I am trying to serve a Facebook gallery for a client, and due to the server the site is being hosted on, the request needs to be authenticated.
I have set up an app using our company Facebook developer account. Although I have set the domain of the app to that of our client's, the gallery returned in the request is empty.
I am assuming that I will need access to the client's facebook account so I can create an app associated directly with their facebook account - the one where I want the galleries from? EDIT - just thought I'd point out that the client would prefer not to give me their passwords for their facebook account...
Here is the auth code I have used, if anyone will be kind enough to point out any school boy errors I may have made.
$no_albums = 6;
$latest_albums = null;
$user_id = "xxxxxx";
$app_secret = "xxxxxxxxxxxxxxxxxxxx";
$app_token_url = "https://graph.facebook.com/oauth/access_token?"
. "client_id=" . $user_id
. "&client_secret=" . $app_secret
. "&grant_type=client_credentials"
. "&scope=user_photos";
$response = wp_remote_get($app_token_url);
$access_token = $response['body'];
error_log(print_r($response,true));
$query = 'https://graph.facebook.com/'.$user_id.'/albums?' . $access_token;
$albums = json_decode(file_get_contents('http://graph.facebook.com/'.$user_id.'/albums') );
And this is the response I get ( $albums ) in my error logs:
Array
(
[headers] => Array
(
[access-control-allow-origin] => *
[cache-control] => private, no-cache, no-store, must-revalidate
[content-type] => application/json; charset=UTF-8
[etag] => "1050253aec7b29caff644806927dabfa81406eee"
[expires] => Sat, 01 Jan 2000 00:00:00 GMT
[pragma] => no-cache
[x-fb-rev] => 812093
[x-fb-debug] => 9I0lRzV3GZxrflP/19iBvhly6FLUVI9jCHJAXcw0Dm0=
[date] => Mon, 13 May 2013 10:45:39 GMT
[connection] => close
[content-length] => 11
)
[body] => {"data":[]}
[response] => Array
(
[code] => 200
[message] => OK
)
[cookies] => Array
(
)
[filename] =>
Thanks.
You've got a couple of basic problems here.
First, in your API request, you are looking for albums associated with your APP_ID. There are none. You should be using the client's PAGE_ID or USER_ID in the request to the graph API.
Second, you should be using the Facebook PHP SDK instead of file_get_contents() to make your requests. Especially if this is to be a production environment.
If your clients albums are publicly visible, you may not need to authenticate a user to view them. To know this for sure, you'd need to share your client's Facebook username.
Related
I am trying to post an image to a facebook page from a PHP script on my server. Everything is authenticating my account with admin rights and I have the permissions of manage_pages, publish_pages and publish_actions.
The image is getting uploaded and I can go to my facebook page and click on Notifications and the post is there, but when I go to Page, Posts, or Images I don't see it. Also, when I look at it in the notification section it is showing it posted by me and as a visitor, it should be showing as posted by the Page. I do have this set as live in Facebook Developer as well.
Can anyone help?
When I run the script I am doing this call to facebook:
$response = $fb->post('/'.$agency_permissions['facebook_page'].'/photos', $data, $agency_permissions['facebook_token']);
} catch(Facebook\Exceptions\FacebookResponseException $e) {
echo 'Graph returned an error: ' . $e->getMessage();
} catch(Facebook\Exceptions\FacebookSDKException $e) {
echo 'Facebook SDK returned an error: ' . $e->getMessage();
}
Facebook returns this information: (things labeled '{removed by me}' were removed by me, not returned that way)
Facebook\FacebookResponse Object(
[httpStatusCode:protected] => 200
[headers:protected] => Array
(
[Access-Control-Allow-Origin] => *
[Pragma] => no-cache
[Cache-Control] => private, no-cache, no-store, must-revalidate
[facebook-api-version] => v2.11
[Expires] => Sat, 01 Jan 2000 00:00:00 GMT
[x-fb-rev] => 3698059
[Content-Type] => application/json; charset=UTF-8
[x-fb-trace-id] => H3yiZBKJGQe
[Strict-Transport-Security] => max-age=15552000; preload
[Vary] => Accept-Encoding
[X-FB-Debug] => {removed by me}
[Date] => Tue, 06 Mar 2018 20:43:16 GMT
[Connection] => keep-alive
[Content-Length] => 70
)
[body:protected] => {"id":"1139098132893012","post_id":"335620470144697_1139098132893012"}
[decodedBody:protected] => Array
(
[id] => 1139098132893012
[post_id] => 335620470144697_1139098132893012
)
[request:protected] => Facebook\FacebookRequest Object
(
[app:protected] => Facebook\FacebookApp Object
(
[id:protected] => {removed by me}
[secret:protected] => {removed by me}
)
[accessToken:protected] => {removed by me}
[method:protected] => POST
[endpoint:protected] => /335620470144697/photos
[headers:protected] => Array
(
[Content-Type] => multipart/form-data; boundary=5a9efd619ebd5
)
[params:protected] => Array
(
[message] => test
)
[files:protected] => Array
(
[source] => Facebook\FileUpload\FacebookFile Object
(
[path:protected] => /home/virtual/my_domain/public_html/wp-content///DemoUnitsInternal/7801.jpg
[maxLength:Facebook\FileUpload\FacebookFile:private] => -1
[offset:Facebook\FileUpload\FacebookFile:private] => -1
[stream:protected] => Resource id #26
)
)
[eTag:protected] =>
[graphVersion:protected] => v2.11
)
[thrownException:protected] =>
)
You are using a User Token, that´s why it gets posted as user. Make sure to use a Page Token with manage_pages and publish_pages and it will be posted as Page.
