I changed my Facebook App to OAuth 2.0. Now the Login window ignores the user permissions.
The new login button code is as follows:
<fb:login-button show-faces="true" width="400" max-rows="2" scope="read_stream, publish_stream, email"></fb:login-button>
when I use perms instead of scope it works.
I have oauth:true in FB.init(). In the app settings oauth2 is active.
(Everything I did and learned was in an effort to be able to publish to a Facebook Timeline from a 3rd party website. I don't know your motive/goal. It might not be the same as mine.)
I am using JS SDK with javascript commands, not xfbml markup.
I am using the beta version of the JS SDK: set the host to connect.beta.facebook.net instead of connect.facebook.net
I have oauth:true in my FB.init() function.
I have app settings for OAuth 2.0 enabled at developers.facebook.com.
This is my FB.login():
FB.login(
function(response) {
if (response.authResponse) {
// handle a successful login
}
},
{
scope: 'publish_stream' // I need this for publishing to Timeline
}
);
One thing I did to debug this was to check the value of FB._oath. If it is undefined, you have a problem. If it is true, you can proceed to the next challenge.
So after lots of trial and error, I finally got FB._auth===true
Related
I'm using FB js sdk.
In the function FB.login, if I add one of this permission (pages_user_locale, pages_user_gender, pages_user_timezone) I have this error.
If I remove them, the fb login work fine.
Example of code:
FB.login((loginResponse) => {
...
}, { scope: "public_profile,email,pages_messaging,pages_messaging_phone_number,pages_show_list,pages_manage_metadata,instagram_basic,instagram_manage_messages,pages_read_engagement,business_management,catalog_management,pages_user_locale,pages_user_gender,pages_user_timezone", return_scopes: true });
I found the mistake.
This permission shouldn't request these page permissions using FB Login.
As long as they are approved at app and page level, I should be able to use it.
I recently integrated the phonegap-facebook-plugin (https://github.com/phonegap/phonegap-facebook-plugin) into both iOS and Android (same app).
I want to do something that I believe to be simple: by-pass the call to native facebook for login/authentication and always use the web dialog. How does one go about accomplishing this?
My login code currently looks like this:
Init code:
//facebook initialization
FB.init({
appId: 'xxxxxxxxxxxx', //'<%#= FB_APP_ID %>',//'',
nativeInterface: CDV.FB,
useCachedDialogs: false
});
And the login call is:
FB.login(function(response) {
if (response.authResponse) {
// connected
me.signInFacebook({
token: response.authResponse.accessToken,
email: response.authResponse.email,
success: function (data) {
// hide login view and show tabview
form.destroy();
// continue whatever action was previously happening
me.continueAction(tabIndexBack, callback);
},
failure: function (response) {
// show errors Ext.Viewport.down('tabscontainerview').setActiveItem(3);
}
});
} else {
//go back
Ext.Viewport.down('tabscontainerview').setActiveItem(3);
alert('fb login error');
}
},{ scope: "email" });
Thanks for your help!!
I created a plugin to facilitate the connection between Facebook and phonegap without using Plugin Native only with Jquery:
https://github.com/studiosoton/faceGap
To bypass native FB login, you can make your own manual facebook authentication flow without using JavaScript SDK of the Facebook (https://developers.facebook.com/docs/facebook-login/manually-build-a-login-flow/v2.3) via inAppBrowser or ChildBrowser plugins.
Your app must initiate a redirect to an endpoint which will display the login dialog:
https://www.facebook.com/dialog/oauth?client_id={app-id}&redirect_uri={redirect-uri}&response_type=token&scope=email
Facebook redirects people to the redirect_uri mentioned above and places an access token along with some other metadata (such as token expiry time) in the URI fragment:
https://www.facebook.com/connect/login_success.html#
access_token=ACCESS_TOKEN...
Your app needs to detect this redirect and then read the access token out of the URI. You can then skip straight to the Inspecting access tokens step.
On the Android version of the plugin, you can force it to use the dialog by modifying the way the plugin calls me.facebook.authorize in the login action of theorg.apache.cordova.facebook.ConnectPlugin class.
