How can I allow a user to revoke access to my application using their API service, SDK. http://developers.facebook.com/docs/sdks/
Looking at the documentation I can't find anything about revoking the access.
For the FB JavaScript SDK:
FB.api('/me/permissions', 'delete', function(response) {
console.log(response); // true
});
in the graph API for the user object you can issue an HTTP DELETE request to /PROFILE_ID/permissions to revoke authorization for an app.
from the official documentation (developers.facebook.com/docs/reference/api/user/):
You can de-authorize an application or revoke a specific extended
permissions on behalf of a user by issuing an HTTP DELETE request to
PROFILE_ID/permissions with a user access_token for that app.
Parameter Description Type Required permission The permission you
wish to revoke. If you don't specify a permission then this will
de-authorize the application completely. string no You get the
following result.
Description Type True if the delete succeeded and error
otherwise. boolean
For anyone who would find this helpful, I was losing sleep and wrecking my brain for days trying to get this to work;
FB.api('/me/permissions', 'DELETE', function(response) {
if (response == true) {
window.top.location = 'logout-facebook.php';
} else {
alert('Error revoking app');
}
});
I finally got this to work when I observed that the "response" being returned was not a boolean but a JSON object.
The JSON object being returned was either;
{
success: "true"
}
OR
{
success: "false"
}
Following that, the correct code was;
FB.api('/me/permissions', 'DELETE', function(response) {
if (response.success == true) {
window.top.location = 'logout-facebook.php';
} else {
alert('Error revoking app');
}
});
Hope this helps someone!
With PHP SDK V 5
$DeletePermsUser = $fb->delete('/{user-id}/permissions/',[],$access_token);
Related
I'm doing a hybrid app using Ionic framework.
I want to implement a facebook event system to attend some events. I have this:
ngFB.api(
'/666945880120392/attending',
'GET',
{},
function(response) {
// Insert your code here
}
);
and I have ngFB in my app.js file like this:
ngFB.init({appId: '[APP_ID]'});
The error I have is:
openfb.js:256 GET https://graph.facebook.comundefined/?access_token=undefined net::ERR_NAME_NOT_RESOLVED
I was looking for a solution but no answer. I also try in the developer facebook console and the answer is correct:
https://developers.facebook.com/tools/explorer/145634995501895/?method=GET&path=666945880120392%2Fattending&version=v2.7
What it's happening? Thanks!
EDIT 1
Thanks to #e666 I did now this
ngFB.api({
method: 'GET',
path: '/666945880120392/attending'
}).then(function(response) {
console.log(response);
}).catch(function(error) {
console.error(error);
});
And the error now is that if I'm logged with an account always the return in the event is:
Object {data: Array[1], paging: Object}
And inside data is the name of another person, the unique person that is attending to the event and no the person who is logged with the access token.
Thanks!
EDIT 2
I opened another question because this is not the result than I hope, I need to go to an event, no to get the list of the people that goes to the event.
I have this now:
ngFB.api(
"/666945880120392/attending",
function (response) {
if (response && !response.error) {
console.dir(response);
}
}
);
the access_token is ok, and the response is
openfb.js:256 GET https://graph.facebook.comundefined/?access_token=EAABlK6y7pOUBAN3CPWdZB5FL…LCpXL9Bd3ELHQZAA6EJc6cCheAxUUnL59ZCZAf7aROCapJxiu991fxjDkxmMO651rfuREwZDZD net::ERR_NAME_NOT_RESOLVED
In the page of facebook https://developers.facebook.com/tools/explorer/?method=POST&path=666945880120392%2Fattending&version=v2.5
The response is
{
"error": {
"message": "(#299) Requires extended permission: rsvp_event",
"type": "OAuthException",
"code": 299,
"fbtrace_id": "G7HFJ48pbkx"
}
}
But I have this permission. Can someone help me please?
First, the path is undefined because you don't use correctly the method api. That is how you need to use it :
ngFB.api({
method: 'GET',
path: '/666945880120392/attending'
}).then(function(response) {
console.log(response);
}).catch(function(error) {
console.error(error);
});
Furthermore, you have undefined in access_token. As I looked in the library code, I am not sure that you can use this library without login as a user to have an access_token.
To have an access_token you need to use this function :
ngFB.login({scope: 'email'}).then(function(response) {
console.log('Access token' + response.authResponse.accessToken);
}).catch(function(error) {
console.error(error);
});
The access_token will then be automatically attached to request that you make with OpenFB.
You can find more complete examples of how to use the library is the github here : https://github.com/ccoenraets/OpenFB/blob/master/indexng.html
Trying to get Meteor Facebook login to work. It functions fully in that it uses Facebook API and requests the correct permissions from the users account and then logs in successfully.
The problem is it doesn't save the permission requested information even though its been approved and only the basic name and ID are available in Meteor.user().services.facebook. Is this code not working because it's not saving the users details on login? I can't find a resource that details how to save or extract the other data.
Simply trying to console log the data to see that it's been extracted out of the Facebook user account on log in.