I have a page tab app. When the user clicks on the "Go to App" and is sent to my page tab edit url i am trying to determine if they are a page admin or not.
I have tried two different methods. I have tried from the only admin/owner of the page
method 1 used from https://developers.facebook.com/blog/post/2011/09/05/platform-updates--labor-day-edition/
$page_info = $facebook->api("/".$pageID."?fields=access_token");
$pageAccessToken = $page_info['access_token']
$is_admin_url = "https://graph.facebook.com/" . $pageID
. "/admins/" . $FBuser . "?access_token="
. $pageAccessToken;
$response = file_get_contents($is_admin_url);
response is {"data":[]}
I have also tried::
path = '/'.$pageID.'/admins/'.$FBuser;
$params = array(
'app_id' => FB_APP_ID,
'access_token' => $pageAccessToken
);
$is_admin = $facebook->api($path, 'POST', $params);
Although PAGE_ID/admins is a valid request, you need an admin's access_token to see the list. I.e. only admins can see who else is an admin.
What you can do is approach this from the other end by yielding a list of pages that the user is an admin of (using the https://graph.facebook.com/USER_ID/accounts/ data and the manage_pages permission) and search through that list for your application.
However, I would understand if some users would be reluctant to give the manage_pages permission, as it also provides an access token to authenticate as that page, which would be something of a security hole on their part. Unfortunately, there does not seem to be another way to access a list of pages for which that user is an admin.
Simplest way will be signed Request.
A signed_request parameter is POSTed to an application when the app is loaded inside a Page Tab.
You can get a lot of information from signed_request
require '../fb_sdk/facebook.php';
$config = array();
$config['appId'] = '45916xxxxxx';
$config['secret'] = '59caxxxxxx';
$facebook = new Facebook($config);
$facebook->setFileUploadSupport(true);
$signed_request = $facebook->getSignedRequest();
print_($signed_request); will have output like
Array
(
[algorithm] => HMAC-SHA256
[expires] => 1347210000
[issued_at] => 1347203265
[oauth_token] => AAAGhmv67ki8BAAfBwtxxxx
[page] => Array
(
[id] => 192430xxxxxx
[liked] => 1
[admin] => 1
)
[user] => Array
(
[country] => in
[locale] => en_US
[age] => Array
(
[min] => 21
)
)
[user_id] => 10000020xxxxx
)
You can use $signed_request[page][admin] value to determine whether a user is admin of current page, in which your app in loaded in Page Tab. If it's set to 1 then user is admin of the page else not an admin i.e. set to 0.
More About Signed Request
i had some luck using admin_only = true
https://developers.facebook.com/docs/graph-api/reference/user/groups/
I'm trying to get a the facebook userid in a facebook tab, but somehow this always returns 0.
This is the code I use:
$config = array();
$config["appId"] = "427761887242287";
$config["secret"] = "xxxxxxxxxxxxxxxxxxxxxx";
$facebook = new Facebook($config);
$fbData = $facebook->getSignedRequest();
Facebook appId and secret are valid, I've already tried with resetting the secret.
I've tried to do a print_r on $fbdata but this only returns:
Array
(
[algorithm] => HMAC-SHA256
[issued_at] => 1337603346
[page] => Array
(
[id] => 158282080958121
[liked] => 1
[admin] =>
)
[user] => Array
(
[country] => nl
[locale] => en_US
[age] => Array
(
[min] => 21
)
)
)
As you can see, this retuns only some non usefull data as far as the user goes.
