Facebook Open Graph - Issuing HTTP DELETE request - facebook

I'm trying to remove permissions via an Ajax HTTP DELETE request, but the response I'm getting back is not what the graph api docs say i should be getting. It says I should be getting a boolean response ("True if the delete succeeded and error otherwise."). But instead I'm getting an entire object of the permissions list:
var revokePermission = function(permName) {
var revoke_perm_url = "https://graph.facebook.com/me/permissions" +
"?access_token=" + access_token + "&callback=?";
$.ajax({
type: "DELETE",
dataType: "jsonp",
url: revoke_perm_url,
data: {'permission': permName},
success: function(response){
console.log(response);
}
});
}
revokePermission(permission_name);
Here is what I get back:
data: Array[1]
0: Object
bookmarked: 1
create_note: 1
email: 1
installed: 1
photo_upload: 1
publish_actions: 1
publish_stream: 1
read_stream: 1
share_item: 1
status_update: 1
user_interests: 1
user_likes: 1
user_status: 1
video_upload: 1
Note that the api docs say:
You can de-authorize an application entirely, or just revoke a
specific permission on behalf of a user by issuing an HTTP DELETE to
PROFILE_ID/permissions or PROFILE_ID/permissions/PERMISSION_NAME
respectively. This request must be made with a value user access_token
for the current app.
I understand all this, so when I either issue a request to the specific permission url (ie "/permissions/user_likes/") or to the base permissions url with the permission sent via the ajax data param, they both just return an object of all my current permissions, and the permission I requested to be deleted remains untouched.
However when I set the permission in both the url and the data being sent, it returns an object with an error:
Object
error: Object
code: 2500
message: "Cannot specify permission in both the path and query parameter."
type: "OAuthException"
Anyone know what is going on? Note that the LEGACY REST method of auth.revokeExtendedPermission does indeed work per (http://developers.facebook.com/docs/reference/rest/auth.revokeExtendedPermission/). It returns a boolean response and the respective permission is deleted.
Solutions?

Full code, tested, returns 'true':
var revokePermission = function(permName) {
var revoke_perm_url = "https://graph.facebook.com/me/permissions";
$.ajax({
type: "POST",
dataType: "jsonp",
url: revoke_perm_url,
data: {
'access_token' : 'access_token_here',
'permission': permName,
'method' : 'delete'
},
success: function(response){
alert(JSON.stringify(response, null, 4));
}
});
}
revokePermission("email");

Does "type: DELETE" actually work to send a HTTP DELETE request?
The response you're getting back there is the response to a GET request to /<USER>/permissions
You can fake a delete request by adding another parameter, 'method' and set that to delete when making the GET request, i.e.
data: {
'permission': permName
'method' : 'delete'
},

Related

How to create a chrome webRequest to validate response code

I want to check if my Linkedin Pixel tag is installed properly inside my webpages.
To validate, I would need to get a 302 response when the tag is fired.
Trying to create a chrome extension that could perform this validation.
chrome.webRequest.onSendHeaders.addListener(
(e) => {
console.log(e);
},
{
urls: ["https://px.ads.linkedin.com/*"],
}
);
--console.log object--
{documentId: 'E3A1D48B4697AC34E10A4D2A888CC8A9', documentLifecycle: 'active', frameId: 0, frameType: 'outermost_frame', initiator: 'https://www.theb2bhouse.com', …}
documentId: "E3A1D48B4697AC34E10A4D2A888CC8A9"
documentLifecycle: "active"
frameId: 0
frameType: "outermost_frame"
initiator: "https://www.theb2bhouse.com"
method: "GET"
parentFrameId: -1
requestId: "2395"
tabId: 2
timeStamp: 1652447005855.711
type: "image"
url: "https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2742940&time=1652447005855&url=https%3A%2F%2Fwww.theb2bhouse.com%2F"
[[Prototype]]: Object
Does anyone know how to send a webRequest to check if this above details got back a 302-redirect response?
On my inspect -> network request, I could see that the tag is fired correctly and recieved a response code of 302. Yet, I find the correct method to do the validation on webRequest.

How to fetch page list from Facebook Graph API?

I can download user events but not user managed pages. Why? What is the difference?
Using react-facebook-login to get user access token
import FacebookLogin from "react-facebook-login";
Adding Facebook login to the screen, it has the pages_show_list permission:
<FacebookLogin
appId={fbAppId}
autoLoad={true}
fields="name,email,picture"
scope="public_profile,pages_show_list"
onClick={this.componentClicked}
callback={this.responseFacebook}
And here is the handler:
responseFacebook = response => {
this.setState({
accessToken: response.accessToken,
isLoggedIn: true,
userID: response.userID,
name: response.name,
email: response.email,
picture: response.picture.data.url
});
axios.get('https://graph.facebook.com/v5.0/me/accounts&access_token='+response.accessToken)
.then(response => {
console.log("aaa " + response);
console.log("bbb ");
})
};
Second breakpoint will not be reached.
But get a lot of strange error:
Facebook API Explorer returns the data
Code is here: https://gitlab.com/j4nos/ticket-portal/blob/master/src/App.js
But get a lot oof strange error:
Focus.
The main part of importance here is that it shows that you are getting a 400 Bad Request response from the API, with that URL you tried to request there.
https://graph.facebook.com/v5.0/me/accounts&access_token=...
How does the query string portion of a URL start again ...?
Question mark, not ampersand.

