facebook renew access token - facebook

I am building desktop application which should commit some stuffs from file system to Facebook.
Application should not give user login form at all.
C#, VS2010 are used.
I have for Facebook App:
client app id
client secret id
token (which is extended, so it is valid for next 60days).
Idea is to somehow renew the access_token, since Facebook doesn't give permanent access_token (offline_token).
So I have tried this:
var fb = new FacebookClient();
dynamic results = fb.Get("oauth/access_token",
new
{
client_id = "aap_id",
client_secret = "secret_id",
grant_type = "fb_exchange_token",
fb_exchange_token = "existing_token"
});
String newToken = results.access_token;
With this code I get newToken, which is different from existing.
My Question:
If this code is run, lets say day before it is expired, will the new token be valid for new 60 days or not?
Or should again be requested extended token?
Thanks,
Ljiljana.

Related

Error in getting active access token from FB

I am having the following code to access FB graph API.
var fb1 = new FacebookClient();
dynamic result = fb1.Get( "oauth/access_token", new
{
client_id = "523408...",
client_secret = "25bd19645....",
grant_type = "client_credentials");
}
var apptoken = result.access_token;
FacebookClient fb = new FacebookClient(apptoken);
dynamic FriendList = fb.Get("me");
string t = FriendList.ToString();
Console.WriteLine(t);
Console.ReadKey();
}
But when I execute it, it is giving this error "(OAuthException - #2500) An active access token must be used to query information about the current user."
Can somebody please tell me how to get active access token using C# code?
The "User" generates the Access Token, not the server.
This page gives you a way to do it thru Facebook CSharp SDK:
I personally use Facebook JavaScript SDK for the Login and pass the Access Token to the server to make calls.
http://facebooksdk.net/docs/web/permissions/
This page gives you information about different authentication workflows:
https://developers.facebook.com/docs/facebook-login/manually-build-a-login-flow/v2.0
https://developers.facebook.com/docs/facebook-login/access-tokens/
Hope it helps.
I think access token and user (me) they're not the same person. Check Access token and user. I think we all have this problem.

Facebook SDK Login URL Exposing the Client Secret?

I'm currently building a website where I'll offer the users a link to share a photo on Facebook, whereby the application would:
Provide the user with a link to request permissions from Facebook
Redirect back to the website with the access code from the user's acceptance of the permissions
Server-side post the photo to the user's photos
To generate the link for the first step, I'm doing this:
var fb = new FacebookClient();
var options = new
{
client_id = "MY_APP_ID",
client_secret = "MY_APP_SECRET",
redirect_uri = string.Format("http://localhost:51182/Home/FacebookShare?path={0}", Server.UrlEncode(path)),
response_type = "code",
scope = "publish_stream"
};
var loginUrl = fb.GetLoginUrl(options);
Then this loginUrl value is added to my MVC ViewModel and used in a link in the View.
However, I've noticed that the loginUrl contains the client_secret value in clear text. Isn't this a bad thing? Shouldn't users not be able to see the client_secret? Did I go about this the wrong way?
The fb.GetLoginUrl method is rather simple, in that it just adds anything you give it inside the options object as parameters to the URL created.
So take
client_secret = "MY_APP_SECRET",
out of your options object, and it should not show up in the login URL any more.

Facebook c# sdk get user id from signed request

I have a minor problem in facebook c# sdk
I just want to get the facebook user id without asking for permissions , just from the signed request. Up to now i have written the code below:
var current = new DefaultFacebookApplication { AppId ="***", AppSecret = "***" };
dynamic signedRequest = FacebookSignedRequest.Parse(current, Request);
var UserId = (string)signedRequest.Data.user.id;
My first question is :is that is possible? Is it possible to get the user id without oauth?
Secondly , if it is possible is the (string)signedRequest.Data.user.id statement correct?;
You cannot get the Facebook user id from the signed_request unless they've authenticated your app. It is a privacy issue.