I've also tried $facebook->getUser() but this does return 0.
I do have a valid SSL certificate on my server, I use the right http and https URL's but I can't find out why I get a 0 for the userid while I'm logged in.
Any suggestions?
If this is a facebook page tab application, then the user id is not returned unless the user has explicitly authorized your application. And from the response you've posted it looks like this is the case. You would need to get the user to authorize your application, not just like a page for this to work
https://developers.facebook.com/docs/authentication/pagetab/
Answer + new question
I found out that the code below works just fine on a LIVE server. LinkedIN blocked all requests from localhost.
That established; Does anybody know how to test an application from localhost with LinkedIN OAuth? Because doing this on a live server sucks!
Old Question
I'm trying to connect with Zend_OAuth to LinkedIN. This code used to work, but now it returns an error in http request while I'm trying to retrieve an access token.
Tried checking the LinkedIN api, but the code still seems valid. Tried several scripts but all with the same result.
The config is setup in the preDispatch of my controller
$this->configLinkedin = array(
'version' => '1.0',
'siteUrl' => 'http://'.$_SERVER['HTTP_HOST'].$this->view->baseUrl(false).'/news/index/connectlinkedin',
'callbackUrl' => 'http://'.$_SERVER['HTTP_HOST'].$this->view->baseUrl(false).'/news/index/connectlinkedin',
'requestTokenUrl' => 'https://api.linkedin.com/uas/oauth/requestToken',
'userAuthorisationUrl' => 'https://api.linkedin.com/uas/oauth/authorize',
'accessTokenUrl' => 'https://api.linkedin.com/uas/oauth/accessToken',
'consumerKey' => 'XXX',
'consumerSecret' => 'XXX'
);
And the code in the action to connect to linkedIN is
$this->consumer = new Zend_Oauth_Consumer($this->configLinkedin);
if(!empty($_GET) && isset($_SESSION['LINKEDIN_REQUEST_TOKEN']))
{
$token = $this->consumer->getAccessToken($_GET, unserialize($_SESSION['LINKEDIN_REQUEST_TOKEN']));
// Use HTTP Client with built-in OAuth request handling
$client = $token->getHttpClient($this->configLinkedin);
// Set LinkedIn URI
$client->setUri('https://api.linkedin.com/v1/people/~:(id,first-name,last-name,picture-url)');
// Set Method (GET, POST or PUT)
$client->setMethod(Zend_Http_Client::GET);
// Get Request Response
$response = $client->request();
$this->NewsService->TokenSocialMedia(
$token,
'linkedin',
serialize($response->getBody())
);
$_SESSION['LINKEDIN_REQUEST_TOKEN'] = null;
$this->_helper->flashMessenger(array('message' => $this->view->translate('The CMS is successfully connected to your linkedin account'), 'status' => 'success'));
$this->_helper->redirector('settings#settingSocial', 'index');
}
else
{
$token = $this->consumer->getRequestToken();
$_SESSION['LINKEDIN_REQUEST_TOKEN'] = serialize($token);
$this->consumer->redirect();
}
What am I missing or doing wrong? I use a similair setup for Twitter and that works fine.
UPDATE 20 September 211
I found out that this rule is returning the error:
$token = $this->consumer->getRequestToken();
I'm still clueless why, and reading the linkedin api doesn't help a bit. Will keep you posted.
I got similar problem and after adding openssl extension it was solved
try adding to php.ini this line:
extension=php_openssl.dll
I got the same issue, try to turn off ssl before asking the new consumer :
$httpConfig = array(
'adapter' => 'Zend\Http\Client\Adapter\Socket',
'sslverifypeer' => false
);
$httpClient = new HTTPClient(null, $httpConfig);
OAuth::setHttpClient($httpClient);
When I use OAuth to connect an application to a twitter account I put the access token and the user data in my database as follow:
$this->consumer = new Zend_Oauth_Consumer($this->configTwitter);
if(!empty($_GET) && isset($_SESSION['TWITTER_REQUEST_TOKEN']))
{
$token = $this->consumer->getAccessToken($_GET, unserialize($_SESSION['TWITTER_REQUEST_TOKEN']));
// Get user info
$twitter = new Zend_Service_Twitter(array(
'username' => $token->screen_name,
'accessToken' => $token,
'callbackUrl' => $this->_getParam('SettingsWebsiteUrl').'/news/index/connecttwitter',
'consumerKey' => 'XXXXXX',
'consumerSecret' => 'XXXXXXX'
));
$response = $twitter->account->verifyCredentials();
// place in database
$this->NewsService->TokenSocialMedia(
$token,
'twitter',
serialize($response)
);
$_SESSION['TWITTER_REQUEST_TOKEN'] = null;
$this->_helper->flashMessenger(array('message' => $this->view->translate('The CMS is successfully connected to your twitter account'), 'status' => 'success'));
$this->_helper->redirector('settings', 'index');
}
else
{
$token = $this->consumer->getRequestToken();
$_SESSION['TWITTER_REQUEST_TOKEN'] = serialize($token);
$this->consumer->redirect();
}
This works fine. The response looks like this below and I have no clue of how to format this and display it to the user. Only thing I want is to store the twitter id, twitter name (not screen_name) and the image url.
