I have the following JS function:
<pre><code>
function fblogin() {
FB.login(function(response) {
if ( response.status === 'connected' ) {
objFacebookUser.token = response.authResponse.accessToken;
FB.api('/me', function(response) {
objFacebookUser.id = response.id;
connect( objFacebookUser );
});
} else if( response.status === 'not_authorized' ){
console.log('User cancelled login or did not fully authorize!');
} else {
console.log('User is not logged in!');
}
}, {scope:'{{$smarty.const.FACEBOOK_CONNECT_PERMS}}'});
}
</code></pre>
I have never had any problems with this until today. For some reason, one account I'm trying to use Facebook connect on will always throw "not_authorized" as the response.
I tried deleting the app from that account's applications. It would request to Allow permissions, I click allow and it throws "not_authorized" again. I'm totally stuck. Been reading on this for the whole day now without a solution. This doesn't happen to every account, but I need to get to the bottom of this.
Any help is greatly appreciated.
Found the solution!
I was in Sandbox enabled mode. Make sure that Sandbox mode is DISABLED. Otherwise, you'll run into a lot of authentication issues.
Cheers!
Armin
Related
I have a new web app in development mode, and am trying to post to a users wall using something like this:
<fb:login-button scope="publish_pages" autologoutlink="true" onlogin="OnRequestPermission();">
</fb:login-button>
...
var params = {};
params['message'] = 'Message';
params['name'] = 'Name';
params['description'] = 'Description';
params['link'] = 'http://www.example.com';
params['picture'] = 'http://example.com/example.png';
params['caption'] = 'Caption';
FB.api('/me/feed', 'post', params, function(response) {
if (!response || response.error) {
console.log(response.error);
} else {
alert('Published to stream - you might want to delete it now!');
}
});
I am testing this after a successful login using the FB account defined in that app as admin, but am getting an OAuthException error:
"(#200) The user hasn't authorized the application to perform the action"
Do I need to send the app through review to get additional access even though we are in testing? Is there something else I missed here?
Thanks
You are using the wrong permission, you would need publish_actions to post to the user wall. publish_pages is for posting to a Page you own. You do not need to go through the review process for testing, all permissions work without review for users with a role in the App.
This problem has been bugging me for a long time and I can't seem to find the solution, all the settings in my Facebook Developer panel are configured correctly, Site URL, App Domain and OAuth URLs.
When I run my app on my iPhone (I have it installed through iTunes) and click the authentication button I am successfully prompted with this screen:
However, after logging in, I am faced with a blank white screen instead of being redirected to my main.html page.
I am using the OpenFB plugin along with Parse and the Facebook Graph API to authenticate and store my users data, here is my login code:
login.html:
$('.facebookLogin').click(function(){
Parse.User.logOut(); // log current user out before logging in
login();
});
function login() {
openFB.login(function(response) {
if(response.status === 'connected') {
console.log('Facebook login succeeded');
Parse.FacebookUtils.logIn("email", { // permission request to use email
success: function(user) {
if (!user.existed()) {
FB.api('/me', function(response) {
var firstName = response.first_name;
var lastName = response.last_name;
var email = response.email;
var user_id = response.id;
user.set("firstName",firstName);
user.set("lastName",lastName);
user.set("email",email);
user.save();
});
window.location.href= "main.html";
}
else {
window.location.href= "main.html";
}
},
error: function(user, error) {
alert("User cancelled the Facebook login or did not fully authorize.");
}
});
}
else {
alert('Facebook login failed: ' + response.error);
}
}, {scope: 'email'});
}
oauthcallback.html:
<html>
<body>
<script>
// redirects to main page
window.location.href= "main.html";
</script>
</body>
</html>
Note: I have added main.html, login.html and oauthcallback.html to the Valid OAuth redirect URIs list on my panel.
Check that your site is using SSL with a valid certificate.
There might be an error trying to redirect from a non-secure site to an encrypted site.
How can I allow a user to revoke access to my application using their API service, SDK. http://developers.facebook.com/docs/sdks/
Looking at the documentation I can't find anything about revoking the access.
For the FB JavaScript SDK:
FB.api('/me/permissions', 'delete', function(response) {
console.log(response); // true
});
in the graph API for the user object you can issue an HTTP DELETE request to /PROFILE_ID/permissions to revoke authorization for an app.
from the official documentation (developers.facebook.com/docs/reference/api/user/):
You can de-authorize an application or revoke a specific extended
permissions on behalf of a user by issuing an HTTP DELETE request to
PROFILE_ID/permissions with a user access_token for that app.
Parameter Description Type Required permission The permission you
wish to revoke. If you don't specify a permission then this will
de-authorize the application completely. string no You get the
following result.
