code on the url.
However, I will hit this error when I clicked the 'Next Page' link:
java.io.IOException: Server returned HTTP response code: 400 for URL: https://graph.facebook.com/oauth/access_token?client_id=xxx&redirect_uri=http://xxx.herokuapp.com/test&client_secret=xxx&code=xxx
Does the problem lies in encoding issue? If so, how should I encode the code in the url and where should I encode it? Inside my jsp page or servlet? Thanks.
Looks like you are trying to get access_token again using the same "code" in your "next page" link. And Facebook is returning 400 bad request error. The "code" returned by facebook is supposed to be used just once to get the access_token. And once you have access token, use that for all further Graph API calls.
If you are using sessions, you can store the access_token in session and use that for Graph API calls. Otherwise, you can pass the access_token (instead of code) in the next page link:
<a href='/test?page=${page+1}&access_token=${access_token}'>Next Page</a>
I read this documentation, and it says that for retrieve picture I need to use an access token. So, I've use it using publish_actions and email as scopre/permission, but I don't see any `picture" returned on the JSON:
https://graph.facebook.com/myNickname/?access_token=myAccessToken
the rest of data is returned, the ones where access_token is required not. I should use User Access Token, not App Access Token.
The same happens for the others field, such as age_range. It is not returned.
You can see in the doc for age_range that the field will be retrieved only if you specify it in your request:
The user's age range; only returned if specifically requested via the fields URL parameter
The same happens to picture property. The problem is, that they didn't mention it in the documentation.
To get picture, specify in your request:
/me?fields=picture
I'm using FB.login on the JS client and want to verify the user's identity on the server. So, the client gets a signedRequest from facebook and sends it to the server. The server splits on the period, and decodes the second part of the signedRequest into a json object.
What should I be using for "code" when I send my server-side request to
https://graph.facebook.com/oauth/access_token?
client_id=YOUR_APP_ID
&redirect_uri=YOUR_REDIRECT_URI
&client_secret=YOUR_APP_SECRET
&code=CODE_GENERATED_BY_FACEBOOK
My decoded json looks something like:
{"algorithm":"HMAC-SHA256","code":"2.AQCPA_yfx4JHpufjP.3600.1335646800.1-5702286|l11asGeDQTMo3MrMx3SC0PksALj6g","issued_at":1335642445,"user_id":"5232286"}
Is that the code I need? Does it need to be B64 encoded? If this isn't the code, what code should I use?
_
What I've tried:
The request I'm trying to use is:
https://graph.facebook.com/oauth/access_token?client_id=295410083869479&redirect_uri=https://squaredme.appspot.com/facebookredirect&client_secret=44f1TOPSECRETbb8e&code=2.AQCPA_yfx4JHpufjP.3600.1335646800.1-5702286|l11asGeDQTMo3MrMx3SC0PksALj6g
but this returns the error:
{"error":{"message":"Error validating verification code.","type":"OAuthException","code":100}}
I can't tell if this is because I'm using a bad code, or what. Noteably, this is running on my local dev server, and squaredme.appspot.com definitely does NOT resolve to my IP. I don't know if facebook checks that or what - I'm assuming I'd get a better error message. Thanks for any direction!
You are trying to somehow combine the two flows together and that's why things don't work well.
When facebook POSTs into the iframe with your app url and a signed request there are two options, the easy one being that the user is already authenticated and then the signed request will have all the necessary data (including a signed request), then you just load the canvas page and use the JS SDK to get an access token there as well, but in this case there's no need to use the FB.login (since it opens a popup and will automatically close it), you can use the FB.getLoginStatus method which won't annoy the user.
If the user is not authenticated then the sign request will be missing the things you need to use the graph api.
You then redirect the user to the auth dialog, and since you are loaded in an iframe you'll need to return a html response which redirects the parent window using javascript, like:
top.location.href = "AUTH_DIALOG_URL";
When the use is done (accepted or rejected the app) he will be redirected to the "redirect_uri" you added as a parameter to the auth dialog.
