How do I get permission on an application I have on a fan page tab and stay on the current tab?
I am collecting permissions on the application fine, but when I put the application onto a tab, it goes haywire seemingly getting caught in a never-ending loop and never going anywhere.
You could do this with the JavaScript SDK:
//Facebook connection with the JavaScript SDK
FB.init({
appId: 'YOURAPPID',
cookie: true,
xfbml: true,
status: true });
FB.getLoginStatus(function (response) {
//If you have permissions already
if (response.session) {
//Do application stuff...
}
else {
//Redirect browser to the permission dialogue
top.location="https://www.facebook.com/connect/uiserver.php?app_id=YOURAPPID&method=permissions.request&display=page&next=REDIRECTPAGEURI&response_type=token&fbconnect=1&perms=email,read_stream,publish_stream,offline_access";
}
});
You put in your application ID in the fb.init function, and then adjust the redirect for the permissions dialogue so it includes your application ID, the URI you want to re-direct to after the user accepts the permission dialogue, and finally the permissions you want to get (in this case I included email, read stream, publish stream and offline access token).
Related
I'm creating a Facebook app for mobile devices. Such application is displayed within a mobile browser, unlike Facebook canvas pages which are held in an iframe.
I'm using a mix of JS and PHP SDK to authorize and authenticate a user. The user needs to be already logged into Facebook to use my app. If not, they need to log in with Facebook login button. As a bridge between JS and PHP SDKs I'm using FacebookJavaScriptLoginHelper.
Part of my Facebook.php library doing the job:
<?php
// Initialize the SDK
FacebookSession::setDefaultApplication($this->app_id, $this->app_secret);
// Create the login helper
$this->helper = new FacebookJavaScriptLoginHelper();
try {
$this->session = $this->helper->getSession();
} catch(FacebookRequestException $ex) {
// When Facebook returns an error
} catch(Exception $ex) {
// When validation fails or other local issues
}
if ($this->session) {
// User logged in
$this->session = new FacebookSession($this->session->getToken());
}
?>
Facebook JS init:
<script type="text/javascript">
window.fbAsyncInit = function() {
FB.init({
appId: '{my app id}',
status: true,
xfbml: true,
cookie: true
});
}
FB.getLoginStatus(function(response) {
console.dir(response);
});
</script>
The above code works fine but there's a specific case when it fails. Let's assume I have two tabs open in my browser: in the first tab I have my app open, in the second one - I'm logged into Facebook. Two scenarios can take place:
I log out of Facebook and refresh the tab with my app. The result is correct:
FacebookSession is NULL
response.status from FB.getLoginStatus is 'unknown'. The user is not
logged in.
I go to the second tab, log back into Facebook and refresh the first tab with my app. The result is incorrect, but only on the first refresh:
FacebookSession is still NULL, even if
response.status of FB.getLoginStatus is 'connected'
The reason behind this fail on first refresh seems to be obvious: In the moment of reloading the page PHP SDK is triggered before Facebook cookie is refreshed. However, it's never a problem when the user logs out - in this case, somehow FacebookSession is updated instantly, as expected.
How come it does not work the same when the user logs into Facebook?
Does this help?
Subsequent calls to FB.getLoginStatus will return data from this cached response. This can cause problems where the user has logged into (or out of) Facebook since the last full session lookup, or if the user has removed your application in their account settings.
To get around this, you call FB.getLoginStatus with the second parameter set to true to force a roundtrip to Facebook - effectively refreshing the cache of the response object.
FB.getLoginStatus(function(response) {
// this will be called when the roundtrip to Facebook has completed
}, true);
Source: https://developers.facebook.com/docs/reference/javascript/FB.getLoginStatus
Section: Roundtrips to Facebook's servers
So, I have created your standard facebook test app. It has the javascript SDK loading block and the following code after it:
window.fbAsyncInit = function()
{
console.log('initiating FB');
FB.init({
appId: appID,
status: true, // check login status
cookie: true, // enable cookies to allow the server to access the session
xfbml: true // parse XFBML
});
FB.Event.subscribe(
'auth.authResponseChange',
function(response)
{
console.log('authResponseChange', response);
if (response.status === 'connected')
{
console.log('logged in');
}
else
{
console.log('not logged in');
}
}
);
};
The problem: with my dev account, every console.log() is logged, as expected. With a different account not in any way related to the app it only logs 'initiating FB', and nothing after that, even though status: true. Why is this happening?
That's fine, since there's no change in the state.
The auth.authResponseChanged event is fired when the auth response has changed. The authResponse is part of the response object that's returned when querying the state of a person's authentication status. It contains the person's access token, when the token will expire and the person's user ID.
For an app user, when you run the app- status is changed to login since you have set status: true, so this event is triggered and you got logged in and come to the session.