How to post to a users friends wall when user is offline

In my app a user grants my application extended permission and I get the access token and store it as its a long lived access token.
This user is shown a list of their friends and they select one.
I store their name and fbuid in my database.
Now on a day in the future I want to send a message to this friend's wall.
Is this possible?
If not what other options are there to send a link to the friend in Facebook when the initial user is offline?
* Update
I was able to do this with the long lived access token and offline access as follows:
access_token = "AAACvmqy1nYoBAAZCk*************dZAMjsLxKxR7DaZBE0NxY8ZBGBW1q2mzsB9TDT0RvgeQcDdnyFJNAYRf0icnhlbikZD"
appID = '19307***********'
message = "Happy Birthday from your friends."
name = "Click here for your Birthday Surprise"
redirect_uri = URI.parse('http://localhost:3000/facebook/')
link = "https://www.facebook.com/dialog/oauth?client_id=#{appID}&redirect_uri=#{redirect_uri}"
caption = "Your friends have created a surprise for you. Click the link to see what it is."
picture = 'http://www.birthdaywall.net/logo-mail.png'
userID = '100002*********'
uri = URI.parse("https://graph.facebook.com/#{userID}/feed")
req = Net::HTTP::Post.new(uri.path)
result = req.set_form_data({:access_token => access_token , :message => message, :app_id => appID, :name => name, :link => link, :caption => caption, :picture => picture, })
sock = Net::HTTP.new(uri.host, 443)
sock.use_ssl = true
sock.start do |http|
response = http.request(req)
end
I don't know if this is the best way but it works for me so I am using it. If anyone has a better way I would be very happy to know about it.
I guess you have the publish_stream permission already. You also need the offline_access extended permission to make your access token live long:
Enables your app to perform authorized requests on behalf of the user at any time. By default, most access tokens expire after a short time period to ensure applications only make requests on behalf of the user when they are actively using the application. This permission makes the access token returned by our OAuth endpoint long-lived.
See here: https://developers.facebook.com/docs/reference/api/permissions/

Could not authenticate with OAuth

I am using Tweetsharp and I am trying to play with the Twitter Application. At present it is a simple console application.
I have searched in the net and found some articles where most of them are stating that after August 16th 2010, the basic authentication for the twitter is no longer applicable. Instead OAuth has come into place.
Henceforth, I have gone to the Twitter Apps and created one for me.(since it's a desktop application, so I choose Application Type to be Client and not browser.)
These are the various information that I got
Consumer key : NxDgjunKLu65CW38Ea1RT
Consumer secret :JOomsRGPTHct9hFjGQOTpxScZwI5K8zkIpOC1ytfo
Request token URL : https://twitter.com/oauth/request_token
Access token URL : https://twitter.com/oauth/access_token
Authorize URL: https://twitter.com/oauth/authorize
As a very basic step what have planned is that, I will write/post some tweet something to my wall.
Henceforth, I made the following(some code has been taken from web as I was using those as a reference)
string consumerKey = "NxDgjunKLu65CW38Ea1RT";
string consumerSecret = "JOomsRGPTHct9hFjGQOTpxScZwI5K8zkIpOC1ytfo";
FluentTwitter.SetClientInfo(new TwitterClientInfo { ConsumerKey = consumerKey, ConsumerSecret = consumerSecret });
//Gets the token
var RequestToken = FluentTwitter.CreateRequest().Authentication.GetRequestToken().Request().AsToken();
var twitter = FluentTwitter.CreateRequest()
.AuthenticateWith(
consumerKey
,consumerSecret,
RequestToken.Token,
RequestToken.TokenSecret)
.Statuses().Update("I am writing my first tweets").AsXml();
var response = twitter.Request();
var status = response.AsStatus();
But the response is
<?xml version="1.0" encoding="UTF-8"?>
<hash>
<error>Could not authenticate with OAuth.</error>
<request>/1/statuses/update.xml</request>
</hash>
I am trying for a long time to understand the problem but all in vain.
I need help.
Thanks
Getting the request token is only the first step of the OAuth process. You need to get the request token, authorize the token, and then trade if for an access token. You then use the access token to send a tweet.
See this link for a flowchart of the full OAuth process.