Description Type True if the delete succeeded and error
otherwise. boolean
For anyone who would find this helpful, I was losing sleep and wrecking my brain for days trying to get this to work;
FB.api('/me/permissions', 'DELETE', function(response) {
if (response == true) {
window.top.location = 'logout-facebook.php';
} else {
alert('Error revoking app');
}
});
I finally got this to work when I observed that the "response" being returned was not a boolean but a JSON object.
The JSON object being returned was either;
{
success: "true"
}
OR
{
success: "false"
}
Following that, the correct code was;
FB.api('/me/permissions', 'DELETE', function(response) {
if (response.success == true) {
window.top.location = 'logout-facebook.php';
} else {
alert('Error revoking app');
}
});
Hope this helps someone!
With PHP SDK V 5
$DeletePermsUser = $fb->delete('/{user-id}/permissions/',[],$access_token);
I have a difficult problem. Difficult means I searched through the net and StackOverflow as well the whole FBJS SDK documentation and haven't find answer.
I am building a Page Tab application where I'd like to let fans to rsvp events. So I have to check if the user is logged in and if it doesn't I have to login. That sounds pretty easy, but FB.getLoginStatus doesn't fires callback function. This is the code excerpt:
FB.init({
appId: window.appID,
status: true,
xfbml: true,
cookie: true,
oauth: true,
channelUrl: 'http://example.com/fb/channel.html'
});
and then I simply - of course after the user clicks on a button - call FB.getLoginStatus, but it seems it doesn't do anything.
I've already checked sandbox mode, FB.init success, URLs in application settings and developing environment. I can call FB.ui, although FB.ui with method: 'oauth' I get an error message saying " The "redirect_uri" parameter cannot be used in conjunction with the "next" parameter, which is deprecated.". Which is very weird because I didn't used "next" parameter. But when I set next to undefined, it works fine, I get the window, but it says "Given URL is not allowed by the Application configuration.". Expect from that, I can login, then I've got the access_token. But in the new window, getLoginStatus still doesn't do anything.
So any advices are welcome.
Thanks,
Tamas
UPDATE:
function onBodyLoad() { //on body onload
FB.init({
appId: window.appID,
status: true,
xfbml: true,
cookie: true,
oauth: true,
channelUrl: 'http://example.com/fb/channel.html'
});
}
...
function getName() { // on button onclick
FB.getLoginStatus(function(response){
if (response.authResponse)
{
window.loggedIn = true;
debugString('Logged in');
} else
{
window.loggedIn=false;
debugString('Not logged in');
}
}, true);
if (window.loggedIn === undefined) {
debugString('getLoginStatus did not exec'); // I always get this message
}
}
UPDATE 2: I created a new App on a different URL, which is configured as a standalone website. There these codes work perfectly, I can getLoginStatus, I can login, etc. Is there any difference working in the context of FB, and in a standalone website, using FB JavaScript SDK?
FB.getLoginStatus does not fire the callback when you are running the website on a different domain than the one that you registered the app with. I usually find myself in this situation when I am developing locally or on a staging server.
For example, if you registered the site with example.com and your staging server is example.mystagingserver.com, the callback wont fire. In this case, you need to create a second application in Facebook and use the Application ID and Secret for the new app.
I just had the same problem, though it only happened to some users.
I finally found out that if your app is sandbox mode, none-developer users can still see your app as a pagetab. But calling getLoginStatus will fail silently (even logging turned on).
Took a while to figure that one out, I hope this can save someone else some time.
I'm using this code, successfully. I'm not quite sure where the differences are.. but I'm using the ASYNC FB Loader.
window.fbAsyncInit = function() {
FB.init({ appId: 'XXXXXX', //change the appId to your appId
status: true,
cookie: true,
xfbml: true,
oauth: true});
function authEvent(response) {
if (response.authResponse) {
//user is already logged in and connected
FB.api('/me', function(info) {
login(response, info);
});
} else {
//user is not connected to your app or logged out
button.onclick = function() {
FB.login(function(response) {
if (response.authResponse) {
FB.api('/me', function(info) {
login(response, info);
});
} else {
//user cancelled login or did not grant authorization
}
}, {scope:'email,rsvp_event,status_update,publish_stream,user_about_me'});
}
}
}
// run once with current status and whenever the status changes
FB.getLoginStatus(updateButton);
FB.Event.subscribe('auth.statusChange', updateButton);
};
(function() {
var e = document.createElement('script'); e.async = true;
e.src = document.location.protocol
+ '//connect.facebook.net/en_US/all.js';
document.getElementById('fb-root').appendChild(e);
}());
function login(response, info){
if (response.authResponse) {
accessToken = response.authResponse.accessToken;
userid = info.id;
userInfo.innerHTML = '<img src="https://graph.facebook.com/' + info.id + '/picture">' + info.name+"<br /> Your Access Token: " + accessToken;
}
}
You can use the following code to check if the user is logged in:
FB.getLoginStatus(function(response) {
if (response.authResponse) {
// logged in and connected user, someone you know
} else {
// no user session available, someone you dont know
}
});
From FB JS SDK Documentation.