You'll need to pass in an additional activityCode parameter with Facebook.FORCE_DIALOG_AUTH:
me.facebook.authorize(cordova.getActivity(), me.permissions, Facebook.FORCE_DIALOG_AUTH, new AuthorizeListener(me));
I'm not entirely sure about iOS, but you might be able to try with openWithBehavior and FBSessionLoginBehaviorForcingWebView
Without any Facebook plugins you can use Facebook functionality,for that use phonegap.facebook.inappbrowser.js using this js you can easily access all Facebook functionality for more information visit this URL : Facebook Integration Step without any plugins
I have a mobile web site using Facebook Connect to authenticate user. I encountered a problem login with Opera Mobile. I have below javascript to detect login status, but only in Opera Mobile the callback is not firing. Is anyone encountered this problem?
window.fbAsyncInit = function () {
FB.init({
appId: 'xxxx',
channelUrl: 'http://xxxx/channel.html',
status: true,
cookie: true,
xfbml: true
});
FB.Event.subscribe('auth.statusChange', handleStatusChange);
};
function handleStatusChange(response) { // --> NOT FIRE
if (response.authResponse) {
//Login, show Logout button
}
else {
//Show Login button
}
}
Please make sure you put the JS tags and other required HTML in a logical order (if you use an fb-root element put the scripts after it, try putting them inside BODY if they are currently in HEAD). I've seen FB login fail because the tags were in the wrong order, and because some browsers do "speculative parsing" this cause of random cross-browser malfunction may not be immediately obvious. (Besides, you create a race condition that might break in any browser if the network has a hiccup and the timing of loading stuff is unexpected..)
If you still have problems it would be useful to get a link or a demo to look at. We've tested a random page that uses FB Connect and worked fine. Apart from tag order issues I can't guess what might go wrong for you here.
Opera Mobile has new release today (12.10.ADR-1210081231). It solved the Facebook login issue, but there is a minor issue. The Facebook windows will not close automatically after user login.
I want to ask a user to grant the "publish_stream" permission to my app with the facebook javascript sdk.
I initialize it like this:
FB.init({
appId : '203702512703',
status : true, // check login status
cookie : true, // enable cookies to allow the server to access the session
xfbml : true, // parse XFBML
channelURL : 'http://mydomain.com/channel.php', // channel.html file
oauth : true // enable OAuth 2.0
});
And my FB.ui call looks like this:
FB.ui({
client_id: '203702512703',
method: 'oauth',
scope: 'publish_stream',
redirect_uri: 'http://mydomain.com/',
response_type: 'token',
display: 'dialog'
});
If i change 'dialog' to 'popup' it works perfectly. But if i specify 'dialog' or leave the option out it shows me the fb-div but with a loading animation (like this: http://p.iqs.me/t1c4j ) and the content never loads.
What am i doing wrong?
UPDATE:
I found this page http://developers.facebook.com/docs/reference/dialogs/#display that says the following about using "iframe" as display:
"Because of the risk of clickjacking, this is only allowed for some certain dialogs, and requires you to pass a valid access_token"
Doesn't say anything like that about "dialog" thought but both iframe and dialog gives the same bad result.
How would i pass in the access_token?
'popup' is mandatory for method: 'oauth' or FB.login for javascript SDK because of security (clickjacking and phishing). I'd suggest to use FB.login anyway to get permissions or to authenticate because it is more convenient.
hope this helps
There is also a discrepancy in the way you can use display: iframe for FB.login depending on whether you're in a tab or on a canvas. On a tab you don't need an access_token and on a canvas you do.
So on a canvas, you're stuck with either pop-ups being blocked or a good percentage of users refusing to provide basic permissions for something as simple as a post to their own wall that they initiated. IMVHO FB need to rectify this asap but I've had a bug logged against it for months and there's been no sign of a change.
I integrated the graph api facebook connect but if we are login to facebook, we will automatically login to the site with facebook connect as well. Is there any way we let the user clicks on fb "Login" only then the user is connected to the site with their fb account?
