Custom built On Screen Keyboard in Adobe AIR for oAuth authentication - facebook

I am in the process of building a touch screen photobooth where users will take pictures, add graphics, etc in Adobe AIR. At the end of the process, they will get to email themselves the picture, share the picture on Facebook, and share it on Twitter.
I am using this tutorial: http://tv.adobe.com/watch/adc-presents/oauth-in-adobe-air-applications-built-with-flash-or-flex/ to figure out how to get oAuth to work in AIR. But it seems simple. Just load the authorization request URL into AIR's equivalent of an iFrame.
The tricky part is that there will be no physical keyboard on site. For all text input, we designed an onscreen keyboard. Programming an on screen keyboard in AS3 is pretty easy. But we don't have access to the text fields within the AIR HTML/Browser wrapper so we can't manually add characters to the input strings...
Is there any workaround we can implement for this? Adding a physical keyboard is unfortunately out of the question.

I realize this is 5 months old, but I was working on something similar for a client this evening and ran across your question. I also wanted to omit the need for a system level onscreen keyboard, or a physical real world keyboard, just wanted to use a Flash/AIR based keyboard completely under control of the app via the attached touch screen.
I came up with a hacky way to do this all in Flash/AIR and it works for any oAuth dialog (with some caveats). I've got it working as a test for Facebook and Twitter oAuth permission pages just this evening. It requires that you use a StageWebView for the display of the oAuth dialog and some JavaScript injection via loadUrl method of StageWebView. Using the stageWebView, setting up a listener for the Complete event on the load of the oauth permission page in your StageWebView is the first step.
Next step, is once its loaded and the complete event fires, in your complete handler, you can then inject javascript directly into the page via the StageWebView reference, and then via that function set up communication to populate the fields dynamically from your AS3 on screen keyboard or other function. For example, to populate the username field in Twitters oAuth permission page, you could do this:
webView.loadURL("javascript: form = document.forms[0]; form['username_or_email'].value='your_username';");
That populates the username field in Twitters oAuth permission page.
So you could inject a function into the page, which you could then call from ActionScript to pass in key presses from your virtual onscreen keyboard, or completed strings, to populate the proper fields. That is the only tricky part, identifying the form and field names in the source of the oAuth pages ahead of time. So far Twitter and Facebook look pretty straightforward to identify, but of course could break at anytime, a little regexp could help make sure they are correct. Only problem I see here beyond that would be if the field names changes dynamically for security purposes, but from a quick glance at twitter and facebook at least they don't appear to do that. Other oAuth pages may or may not, YMMV.
There is a useful library for working with StageWebView that might be helpful in doing some of this communication - take a look here: http://code.google.com/p/stagewebviewbridge/wiki/Communication
In any case, that is the overall approach, leverage StageWebView, and then dynamically inject your own JavaScript function to handle passing in the value to the fields from your onscreen keyboard, or simply populate the fields directly with code similar to the above. Hope this helps anyone out there attempting something similar.
Wanted to add that I came up with this approach because it was/is a requirement to allow a user to do this directly on the exhibit I am working on, but my personal preference would be to simply collect a users email address, or phone number, and have the interactive send them an email or SMS message to their own device, which they could then easily share more safely and securely. Another solution would be to display a QR code, a user could snap and quickly resolve to share more securely - I prefer those approaches, but the above will do the trick for users willing to enter in their credentials in a public place. Make sure you have time outs on the session and properly logout users credentials for subsequent users, otherwise bad things are guaranteed to occur.

Related

Custom Dynamic Links in Firebase that goes to user profile

Im pretty new to Firebase, so please bear with me on this one. This problem has been stuck in my head for the past days.
I have seen some videos on Dynamic Links, but i havent seen some clear answers to what im hoping to achieve. I want to create a Dynamic Link, that allow users to share their account with their friends (through a link).
So my question is how can i manually construct a dynamic link (with User A´s uid), so when User B clicks on that link (and has the app) it will go straight into the profile of User A?
Should i create a link when a user signs up and store it under their profile in the database?
Looking forward to hearing how you guys would go about solving this problem im having.
You essentially want to create link where the link parameter (what's called the "Deep link URL" in the Firebase console) looks something like https://www.example.com/userProfile?uid=314159. (The full deep link will look different than this.)
When your app opens up this dynamic link, it will convert the incoming URL to a Dynamic Link object, and that object will have a url property that equals this link parameter. Your app will have to do the work to analyze this url and say, "Oh, this appears to be a request to view a user's profile, so I'm going to redirect to that part of my app". It won't happen automatically.
Whether you create it when the user first signs up, or when they decide to share their profile is kinda up to you. I'm generally not a fan of pre-generating deep links ahead of time, because you might realize later you want to change an aspect of these links, and that's easier to do if you don't have thousands of pre-generated DLs. Keep in mind that either way, there is a network call required to convert these longer URls into a prettier short URL.

