I want to create an iPhone app that displays (among other things) a specific Facebook wall. For a good user experience I didn't want an app that required the user to have a Facebook account and I didn't want to force the user to have to log in to Facebook to see the latest "news" in the app. I started out by getting the wall RSS feed and tried parsing it ... I can "see" all the data I need ... but that is getting complicated quickly and has too many variables that are making the final results less than stellar. I have read through the Facebook iOS programming tutorials and it seems to me like the SDK forces the user log in, which I don't like.
My question ... Is there a way to use the Facebook SDK with hard coded profile credentials to access a specific wall without forcing the user to login? If possible, is that a recommended approach? Any other ways to skin this cat?
I have read through the Facebook tutorial and searched through many postings on this site but haven't found an answer to this ... sorry if this a newbie question and has already been answered.
Item I.2. of the Facebook API policy list says
You must not include functionality that proxies, requests or collects
Facebook usernames or passwords.
It sounds to me like that's what you're proposing to do; i.e., the user will be able to see a certain wall, but using hard coded credentials (not their own). In other words, your credentials are proxying for the user.
I do not know if it is technically possible to do this (I imagine it is) but I don't think it's a good idea, and I do think it's a violation of the Facebook API terms of service.
First you need to get the a access_token by parsing your app id and secret.
https://graph.facebook.com/oauth/access_token?client_id=YOUR_APP_ID&client_secret=YOUR_APP_SECRET
Then send following request to get the data you want. Note that only public data will be accessible.
https://graph.facebook.com/FACEBOOK_USER_ID/?access_token=ACCESS_TOKEN
Related
As far as I know, you can only tag friends of the account associated with the access_token currently in use. This means that if I want to be able to make an app to share photos on facebook with a tagging functionality, it's mandatory that I make an authentication system, where the user needs to type his password to login on FB and I request and store his sixty_days_access_token. This approach is fine for web apps, but is troublesome if I have to implement a desktop touchscreen interface where the users interact with the system in an environment where anyone can watch him typing his user and password. I'm facing this problem with a public touchscreen, where the users can take pictures and send it to Facebook. The interface is implemented with C++ and the curl library. As the touch is in a very crowded environment and the screen is big, we experienced that the users are intimidated to enter his acc/pass. We worked around this problem by creating a fan page to the event where we store all the photos. As we already have the fan page admin access token stored, we don't need to login the users but clearly we are not able to tag any of the user friends, which vastly reduce the viralization potential of the solution.
So, having this problem in mind, how can I face this?
Do I really need to make an authentication of the users to be able to
tag their friends?
Is there any creative solution?
Yes, if you want to tag a user or their friends in a post, you need them to log in - this is a requirement of the Photo tagging API.
The only alternative i can think of is to give the user a URL they can go to later (e.g. on their phone or PC) which will prompt them to authorise your app and do the tagging at that time.
I just created last week an App and I've read that offline access doesn't work with newly created apps.(I haven't found any tutorial on the web. I am really new to facebook apps)
with this new change in facebook, I don't know how to use the current thing.
I badly need this feature because I don't want the user keeps logging-in in facebook everytime he visits and posts a status in my site as well in his facebook wall. I just want the user to be stayed connected and be able to post on his wall automatically thru my site once he authorized my app.
Thank you.
There are very clear and simple instructions on the following documentation to explain what you need to do to switch to long-life access tokens:
https://developers.facebook.com/roadmap/offline-access-removal/
Also, from your description, it sounds like you are spamming and breaking Facebook Platform Policies. Users will hate any app that automatically posts on their behalf, so I recommend you do not do that, as either people will stop using your app or they'll report it and it'll get banned.
I'm trying to get a user to 'Like' a page via the SDK. User is signed in and I get a valid access tokken form the cookie. My APP has asked for permissions read_stream and publish_stream. I can successfully do things like post to their wall, etc. But when my APP tries to 'Like' a page, I get the error back:
OAuthException: (#3) Application does not have the capability to make this API call.
Am I missing some other permission, or is there a setting I have to turn on in my APP? I'm at a loss here.
You can't like a Page on behalf of a user (Bugzilla discussion). You can, however, like posts, comments, and photos on behalf of a user.
Edit 7/9/2012
Since bugzilla no long exists, the bug linked above is inaccessible. Google doesn't have a cached version of the page, so I ran another search. The best thing I could come up with was this Google Code Discussion regarding the ActionScript API.
Facebook makes brief mention of Publishing likes via the Graph API in the documentation, but doesn't say one way or another whether you can like a Page on behalf of a user - just "Objects" which (probably arguably) are not "objects" in Facebook-lingo.
My thought is, the API to like page is available, but is only offered to white listed applications (such as, the Facebook iOS and Android applications) written by "special" publishers. There's obvious reasons why Facebook wouldn't want/allow developers to create like connections on the graph. It would be taken advantage of by spammers and other nefarious developers and would deteriorate the meaning of what a "like" represents for a page on Facebook.
