I am a newbie on integrating facebook to iphone.
Now I encounter a problem when removing offline_access. Who can give me a hand? please
I use following code to get facebook authorization.
[facebook dialog:#"oauth" andParams:params andDelegate:self];
While when I extend access token with following code:
[facebook extendAccessTokenIfNeeded];
I encounter error: error_msg=The access token was not obtained using single sign-on, error_code=10
If I use following code to get authorization, I can extend access token.
[facebook authorize:permissions];
But I don't want my app directe to safari and then redirect to my app to get authorization
I see in Removal of offline_access permission, it says
Scenario 4: Client-side OAuth and Extending Access_Token Expiration Time through New Endpoint
Could I use it?
If yes, how to use it?
If no, is there any other method to extend access token? (without redirecting to safari)
{request_args=(
{
key = method;
value = "auth.extendSSOAccessToken";
},
{
key = sdk;
value = ios;
},
{
key = "sdk_version";
value = 2;
},
{
key = "access_token";
value = AAAAAK9pJJuEBAJ5VBsWIMjfdv6s9q6bXjO4AdO3diZA6s9ABEqS1VHNG1N5ynbvxyXVrFxTZAQ4RS8vww5hFPgb86TamBD0yjqPN75xopr8ACwqu8X;
},
{
key = format;
value = json;
}
), error_msg=The access token was not obtained using single sign-on, error_code=10}
Related
I make a request to find out the data about my user access token:
fetch("https://graph.facebook.com/v8.0/debug_token?input_token=" + access_token).then(function (response) {
response.text().then(function (textII) {
alert(textII);
});
});
In this case, I take the accessToken value from auth Response after authorization to the application and Facebook:
{
status: 'connected',
authResponse: {
accessToken: '{access-token}',
expiresIn:'{unix-timestamp}',
reauthorize_required_in:'{seconds-until-token-expires}',
signedRequest:'{signed-parameter}',
userID:'{user-id}'
}
}
But I get an error:
{
"error": {
"message": "(#100) You must provide an app access token or a user access token that is an owner or developer of the app",
"type": "OAuthException",
"code": 100,
"fbtrace_id": "AtpM_XaTOgH7YH-OXHdQCXj"
}
}
The value of my variable access_token is not null (I checked), while this is sort of a user access token (the keyword "sort of"). So what's wrong? Explain, please. If you need information about what I need it for, then I need it for this request:
for (var iio = 0; iio < posts_ids.length; iio++) {
fetch("https://graph.instagram.com/" + posts_ids[iio] + "?fields=id,media_type,media_url,owner,timestamp&access_token=" + access_token).then(function (response) {
response.text().then(function (textII) {
alert(textII);
});
});
}
Which throws an error:
{
"error": {
"message": "Invalid OAuth access token.",
"type": "OAuthException",
"code": 190,
"fbtrace_id": "AD7BAPqUGdQGC6dyV9K_FFr"
}
}
At the same time, in my previous requests, just starting with "https://graph.facebook.com/", and not "https://graph.instagram.com/", everything worked with the accessToken that I received after registration.
Help me please. I'm new to the Instagram API, so I can be pretty dumb.
Please turn off the setting(Setting -> Advanced -> Application authentication), it works!
#Denis Bredun , you would have to pass access_token field also as the URL param, so just update the url to -
https://graph.facebook.com/v8.0/debug_token?input_token=<access_token>&access_token=<access_token>
Try resetting your app secret. I was getting the same problem, and this fixed it.
I solved the error by changing the app secret to the correct one.
Make sure you are using the proper app secret.
For me, using the debug_token api requires the "page token" and the "app token" and then you call the api in the format :
https://graph.facebook.com/v<version>/debug_token?input_token=<page_token>&access_token=<app_token>
As per the facebook doc To get the app_token, you need the app id and app secret. And then you call https://graph.facebook.com/oauth/access_token?client_id={your-app-id}&client_secret={your-app-secret}&grant_type=client_credentials
To get the page_token, this is done by first getting the user_token, then you convert the user_token into a long lived user token, and then you get the page token calling the api "/<page_id>?fields=access_token".
Note that you will need the proper permissions on the user_token to do that, like "pages_read_engagement" otherwize you will get an error from the api trying to get the page token.
I'm building an App with ASP.NET MVC 5 and Identity.
So far the login is working correctly.
Here the auth:
var fb = new FacebookAuthenticationOptions();
fb.Scope.Add("email");
fb.Scope.Add("friends_about_me");
fb.Scope.Add("friends_photos");
fb.AppId = "";
fb.AppSecret = "";
fb.Provider = new FacebookAuthenticationProvider() {
OnAuthenticated = async FbContext => {
FbContext.Identity.AddClaim(
new System.Security.Claims.Claim("FacebookAccessToken", FbContext.AccessToken));
}
};
fb.SignInAsAuthenticationType = DefaultAuthenticationTypes.ExternalCookie;
app.UseFacebookAuthentication(fb);
I'm trying to get the friends list. I've been looking for a few examples but none is working with this version of MVC 5.
My question is. How can I fetch all the friends with this version?
I don't want to use Javascript API, I want all the code in c# and then send to the view.
I think I just need to rewrite the login and store the access token in the session, and then simply call var client = new FacebookClient(TOKEN);
So how can I rewrite the login?
You've already got everything you need. The OnAuthenticated callback you've set adds a claim containing the access token for Facebook. You just need to pull the claim for the user:
var identity = (ClaimsIdentity)User.Identity;
var facebookClaim = identity.Claims.FirstOrDefault(c => c.Type == "FacebookAccessToken");
if (facebookClaim != null)
{
// access facebook API with `facebookClaim.Value`
}
And if it exists, then you can use the Facebook API to pull in their friends by making standard HTTP calls via something like HttpClient.