If the user accepted your app then you'll be getting the "code" parameter in the query string.
You then take the code, exchange it with an access token as you posted in your question, and then redirect the user back to "apps.facebook.com/YOUR_APP".
When the page then loads the user is already authenticated and you'll be getting a full signed request.
I hope this clarifies things for you, recheck the Server-Side flow it pretty much covers it all.
I also had some trouble with that, then I found the solution here in StackOverflow.
There are two kinds of "code" provided by facebook. One comes inside the signedRequest in the cookie generated by the client-side flow. The Facebook's JS SDK handles this codes and get a access token without telling us anything.
The other type of code comes attached as a query to your redirect URI (http://www.yoururl.com/index.php?code=AAAgyiaus...), when you navigate to OAuth URL (server-side flow). With this code, you go to a Token URL and get your access token.
When you are using the server-side flow, you need to indicate a redirect URI both in the OAuth URL AND in the Token URL, and they have to be exactly the same, so a missing slash or a query string can be a lot of problem.
The codes are different from each other. When you use the both things together, appears to be impossible to get a access token using the code that was inside the cookie's signedRequest.
BUT, it is not. The magic is: the code from signedRequest is associated with NO URI, so as long as the redirect_uri is a mandatory field, all you have to do is to pass it blank when you navigate to the Token URL.
So the final solution is: grab the signedRequest from the cookie, parse it in your server to obtain the code, then read the Token URL:
https://graph.facebook.com/oauth/access_token?
client_id=YOUR_APP_ID
&redirect_uri=&client_secret=YOUR_APP_SECRET
&code=CODE_INSIDE_THE_SIGNED_REQUEST
It looks like a hack, so I don't know how long it's gonna work, but it's working right now.
I have a website in which i use the Facebook API to let users 'invite' their friends to my site. These friends will get an App invite on their Facebook and once they click and accept it, it opens a page of my site in side an iFrame (within Facebook).
That's all fine, but i would like to add a refer id to the URL. So i can tell from who they got the invitation.
Is it possible to add (dynamic) parameters to the canvas URL??
I haven't been able to find out how to do this.
(I'm using the JS library).
I am able to pass multiple params to my canvas page. Not quite sure why this is not working for you or for #JonCanning. I am able to successfully redirect to https://apps.facebook.com/MY-APP?param1=x¶m2=y¶m3=z and retrieve them within the code loaded in the iframe.
You cannot manipulate request urls if you use apprequests for invites though, so not sure how you plan to manipulate the request url. Is this a wall post mechanism?
But, if you are using apprequests for invites - you can pass an optional "data" param. This can be arbitrary JSON or a simple string. When a recipient clicks thru the invite, you will be provided a "request_id" param in the request redirector from Facebook. e.g. http:YOUR-INVITE-REDIRECT-URL?request_ids=REQUEST_ID. If multiple invites from the same app were sent to the user, you will get the request_ids as a comma separated list. You can make a call back to the facebook graph api endpoint for requests and get back all the info for the requests - including the "data" param you passed. This might work better for you since you have embedded all data in the request itself.
More info on dialogs here : https://developers.facebook.com/docs/reference/dialogs/requests/
A single parameter passed into your apps url is passed onto the iframe
http://apps.facebook.com/app_name/?param=hello
To add to #iyerrag's answer, to grab the data param from within your canvas handler, you have to call back into the facebook graph API. The call takes one of the request_ids passed in the http query and also an access token. I was able to use our app's access token (generated something like this Creating App Token).
The returned JSON document contains the value you passed in the data param in key 'data'.
Here's the gist, in Python:
requestIDStr = self.request.get('request_ids','')
requestIDs = requestIDStr.split(',')
requestID = requestIDs[0]
if requestID:
url = """https://graph.facebook.com/{}?access_token={}""".format(requestID, fbAccessToken)
try:
response = urllib2.urlopen(url)
responseDoc = response.read()
jsonResponse = json.loads(responseDoc)
dataParam = jsonResponse['data']
except Exception as e: logging.warning('unable to retrieve data param: {}'.format(e) )