Within Meteor.isClient code:
Template.login.events({
'click #facebook-login': function(event) {
Meteor.loginWithFacebook({ requestPermissions: ['email', 'public_profile', 'user_friends', 'user_likes']}, function(err){
if (err) {
throw new Meteor.Error("Facebook login failed");
}
console.log(Meteor.user().services.facebook.name);
console.log(Meteor.user().services.facebook.id);
console.log(Meteor.user().services.facebook.email);
console.log(Meteor.user().services.facebook.gender);
});
},
'click #logout': function(event) {
Meteor.logout(function(err){
if (err) {
throw new Meteor.Error("Logout failed");
}
});
}
The config code:
ServiceConfiguration.configurations.remove({
service: 'facebook'
});
ServiceConfiguration.configurations.insert({
service: 'facebook',
appId: 'correctAppID',
secret: 'CorrectSecret'
});
For Facebook v2.4 API after you have requested for certain permissions you can then access them by making a graph API call and requesting them with a valid auth token. The code is as follows:
if (user.hasOwnProperty('services') && user.services.hasOwnProperty('facebook') ) {
var result = Meteor.http.get('https://graph.facebook.com/v2.4/' + user.services.facebook.id + '?access_token=' + user.services.facebook.accessToken + '&fields=first_name, last_name, birthday, email, gender, location, link, friends');
console.log(result.data.first_name);
console.log(result.data.last_name);
console.log(result.data.birthday);
console.log(result.data.email);
console.log(result.data.gender);
console.log(result.data.location);
console.log(result.data.link);
console.log(result.data.friends);
}
Following the standard example from the docs, but it's not working.
Funny thing is that if I do Ti.API.info(fb.getPermissions()), publish actions is listed.
Here's the output from that line:
[INFO] : permissions=
[INFO] : publish_actions,status_update,publish_stream,read_stream,manage_pages
Code:
var fb = require('facebook');
fb.appid = '1234567';
fb.permissions = ['publish_actions', 'status_update', 'publish_stream', 'read_stream','manage_pages']; // Permissions your app needs
fb.authorize();
fb.forceDialogAuth = true;
var data = {
caption: 'This is a test',
picture: blob
};
fb.requestWithGraphPath('me/photos', data, 'POST', function(e){
if (e.success) {
alert("Publish is ok");
} else {
if (e.error) {
alert(e.error);
} else {
alert("Unkown result");
}
}
});
publish_stream is deprecated since years, and competely senseless if you use publish_actions anyway.
That being said, the error message means that the authorization process was not successful. If you are trying as Admin of the Facebook App, you should debug your Access Token after authorization, and make sure that you get asked for the permissions in the process.
If you are NOT trying with an Admin/Developer/Tester of the App, it is most likely because the permissions need to get approved in the Login Review first: https://developers.facebook.com/docs/facebook-login/review
The new Facebook graph api has divided friends into Friends & Invitable_friends .
me/friends/ returns my friends who are using the app while me/invitable_friends/ returns only the list of my friends who are not using the app.
But in my app,a user may interact with random users too who may not be on his friend list.
So how do i get user data for those who are using the app but are not on my friend list.
Thanks.
I went through the same issue and solved it like that: when a user starts your app by default you ask for permission to access his public profile information, which includes real ID, name and some other. You simply store the user data (id, name, etc.)in a database. This way you keep track of all the people using your app and they can interact with each other.
JavaScript Example:
window.fbAsyncInit = function () {
FB._https = true;
console.log('here');
FB.init({ appId: 'xxxxxxxxxxxxxxxx', cookie: true, xfbml: true, oauth: true, version : 'v2.0'});
Login();
};
function Login() {
FB.login(function(response) {
if (response.authResponse){
checkUser();
}
else{
console.log('User cancelled login or did not fully authorize.');
}
}
);
}
function checkUser() {
FB.api('/me', function(response) {
$.ajax({
type: "get",
url: "cgi-bin/checkUser.cgi",
cache: false,
data: {"user_name" : response.name, "u_id" : response.id, "link" : response.link},
success: function() //onSuccess,
{
console.log("user " + response.name + " checked!");
},
error: function()
{
console.log("Error with server connection on user checking");
}
});
});
}
I don't know in what language you are writing the app but I believe that in every language you should call the "login" function, which asks the user for permissions and basically gets access to info.
To get details of users who are using the app but are not your friends,call the following
graph.facebook.com/v2.0/
?ids={comma-separated-ids}&access_token=app_access_token&fields=name,picture
access_token is a must else graph-api returns following error-
The global ID xyz is not allowed. Please use the application specific ID instead.
This will work for all users who have authenticated the app no matter their authentication date,but for any non-app user graph-api returns above error message.
I have the following JS function:
<pre><code>
function fblogin() {
FB.login(function(response) {
if ( response.status === 'connected' ) {
objFacebookUser.token = response.authResponse.accessToken;
FB.api('/me', function(response) {
objFacebookUser.id = response.id;
connect( objFacebookUser );
});
} else if( response.status === 'not_authorized' ){
console.log('User cancelled login or did not fully authorize!');
} else {
console.log('User is not logged in!');
}
}, {scope:'{{$smarty.const.FACEBOOK_CONNECT_PERMS}}'});
}
</code></pre>
I have never had any problems with this until today. For some reason, one account I'm trying to use Facebook connect on will always throw "not_authorized" as the response.
I tried deleting the app from that account's applications. It would request to Allow permissions, I click allow and it throws "not_authorized" again. I'm totally stuck. Been reading on this for the whole day now without a solution. This doesn't happen to every account, but I need to get to the bottom of this.
Any help is greatly appreciated.
Found the solution!
I was in Sandbox enabled mode. Make sure that Sandbox mode is DISABLED. Otherwise, you'll run into a lot of authentication issues.
Cheers!
Armin