Several WP7 apps (like the official FB application) provide their own login dialog and after filling it you get connected to facebook.
Further you are automatically logged in when you call the application later.
In general it's no problem to store the credentials encrypted on the device.
My question - has anyone an idea how to achive what the "offical FB app" does?
I searche around - but found nothing more then "must use the dialog / there is no other way...".
But for sure there is a way - since apps do this.
The "official fb app" also requires authentication.
the "Built in facebook support" works by connecting your LiveID to your facebook, and you still gave it your credentails when you connected it the first time.
There is nothing that exposes the "built in" credentials for any of the accounts (twitter, linked in, etc)
Can you imagine what would happen if ANY app could just automatically log in to any of those apps and do whatever they want?
Related
When I'm trying to log in with my facebook button on asp page (jdk) I'm getting this error:
App Not Setup: This app is still in development mode, and you don't have access to it. Switch to a registered test user or ask an app admin for permissions.
I've tried so many solutions available online, but its not working.
So, my login java script is "http://localhost:8003/en/user/login/".
The things that I set on the facebook app are: contact mail, site url:"http://localhost:8003/"
Valid OAuth redirect URIs "http://localhost:8003/".
I have set option "Do you want to make this app and all its live features available to the general public?" to yes.
Does anyone have any idea why it isn't working?
So i made it work. I feel ashamed that it took me soo long to figure it out.
Just had to put javascript for FB login in master page and it is available everywhere on website and localhost:port/ work as valid Valid OAuth redirect URI.
I'm building a public installation using an iPad, built as an iOS web app (using the "Add to Home Screen" functionality) which is going to allow users to share content on Facebook.
I'm currently logging the user in to Facebook and getting them to authorize my Facebook app when they click my custom share button. On a successful login, I open Facebook's Feed dialog and allow them to share. Once they have shared (or clicked cancel) I automatically log them out, making sure that the next user that uses the public installation won't be able to share to the previous user's Facebook account.
This all works well, but things get tricky if someone was to hit my custom share button, log in to Facebook and then not allow my app. This would mean that they have logged in, but as they haven't authorized the app, I don't have an access token, and so can't log them out (FB.logout() requires an access token).
Is there a way around this?
Or is there another way that I can log a user out?
Or is there a safe way to allow a user of a public installation (built in HTML) to share on Facebook and be automatically logged out afterwards? Would building a native obj-c app, and using Facebook's iOS SDK help?
The best I can think of is that if the user logs in but doesn't allow the application, they are told that they need to log out, and redirected to Facebook to be able to do this. However this offers them the chance to browse Facebook and (through shared links in their feed) the whole Internet - this isn't acceptable for our installation.
I solved this problem by creating a native iOS app, where the Facebook share link opened in it's own UIWebView. And once the sharing was complete, I deleted all session & cookie information, effectively logging the user out.
I've been looking at forge's new APIs (they look awesome)!
For the forge-facebook-API, I was wondering: does it actually open the native facebook app on the phone to ask for permissions?
I've done the ChildBrowser internet login to facebook before, and users are almost never already logged into Facebook Web. It's annoying to make them type in their facebook credentials on the web to use my app.
Yes. This is called SSO. From Forge's docs:
'within each of those sections SSO should also be enabled.'
But facebook has made all this automatic, so its auto enabled (You can't disable it, afaik). So hence yes is the answer to your question.
I have a website which allows login via facebook functionality and displays photos from facebook.
While accessing from a mobile browser I would like the website to automatically login(when the click on FB login button, without entering username and password) if the user is already logged in via the native FB application (iOS or andriod). It seems to be that I can do that by building a native iOS or android application and use facebook single sign on feature. Is it possible to do that without having the user install anything on their mobile device?
That is not possible.
Auto-Login relies on auth tokens that will be granted to a website or mobile app after a user approves an app. For security reasons, those tokens are tight to the cause they were issued for. Particularly, web tokens and mobile tokens are not interchangeable.
So you could build a native mobile app to get a "native token", but even if you would manage to (cookie-)inject it into a browser view, your website's backend couldn't use it.
More generally, you're raising an issue even facebook can't solve: Say you are using a facebook mobile app and logged in there. If you open facebook's web version on that very same phone, you'll have to log in there again. The root cause is the same as with above. Specifically, any native app is uncapable of setting arbitrary auth cookies into the OS browser. I personally believe this restriction will not fall, because it would have a large security impact - just imagine how any app could set (and possibly get) cookies for any website.
If they've never logged in facebook from their Mobile, how will your website ever know them ?
Is it possible to do that without having the user install anything on their mobile device?
Like PC's, users in a mobile device need to login in their phone in facebook's website before being eligible to login "automatically" to your website. When I say automatically, I mean they still have to go with the first time process of "Do you authorize this app/website to do X things on your account". That message is inevitable when using facebook's api on the web.
Hope this answers your question.
Is it possible to do that without having the user install anything on
their mobile device?
No this would not be possible. You need to have a native or hybrid app (phonegapped etc) to make it work. Mobile web apps run in a browser sandbox and without native code interface - you cannot get to the native SSO of FB on your mobile device
Did you have a look at this facebook page ? I'm not sure what you ask is possible, as basav said, but maybe you'll have some clues there.
I have seen many web apps supporting Facebook Connect...
But when i login through those apps sometimes the authentication is successful but nothing is returned to the app and the login page just goes to a blank page in that new windows and stops... The whole process fails... And this has not occurred once but many times...
So my question is:
Is Facebook Connect a good solution to use in apps or should i use something like Google Login or Twitter Login or OpenID or just a simple password based login or all of the things and let users choose what they want?
And if your answer is app the solutions then wont my database become messy and the app slower because it has look for more data now?
I know it depends on various factors but I just want your opinion, what would u choose and why?
Supporting Facebook connect as login function make sense only if your app has something to deal with Facebook (which is the most of our app today ;-)).
The behave of some app when sucessfully Authenticated and then Authorized is up to these app.
FB login give you all the tools to build you own user experience.
The things become a bit more difficult when you want to introduce FBConnect within already existing login base, while you have to find a way to bind the Identified FB user with your user account.