But when you run the app for a not-logged-in/non-app user, this event wont trigger since the status is not changed. It was "not-logged-in" or "not-authorized" earlier and its the same now.
When you call facebook login for a not-logged-in user/non-app user, the status will change and you will see a your log as "logged in" or "not logged in".
I'm trying to create a simple facebook app which can show user albums.
I've created a simple java application deployed it on local glassfish instance and entered this localhost url in newly created facebook application settings.
But to use facebook api on server side I have to specify user Access Token. Which if I'm wright, should be generated on client side.
For this purpose I'm using javascript api on the first page of my app to pass this access token as one of request params:
$(document).ready(function () {
FB.init({
appId: '*****************',
cookie: true,
xfbml: true,
status: true });
FB.getLoginStatus(function (response) {
if (response.authResponse) {
$('#buttonRedirectToAlbums').onclick(new function () {
window.location.replace("<c:url value="/helloController/testfacebookapi"/>?access_token=" + response.authResponse.accessToken);
})
}
});
});
The problem is that in getLoginStatus I get response object without any data except the authorized field which is false.
So I have two questions:
1) Is it a correct approach for developing a facebook app? Or am I using their api in wrong way?
2) How to "authorize" a user and is it actually required? Maybe I'm missing some permissions stuff...
Yes, it is necessary for a user to authenticate you application.
Regarding the approach, I would suggest you to go though this document. I think you are missing the of checking the status of the response. The document will tell you the correct approach for handling 3 different cases related to a user's status with respect to your app.
In your code, you're missing the part to handle the case where the user is not connected to your app or is logged out. You can modify your code to make it something like:
$(document).ready(function () {
FB.init({
appId: '*****************',
cookie: true,
xfbml: true,
status: true });
FB.getLoginStatus(function (response) {
if (response.authResponse) {
$('#buttonRedirectToAlbums').onclick(new function () {
window.location.replace("<c:url value="/helloController/testfacebookapi"/>?access_token=" + response.authResponse.accessToken);
})
}
else{
//Ask user to login or allow your App to access data.
}
});
});
For further reference on how actually to implement it, you can refer this example.
I am running into a problem with logging in to Facebook on Safari and IE. I can login just fine with Chrome and Firefox with the following code:
var appId = 'APP ID';
var uid;
// Initialize the JS SDK
FB.init({
appId: appId,
status: true, // check login status
cookie: true, // enable cookies to allow the server to access the session
xfbml: true, // parse XFBML
channelUrl: '//localhost:8888/photo/channel.html' // Channel File
});
// Get the user's UID
FB.getLoginStatus(function(response) {
uid = response.authResponse.userID ? response.authResponse.userID : null;
console.info(uid);
});
function authUser() {
FB.login(function(response) {
console.info(response);
uid = response.authResponse.userID ? response.authResponse.userID : null;
console.info("called");
}, {scope:'email,publish_actions'});
but when my code gets to FB.getLoginStatus on Safari and IE the response shows
authResponse: undefined
status: "unknown"
Edit: Forgot to mention that the popup that shows the permissions is not popping up in Safari and IE.
If the status is "unknown" that means one of two things:
the user is not logged in, or
third party cookies are disabled
Safari is the only browser to come with third-party cookies disabled by default (Firefox will be following suit shortly). Some of the higher security settings in IE will also turn them off. Since your code is working in Firefox/Chrome I would guess this is the culprit.
Unfortunately, third-party cookies are required for FB.getLoginStatus to return an appropriate authResponse and status. I think your options are pretty limited:
Let the user log in through PHP or another back-end SDK, and force them to sign in again every 2 hours (I think FB tokens expire every 7600 seconds)
Detect the "unknown" status and display a message to the user asking them to enable third-party cookies for facebook.com
I didn't actually fix the problem I was able to get around it by running the app on Facebook instead of my localhost. I believe this is because when on Facebook I am already logged in.
I'm trying to login users to my web page via facebook, and after they login via facebook i want to store their id (and some other informations) in db, so when someone came back, he/she will be redirected to their profile (which script was created first time).
So, i want to ask it is ok to use java sdk (facebook) for getting access token, and then use that token in .php via ajax..
So for example in javascript would be something like this:
FB.init({
appId: 'xxxxxxxxxxx',
status: true,
cookie: true,
xfbml: true,
oauth: true
});
//login
FB.login(function (resp) {
if (resp.authResponse && resp.authResponse.userID) {
var accessToken = response.authResponse.accessToken;
//here will be call for ajax with accessToken parmetar
}
});
});
After that .php (sdk php facebook) will use that access token to get information about user.
Probably you will ask why i dont just send resp.authResponse.userID via ajax and store it in db. Answer is that, someone can use "java in fly" and store users with different id-s. I hope that getting information on .php (server) side with access token will not let this happen..