You can wrap the whole code in jQuery ready :
$('document').ready(function(){
... above code
})
Also you may want to check this question StackOverflow.
I had the same problem. I was working on the facebook login process of our website. During development the "FB.getLoginStatus" did not return a response. I fixed it in the settings of the app on facebook:
-In facebook go to "manage apps"
-Go to the "facebook login" settings of your app
-Add your development url (for example "https://localhost") to the "Valid OAuth Redirect URIs"
(Don't forget to remove the "https://localhost" from the OAuth Redirect URIs when you are finished with developping.)
Something common that causes this is that a browser is blocking cookies, this will cause the event not to fire. Also, make sure that if you or your user have and ad blocker that it is not blocking third party cookies.
Example of warning:
For me after extensive testing can confirm the dialog to log the user will not show unless you use a valid Application ID
These can be found in
https://developers.facebook.com/apps/{{Application__Id}}/settings/
Just make sure you call the api with the correct ID.
so after updating to the php 3.0 sdk and what not, my FB.login() function no longer asks for the permissions I set it to ask. Any one else getting this? Here's some code for you:
window.fbAsyncInit = function() {
FB.init({
appId: 'xxx',
status: true,
cookie: true,
xfbml: true,
oauth : true // enables OAuth 2.0
});
// whenever the user logs in, we refresh the page
//FB.Event.subscribe('auth.login', function() {
// window.location.reload();
//});
};
FB.login(function(response) {
if (response.authResponse) {
console.log('Welcome! Fetching your information.... ');
FB.api('/me', function(response) {
console.log('Good to see you, ' + response.name + '.');
FB.logout(function(response) {
console.log('Logged out.');
});
});
} else {
console.log('User cancelled login or did not fully authorize.');
}
}, {scope:'read_stream,publish_stream,offline_access'});
The way I'm trying to access it, is through an onClick="FB.login();". Can anyone help?
Checking the source of the JS SDK I found that they still use perms and not scope as it it documented.
This is working for me:
...onclick="FB.login(handleLoginResponse,
{perms:'email,manage_pages,user_birthday'});return false;"...
I hope it helps.
I see something related to this with the JS SDK. When setting oauth=true, the function
FB.login(function (response) {
if (response.authResponse) {
console.log('Welcome! Fetching your information.... ');
} else {
console.log('User cancelled login or did not fully authorize.');
}
}, { scope: 'email,publish_stream,user_birthday,user_location' });
Correctly requests the extended permissions, but using the <fb:login-button> FBXML with scope="email,publish_stream,user_birthday,user_location" does not.
This looks like a Facebook bug to me...
My problem was similar to you.
I have checked all my javascript to verify if my scope was good in FB.login definition.
Finally I realized that I have a Facebook button in my HTML.
<form class="form-signin"><fb:login-button size="large">Facebook</fb:login-button></form>
When I have also defined the scope in the FB Button, Facebook ask me correcty to accept new permissions if I change my scope
<form class="form-signin"><fb:login-button size="large" scope="<?php print($sFacebookScope);?>">Facebook</fb:login-button></form>
I think its because you are calling FB.logout within the FB.login block.
Effectively what happens is as soon as they log in, they are logged out.
So seperate it like this:
// CALLED WHEN USER LOGS IN
function userLogin() {
FB.login(function(response) {
if (response.authResponse) {
console.log('Welcome! Fetching your information.... ');
FB.api('/me', function(response) {
console.log('Good to see you, ' + response.name + '.');
});
} else {
console.log('User cancelled login or did not fully authorize.');
}
}, {scope:'read_stream,publish_stream,offline_access'});
}
// CALLED WHEN USER LOGS OUT
function userLogout() {
FB.logout(function(response) {
console.log('Logged out.');
});
}
I had exactly the same problem until I realized that it was a matter of browser/facebook caching problem. Make sure you have the latest code in your webspace and test your app in a new browser if might be the solution of your problem.
The only solution that has worked for me was putting the permissions in the login button tag like this:
<fb:login-button show-faces="true" width="200" max-rows="1" data-scope="email">< /fb:login-button>