How to handle navigation within a Facebook page tab application

I am working on a page tab application and am having an issue with navigation. My application, written in MVC3, is displaying and authenticating just fine as a page tab. When I click on my tab, my app receives a POST with the signed_request object as expected.
My question is, how can I support links to other pages in my application? When a user clicks on a link, I want an action to be called in my application and to not leave the Facebook iframe. In addition, I need the signed_request to be passed along so I have a user context.
At first, I thought this was not supported and that all page tab applications had to be written as Single Page Applications. However, I found examples that do exactly what I am looking for.
Click on an image:
https://www.facebook.com/Sephora/app_305927716147259
And:
http://woobox.com/pinterest
How are these apps handling page navigation within the iframe?
The performance of clicking on an image seems to be pretty bad. What are they doing behind the scenes and is there a more direct way of handling navigation?
I will also need to handle POSTs.
Thank you.
When a user clicks on a link, I want an action to be called in my application and to not leave the Facebook iframe.
Well, that’s what normal HTML links do – so no extra effort required at this point :-)
In addition, I need the signed_request to be passed along so I have a user context.
You could pass it as a GET parameter with every link – but this way the user can easily “see” it, and it might also get transfered to external servers (if any external resources are embedded within your page) via the HTTP referrer.
The better solution IMHO is store the signed request server-side in your session (parsed already, if you like), so that you have access to it on the following pages of your app.

Accessing checkboxes with faces when using Facebook "send" button

I've messed around with FBML (deprecated, I know) and the newer HTML5 code to no end, but so far I haven't found any way to do what I'm looking to do.
When using "apprequest" within an application on Facebook (within iframe), I can allow users to share requests to join the app, but those messages that get sent are very hidden away. They don't seem to appear in the newsfeed for shared recipients, and we're afraid users won't see the request from their friends.
Instead, we thought we'd allow users to alternatively share to their friends with the "send" button code that Facebook offers up. This allows us to specify a URL (we were thinking the app canvas URL or page tab it would live on).
So far, this is all I could generate...
Is there any way to have the send code let me specify that we want faces with checkboxes for uses to select their friends, instead of a sharing party needing to type out names of their friends by hand? There's got to be some easy way of doing this.
Stop me if you think I'm going in the wrong direction on this. Maybe there's a better way that I'm simply not thinking of.
Here's an example of the checkbox functionality I'm referring to...
This violates the browser security model and also Facebook's policies, you can include a to parameter with the send dialog to preselect one recipient, but you can't modify the browser DOM because the Facebook dialog is in an iframe

Creating a custom Facebook login form

Does anyone know if it is possible to create our own user interface for Facebook connect instead of having to use FBLoginDialog?
If YES, how?
IF NO, can I format FBLoginDialog to have the look that I want just like the FBStreamDialog (POST message to wall)?
Any suggestion would be highly appreciated.
The FB authorization process is based on OAuth, and the whole idea is that users should never have to give you their user name or password. If you implement your own login interface, that means all information users type in is passed through your code, and that would mean that you break the intention of OAuth, even if you could get it to work (which is not very easy).
An alternative is to modify the appearance of the page by running some Javascript code on the FB web page after it has been loaded from the network. (You'd do that using -[UIWebView stringByEvaluatingJavaScriptFromString]) But even though this is possible, like taskinoor I don't think it's a good idea, because the main thing is that users should feel confident that it the FB page and nothing else that they are typing their info into.
It's in fact not possible for iPhone users to be sure that you haven't faked the whole web view, but at least you shouldn't try to make them suspicious.
I'm not sure whether it can be done or not. But the thing is you most probably should not try to change this. The reason is many user (including me) won't put password if the login page is not from FB. Though I agree that this decision is highly depended on the designer.

How is a Facebook user's language / internationalization preference stored?

I'm developing a Facebook application for a business page. The application can only be accessed as a tab, meaning there is no box or direct access intended.
I've done my share of searching and even though I hate asking for help when I know the information I'm after must be there somewhere, I've reached
the point of exhaustion and beg for a solution.
I've managed to work with my application the way it was intended, it retrieves some data from my databases and users can view that information without
a problem. The issue here is that I'm unable to figure out a way of getting information from the user who is viewing that tab. I don't want any private stuff,
in fact, the only thing I need is to know in which language he/she is viewing FB so I can grab content in that language instead of the default.
I thought that maybe FB stored that information on a cookie, or a session variable, who knows. I'm sure I seen something like en_GB on a cookie from
FB once, but maybe it was a mere delusion from sleep deprivation.
I'm sure there is a pretty solution developed already and I just can't wait to learn about it!
Thank you for you time :)
To translate the application, you should be using facebook translations.
All the text in your app should be inside and other intl tags and the translation for these should be available on facebook translations app. Then facebook shows the translated text to the user based on their locale.
Facebook Translations app: http://www.facebook.com/translations/
You can see the strings to be translated here.
You also have to enable you applications for translations in the Translation app admin panel.
More about translations here : http://wiki.developers.facebook.com/index.php/Internationalization
Here's a method that describes getting the current user's language in a canvas frame even when the user hasn't logged in: http://fbdevwiki.com/wiki/Locales#Getting_the_User.27s_Locale . I suspect that it should also work in a page tab iframe.