Implementing Handover protocol for facebook chatbot throws error

My primary receiver is my dialogflow chatbot and my second one is the page inbox. I want to switch from the chatbot to the inbox by implementing:
request({
uri: 'https://graph.facebook.com/v3.2/me/pass_thread_control',
qs: {'access_token': 'pageAccessToken'},
method: 'POST',
json: {
recipient: {
id: 'userIdFromRequest'
},
target_app_id: 'pageInboxAppId'
},
}, (error: any, response: any, body: any) => {
console.log('BODY PASS THREAD CONTROL: ', body);
});
But I'm getting this error:
(#10) Only available to Primary and Secondary Receivers
When I try to get the secondary receivers:
request({
uri: 'https://graph.facebook.com/v3.2/me/secondary_receivers?fields=id,name&access_token=<page-access-token>',
qs: {'access_token': <page-access-token>},
method: 'GET',
}, (error: any, response: any, body: any) => {
console.log('BODY SECONDARY RECEIVERS: ', body);
});
I will get this error:
(#10) Only Main Receiver can call this API
But my chatbot IS the main receiver. I set in in page settings --> messenger platform.
I found out that this used to be a facebook bug, but it should have been fixed now.
Does someone has an idea what I'm doing wrong?
UPDATE
The app_roles parameter is missing in the web hook request. May it could have something to do with it?
Another mistake could be the userId. I took the senderId. The receiverId encounters an authorization error with errorCode 1 and the message "An unknown error occurred". I'm not sure which one is correct.<
UPDATE 2
The receiverId seems to be correct. The second request works with it. But still not the first: 500 internal server error...
Suddenly, it works now. Maybe they changed anything in the backend.

How to make Yammer REST API Call to get authenticated user's profile information?

I am trying to call Yammer REST API for getting authenticated user's information using the following code:
$(document).ready(function() {
$.ajax({
method: "GET",
url: "https://www.yammer.com/api/v1/users/current.json",
contentType: "application/json; charset=utf-8",
dataType: 'json',
success: function(data) {
if (data.Success) {
alert(data);
}
},
error: function(xhr2, status2) {
alert(xhr2.status);
}
});
});
However, it is always going to error method. Can anyone guide me to proceed on this piece?
You're not sending the API any authentication information, so how does it know what user it's supposed to be pulling down? You should take a look at the Javascript SDK.
I had the same problem. Change url from "https://www.yammer.com/api/v1/users/current.json" to "users/current.json" solves the issue (it will be going to success method)

Facebook batch calls with JSONP

As of 10.04.2012,
There is a short paragraph in the Facebook developer document for 'batch request' entitled: Batch calls with JSONP, which reads:
"The Batch API supports JSONP, just like the rest of the Graph API -
the JSONP callback function is specified using the 'callback' query string
or form post parameter."
I thought that meant you can also do a batch request using JSONP from Javascript (which will be a GET request, as JSONP works only as a GET request), so I tried that, with adding a 'batch' parameter (containing objects describing requests for batch as in the doc) to the query string. Response from FB server was:
Only POST is allowed for batch requests
So, questions:
1. What did they mean in that paragraph?
2. Is there a way to do an asynchronous batch request from Javascript?
I get the same. Sample code is
jQuery.support.cors = true;
var AjaxRequest = jQuery.ajax( {
url: "http://graph.facebook.com/",
type: "POST",
contentType: "application/x-www-form-urlencoded",
data: { "access_token": AccessToken, "batch": BatchRequest },
dataType: "jsonp",
error: function( jqXHR, textStatus, errorThrown ) {
... show error stuff
},
success: function( Return, textStatus, jqXHR ) {
showLog( "Return " + JSON.stringify( Return ) );
showLog( "textStatus " + textStatus );
showLog( "jqXHR " + JSON.stringify( jqXHR ) );
if ( Return.error ) {
... go away
}
else {
... use the data
}
}
} ); // eo ajax request
which gives
Return {"error":3,"error_description":"Only POST is allowed for batch requests"}
textStatus success
jqXHR {"readyState":4,"status":200,"statusText":"success"}
i.e. it successfully sends back an error message. JSONP translates the POST type to a GET, which Facebook doesn't support...
To answer qu.2 you can use FB.api to do asynchronous batch request in javascript. I was trying out JSONP because IE8 keeps hanging on the return from Facebook with FB.api.