Now the user is automatically login to the site without the option to choose whether they would want to use their facebook account. If they want to logout from the site, they need to logout from facebook completely only then they can logout from the site with facebook connect as well.
Anyone can help me or give some tips how to go about?
Thank you!
I had this same problem on a recent website, and found a way to overcome it. My solution allowed a user to already be logged into facebook on their computer, yet not have it auto login on my website, then they can login with Facebook Login button and finally when they logout it won't log them out of Facebook on their computer, just on my website (much like Digg does with facebook).
To do it I was using https://github.com/facebook/php-sdk/ to check within PHP if there was an active facebook session with the user and the website (which would cause the auto login). If there was, I would not echo the auto login code:
FB.init({
appId : '<?php echo $facebook->getAppId(); ?>',
session : <?php echo json_encode($session); ?>, // don't refetch the session when PHP already has it
status : true, // check login status
cookie : true, // enable cookies to allow the server to access the session
xfbml : true // parse XFBML
});
FB.Event.subscribe('auth.login', function() {
window.location = "process-login.php";
});
but instead just render my own facebook login button that would link to "process-login.php".
process-login.php would set the custom $_SESSION variable that told my website someone was logged (whether via my own system, or via facebook), and then reload the referring page (using $_SERVER['HTTP_REFERER']) which would now display the user as logged in via Facebook since my own $_SESSION variable was now set. To log them out (without logging them out of Facebook entirely, just my website), I would just load a logout script that removed the $_SESSION variable.
The example.php (in the php-sdk on github) was very helpful at finding my solution, though I had to customise it significantly to make it work with my existing system. It at least helped me see how to access the facebook session variable in PHP (stored in $me in the example).
Hope this helps you if its still a problem, or that it helps someone else in this situation.
EDIT:
Turns out I still had some issues with auto login on the rare occasion. To fix it I removed the event.subscribe('auth.login') and make a facebook button that called the following function to check login status before subscribing to the auth.login even. Here is the function:
function check_login_session(){
FB.getLoginStatus(function(r){
if(r.session){
window.location = '/process-login.php';
}
else{
FB.Event.subscribe('auth.login', function(response) {
window.location = '/process-login.php';
});
FB.login();
}
});
}`
I had the same problem, I guess that you are using the scripts provided by facebook. In that case you have a function associated with the window.fbAsyncInit event. This happens everytime that the page is loaded.
At the end of this method you have the code:
FB.getLoginStatus(function(response) {
statusChangeCallback(response);
});
The function statusChangeCallback verifies your user's facebook status (connected, authorized, or unknown). Here, if the user is "connected" you log him into your site. Well that's the problem, you are always trying to log the user in with facebook.
This must only happen on click, so you should erase those lines
hello dear I think you have made your question so confused. Your question is not stating what actually do you want. As for as I have understood I think you want to connect the user to you site through facebook connect and you want when user clicks on facebook logout, it automatically logouts from your site.
if my understanding about your question is right then simply let the user to login through facebook and do logins in your system in FB.Event.Subscribe event.
Use the following code for login button
<fb:login-button perms='email' autologoutlink='true'>
When user will allow your his facebook account to connect with your site
<div id="fb-root">
<script>
window.fbAsyncInit = function() {
FB.init({appId: "Your APP ID",
status: true,
cookie: true,
xfbml: true});
FB.getLoginStatus(function(response) {
if (response.session) {
// Send here parameters that logins to your system through your website login system
} else {
}
});
FB.Event.subscribe("auth.login", function(response) {
window.location.reload();
});
FB.Event.subscribe("auth.logout", function(response) {
window.location.reload();
//Send the Parameters that logouts user from your website through your website logout system;
});
};
(function() {
var e = document.createElement("script");
e.type = "text/javascript";
e.src = document.location.protocol +
"//connect.facebook.net/en_US/all.js";
e.async = true;
document.getElementById("fb-root").appendChild(e);
}());
and put the above whole code right after your <body> tag
If You have:
FB.Event.subscribe('auth.login', function() {
fbLogin(this);
});
Try to comment it /* fb.Event..... */