O:23:"Zend_Rest_Client_Result":2:{s:8:"�*�_sxml";O:16:"SimpleXMLElement":34:{s:2:"id";s:9:"150638034";s:4:"name";s:20:"De Graaf & Partners ";s:11:"screen_name";s:15:"GraafenPartners";s:8:"location";s:9:"Culemborg";s:11:"description";s:34:"Full service communications agency";s:17:"profile_image_url";s:78:"http://a2.twimg.com/profile_images/1191111069/Logo_DG_P-CMYK_Square_normal.jpg";s:3:"url";s:31:"http://www.degraafenpartners.nl";s:9:"protected";s:5:"false";s:15:"followers_count";s:1:"0";s:24:"profile_background_color";s:6:"C0DEED";s:18:"profile_text_color";s:6:"333333";s:18:"profile_link_color";s:6:"0084B4";s:26:"profile_sidebar_fill_color";s:6:"DDEEF6";s:28:"profile_sidebar_border_color";s:6:"C0DEED";s:13:"friends_count";s:1:"0";s:10:"created_at";s:30:"Tue Jun 01 12:47:51 +0000 2010";s:16:"favourites_count";s:1:"0";s:10:"utc_offset";s:4:"3600";s:9:"time_zone";s:9:"Amsterdam";s:28:"profile_background_image_url";s:60:"http://a3.twimg.com/a/1296525272/images/themes/theme1/bg.png";s:23:"profile_background_tile";s:5:"false";s:28:"profile_use_background_image";s:4:"true";s:13:"notifications";s:5:"false";s:11:"geo_enabled";s:4:"true";s:8:"verified";s:5:"false";s:9:"following";s:5:"false";s:14:"statuses_count";s:1:"6";s:4:"lang";s:2:"en";s:20:"contributors_enabled";s:5:"false";s:19:"follow_request_sent";s:5:"false";s:12:"listed_count";s:1:"0";s:21:"show_all_inline_media";s:5:"false";s:13:"is_translator";s:5:"false";s:6:"status";O:16:"SimpleXMLElement":15:{s:10:"created_at";s:30:"Mon Jan 03 08:41:11 +0000 2011";s:2:"id";s:17:"21848534684794880";s:4:"text";s:53:"De Graaf & Partners wenst iedereen een creatief 2011!";s:6:"source";s:3:"web";s:9:"truncated";s:5:"false";s:9:"favorited";s:5:"false";s:21:"in_reply_to_status_id";O:16:"SimpleXMLElement":0:{}s:19:"in_reply_to_user_id";O:16:"SimpleXMLElement":0:{}s:23:"in_reply_to_screen_name";O:16:"SimpleXMLElement":0:{}s:13:"retweet_count";s:1:"0";s:9:"retweeted";s:5:"false";s:3:"geo";O:16:"SimpleXMLElement":0:{}s:11:"coordinates";O:16:"SimpleXMLElement":0:{}s:5:"place";O:16:"SimpleXMLElement":0:{}s:12:"contributors";O:16:"SimpleXMLElement":0:{}}}s:10:"�*�_errstr";N;}
How do I need to format the data, or how can I store the data better?
If all you want to store is their image url, then you just need their username, then use this:
http://img.tweetimag.es/i/oprah_o
where oprah_o is the username.
You don't need to use OAuth and Zend_Service_Twitter to do that. If you want to be able to get data from a non public feed, or publish tweets to their accounts, that's where you need Zend_Service_Twitter.
If you want to get data from that resultset, just do:
$result_obj = unserialize($token);