I am trying to build a server-to-server auth flow using the Facebook PHP SDK and no Javascript, as outlined here. So far, I have successfully created a LoginUrl that lets the User sign in with Facebook, then redirect back to my App and check the state parameter for CSFR protection.
My Problem is, that I can't seem to get the API-call working that should swap my Auth Code for an access token. I pillaged every similar problem anyone else that Google was able to find had encountered for possible solutions.
Yet the end result was always the same: no access token, no error message that I could evaluate.
Researching the topic yielded the following advice, which I tested:
The URL specified in the App Settings must be a parent folder of $appUrl.
use curl to make the request instead of the SDK function api()
I've been at this for 2 days straight now and really could use some help.
<?php
require '../inc/php-sdk/src/facebook.php';
// Setting some config vars
$appId = 'MY_APP_ID';
$secret = 'MY_APP_SECRET';
$appUrl = 'https://MY_DOMAIN/appFolder';
$fbconfig = array('appId'=>$appId, 'secret'=>$secret);
$facebook = new Facebook($fbconfig);
// Log User in with Facebook and come back with Auth Code if not yet done
if(!(isset($_SESSION['login']))){
$_SESSION['login']=1;
header('Location: '.$facebook->getLoginUrl());
}
// process Callback from Facebook User Login
if($_SESSION['login']===1) {
/* CSFR Protection: getLoginUrl() generates a state string and stores it
in "$_SESSION['fb_'.$fbconfig['appId'].'_state']". This checks if it matches the state
obtained via $_GET['state']*/
if (isset($_SESSION['fb_'.$fbconfig['appId'].'_state'])&&isset($_GET['state'])){
// Good Case
if ($_SESSION['fb_'.$fbconfig['appId'].'_state']===$_GET['state']) {
$_SESSION['login']=2;
}
else {
unset($_SESSION['login']);
echo 'You may be a victim of CSFR Attacks. Try logging in again.';
}
}
}
// State check O.K., swap Code for Token now
if($_SESSION['login']===2) {
$path = '/oauth/access_token';
$api_params = array (
'client_id'=>$appId,
'redirect_uri'=>$appUrl,
'client_secret'=>$secret,
'code'=>$_GET['code']
);
$access_token = $facebook->api($path, 'GET', $api_params);
var_dump($access_token);
}
The easiest way I found to do this is to extend the Facebook class and expose the protected getAccessTokenFromCode() method:
<?php
class MyFacebook extends Facebook {
/** If you simply want to get the token, use this method */
public function getAccessTokenFromCode($code, $redirectUri = null)
{
return parent::getAccessTokenFromCode($code, $redirectUri);
}
/** If you would like to get and set (and extend), use this method instead */
public function setAccessTokenFromCode($code)
{
$token = parent::getAccessTokenFromCode($code);
if (empty($token)) {
return false;
}
$this->setAccessToken($token);
if (!$this->setExtendedAccessToken()) {
return false;
}
return $this->getAccessToken();
}
}
I also included a variation on the convenience method I use to set the access token, since I don't actually need a public "get" method in my own code.
I'm using CakePHP 2.3.1 and this plugin: https://github.com/webtechnick/CakePHP-Facebook-Plugin to implement a facebook authentication. I followed this screen cast http://tv.cakephp.org/video/webtechnick/2011/01/12/nick_baker_--_facebook_integration_with_cakephp but it doesn't work, I can't receive the Facebook user information. I mean $this->Connect->user() always return null.
First make sure your user as granted access to your app. Then make a call to retrieve personal details through the api(/me) => $this->Connect->user()
Personally, I use this
public function beforeFilter(){
if($this->Connect->FB->getUser() != 0){
$this->set('facebookUser', $this->Connect->user());
}
Initiating ConnectComponent will populate (or not) the Auth Session. If no id is to be found, redirect user to a login dialog.
Call this method from beforefilter..and save the post data received in some variable like fb_data here.
protected function _valdiateFbRequest() {
if (!isset($this->request->data['signed_request'])) {
// not a valid request from fb
// throw exception or handle however you want
return;
}
$this->signedRequest = $this->request->data['signed_request'];
$this->fb_data=$this->Connect->registrationData(); //save fb data
unset($this->request->data['signed_request']);
if (empty($this->request->data)) {
$this->Security->csrfCheck = false;
}
// validate the request
}
I am using Facebook API to get the contact number and email id of friends, I worked on fbgraph and fql and uses all queries from https://developers.facebook.com/docs/reference/fql/, but in forum page of facebook I found there is no way to get the contact number and email ID.
I also used the extended permission of the Facebook API but I didn't find anything.
If anyone know about it then please give the answer ...
answer will be appreciated...
Thanks in advance!!!!!
If you use this code with the users access token
var url = "https://graph.facebook.com/me/?access_token=" + token;
var req = new XMLHttpRequest();
req.open("get", url, true);
req.send(null);
req.onerror = function () { alert("Error"); };
Then you will find the req.responseText has all the user information you are after. You can also get the user access token once they login.
Make sure you have the "email" permission when the user authenticates
NSArray *permissions = [NSArray alloc] initWithObjects:#"permissions",nil];
[facebook authorize:permissions];
[permissions release];
Then, when the user has logged in, get the "me" from the graph:
[facebook requestFromGraph:#"me/" withDelegate:self];
You get the information from the "requestDidLoad" callback method:
if([result objectForKey:#"first_name"]){
// do stuff w/ user info
}
The id is:
[request objectForKey:#"id"];