My guess is, you'd have to make a pretty strong case to Facebook about why you need/want access to the Page's Like connection (for publishing) before they'd even consider giving you access. I'd also guess that they'd want to verify that you're doing only user initiated like creations (in such a way that the iOS application would handle it) so as to protect the reptutation/meaning of a "like" action.
Actually this is NOT true, but you have to do a complicated Javascript / UIWebView process in order to display a Facebook 'page' of JUST the like button on your view, and this like button you can configure in the JavaScript / Objective-C (using string replacement) to be any Facebook page url you like.
Facebook's platform policies don't allow for a web-based like button aside from using the officially supported options
Those options doesn't require using OAuth or the Open Graph api. However, facebook just added support for mobile apps to send like actions through opengraph.
I'm not sure if they intend to allow sites to customize their like buttons or just apps...
Liking works for me with the iOS SDK using the graph api:
https://developers.facebook.com/docs/opengraph/actions/builtin/likes/
I'm linking my app to Facebook, and would like people to log in with their Facebook account, but I can't figure out how to do this. I had read up on Facebook Connect, but it seems that that's not used any more - but every tutorial I can find seems to refer to it. When I try to follow them, it doesn't work, because the interface has changed.
So, can anyone direct me to a tutorial or guide to doing this the new way?
Basically, what I want to do is this:
A user who is signed into Facebook and comes to my webpage is automatically logged in to my app (with the usual Facebook 'granting permission' windows etc), or can sign in with their Facebook account if they're not already logged in.
I then want to use Facebook to link users with their friends who are also registered on my site, so they can share things.
I would also like to have access to Facebook comments made on wall posts from my site - so the comment stream for a particular post can be seen on my site as well as on Facebook, and comments can be made on either.
If anyone can point me in the right direction (or even tell me what I should be typing in to Google!) I'd be very grateful.
Thanks.
Some sample apps that do many of the things you speak of are shown here. The Graph API is probably your best bet right now for delivering the content and access you need and there are numerous tutorials online for how to use it, including the Facebook Developers site itself.
You will find good Tuts on ThinkDiff, e.g.
http://thinkdiff.net/facebook/new-javascript-sdk-oauth-2-0-based-fbconnect-tutorial/
http://thinkdiff.net/facebook/php-sdk-3-0-graph-api-base-facebook-connect-tutorial/
http://thinkdiff.net/facebook/graph-api-iframe-base-facebook-application-development-php-sdk-3-0/
I know this is an older question, but the current method for authentication is OAuth 2.0.
Facebook provides a pretty good outline of what steps are necessary in this Reference:
https://developers.facebook.com/docs/authentication/client-side/
This example allows the authentication to occur entirely in Javascript on the client side so that you can request a potential user to authenticate via Facebook and then confirm access to your application.
If the user is already logged in, only the access confirmation for your application is performed.
If the user is already logged in and access has already been granted, the user is not required to login, or reconfirm access.
Let's say I own/control a Facebook page where events are posted. I'd like to display these events on another website (In my case, a WordPress blog, but that's not the important part) on an "Upcoming events" page.
What I'm unsure about is: Is the Facebook API usable "externally" like this? I've downloaded the PHP library and have a demo app running that works from within Facebook (i.e. emitting FBML that facebook.com interprets and displays to the logged-in user), but in my case I want a third party (my web server) to query Facebook every so often, rather than the site visitors directly requesting data (HTML/JSON/etc.) from Facebook itself.
Is this sort of thing possible with the Facebook API? How will my web server authenticate itself? What information do I have to store?
Note: I'm looking for information more at a "sequence diagram" conceptual level, not just asking for code. That part I can figure out myself. ;) Unfortunately, Google and the FB developer wiki have not been entirely forthcoming. What do I need to know so I can start coding?
This is a basic overview of how I've done it for a few of my clients who wanted similar functionality:
Create a pretty basic app that prompts for Extended permissions, specifically "offline_access" and whatever else you need
Store the resulting Session Key in your database with the UID
Create a secure, authenticated webservice for your app which allows you to get the info you need for a UID that you supply, using the session that you've stored in your database
On the website make requests to your app's webservice, being sure to cache the results for a certain period of time and only make a new request to your webservice once the cache has expired (I use 5-10 minutes for most of mine)
So basically your Facebook app acts sort of like a proxy between the website and the user, doing all of the authenticating and requesting using legitimate means.
I've used a webservice because I only wanted to maintain one Facebook app for multiple client's needs. It works like this (in a not-very-awesome ASCII art diagram):
Facebook User 1 \ / Client Website 1
Facebook User 2 --- Facebook App --- Client Website 2
Facebook User 3 / \ Client Website 3
Note: I've only done this for users, not pages, so your mileage may vary.
You can do Events.get with the Facebook API then supply the page/profile ID you'd like to get the events for. Depending on how your page is setup you may have to authenticate, simply use your Facebook account, since you should have access to all the events. oh and make sure you do plenty of caching so your not hitting Facebook on every page load.
AFAIK other than user info, you can't fetch any other data from facebook.
But you can try it other way - say create an app that stores events and other relevant information on a webserver and then your other website can easily access that info.