On Facebook pages, many HTML elements include a 'data-ft' JSON object that is of the form:
data-ft='{
"src":10,
"sty":263,
"actrs":"117307284966434",
"targets":"117307284966434",
"pub_time":1317143005,
"fbid":"153538678072594",
"qid":"5657092603540274768",
"s_obj":5,
"s_edge":1,
"s_prnt":28,
"ft_prefix":"feed_story.top_news",
"ft_story_name":"StreamStoryCreateGeneric_ShareStreamContent_External_Other",
"mf_story_key":"10150331666719785",
"object_id":"153538678072594",
"mf_objid":"153538678072594",
"viewstate_id":"3201743663063655712",
"sub_level":"mid",
"sbj_type":"page",
"is_boulder":"1",
"authentic":1,
"pageid":"117307284966434",
"filter":"h",
"pos":14
}'
What do these keys represent? Some of them are straightforward, such as 'sty' as style, 'actrs' is the Facebook-ID of the original poster, and 'pub_time' is the UNIX epoch representation of the post date & time.
In particular, I am interested in understanding what the 'authentic' key represents, as well as the 'fbid' and 'qid' values.
Thanks for your insight, SO.
This is the root of how BFB (Better Facebook user script) can allow filtering, tabbing, etc.
In the HTML source, there is an attribute on each post that looks like this:
data-ft:{
"src":10, "sty":46, "actrs":"14385334364",
"pub_time":1289830690, "fbid":"1485431831867", "s_obj":11, "s_edge":1,
"s_prnt":11, "pos":1, "sec":"new", "filter":"lf",
"app_id":"201278444497"
}
This is the data we need!
BFB parses this when processing each post and extracts the data.
sty = Story type. Each type of story, like wall posts, status updates, pictures, links, etc has a unique story type with its own number. Unfortunately, these are not documented anywhere! I have to figure out the types by observation and trial and error. It's painful. But knowing this type numbers allows BFB to do filtering based on what kind of story it is.
actrs = The unique Facebook id's of the person (or people) that made the post. Again, good for filtering.
pub_time = The time the post was made. This is useful later...
fbid = The unique Facebook ID of the post. Every post has its own ID. At least, it should. See the explanations below for why this is not as reliable as it sounds
app_id = The unique ID of the Facebook application that made this post
Related
I have a simple API that return Something for a given ID and it must be used without any kind of authentication, the URL should be permanent and yet I want to avoid as much as possible it to be botted.
The Url is something like this:
https://url/{SomeId}/doSomething
The problem is that this is very predicable and a bot could easily try all the ID and get everything associated to it.
I'm looking for a way to make the URL non predictable like for example:
https://url/{SomeId}/doSomething?Key=SomeVeryLongCryptographicKey
In this way except if you run a supercalculator you shouldn't be able to deduce all the URLs
I know that there is probably a lot of ways to do that, like using a DB which I want to avoid.
I guess I'm looking for a kind a JWT associated to the ID without expiration but maybe there is better solution.
Edit: to give a better example i'm looking to do a bit like did Zoom for permanent invitation Links. They had predictable room Ids and they added a password making it unpredictable lie so:
https://us05web.zoom.us/j/132465789?pwd=SUxIU0pLankyhTRtWmlGbFlNZ21Ndz08
What would be the best/light/"secure" way to achieve that ?
Also I'm using .Net if there is a library doing that, it would be great.
I think your idea of using a JWT makes the most sense. Better to use something standard from a cryptographic point of view, and the JSON format allows for encoding whatever you need to provide to the receiving endpoint (user names, entity names, entity IDs, other things).
There are standard Microsoft libraries for building and validating JWTs, but I prefer the library Jwt.Net (https://www.nuget.org/packages/JWT). It lets you do something like this quite easily:
var token = JwtBuilder()
.WithAlgorithm(new RS256Algorithm(publicKey,privateKey))
.AddClaim("uri", String.Format("https://example.com/api/{0}/{1}", entityName, entityId))
.Encode();
Just add whatever claims you like, and the JWT will then contain what you want to transfer (I've used an example of the URI that you want to give to the entity) and a signature with your private key. You could even just give a URL like https://example.com/from_token/eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJ1cmkiOiJodHRwczovL2V4YW1wbGUuY29tL2FwaS90ZXN0RW50aXR5LzEyMzQifQ.K2P4wSF6g1Kt-IHMzlklWTV09_MIkoiNHQztSIYOohmOWe7aBfFSQLIKSbdTECj9XPjNNG_AjH9fdjFglkPuYfr2G9rtl2eh5vTjwdM-Uc0X6RkBu0Z2j7KyMKjkaI3zfkIwhtL1mH873xEBtNOGOW18fuBpgnm8zhMAj1oD3PlDW8-fYBrfLb6VK97DGh_DyxapbksgUeHst7cAGg3Nz97InDPtYcWDi6lDuVQsj3t4iaJBRL8IM785Q8xjlHHhzdfcX3xU4IhflyNHHXxP56_8ahNNMOZKWdwgbTSIxEEB98b3naY3XknC-ea7Nc1y4_5fszrYdy3LaQWV43jpaA
and have the handler decode the entity name and ID you want to retrieve directly from the URI while verifying the signature. Decoding with the library is just as easy:
var json = JwtBuilder.Create()
.WithAlgorithm(new RS256Algorithm(_key))
.MustVerifySignature()
.Decode(token);
I am sending a request for graph insights with the action type breakdown like this one given in an example on Facebook page : https://graph.facebook.com/XXXXXXXX/app_insights/story_publishes?since=1418112000&until=1426748400&summary=true&breakdowns[0]=client&breakdowns[1]=action_type&breakdowns[2]=auth_state&date_format=U
The result is however difficult to read because the type of action is represented by a numeric value (uuid) like this: "action_type"=>"465905580137487", so I dont know what it relates to- checkin, share or photo upload. Also for different apps those uuids are also different. Does anyone know what call I need to make to get the action type names as strings? Thanks for help
You need to call this URL:
https://graph.facebook.com/{action_id}
where action_id is the value returned by action_type. You'll receive the action details on the response.
I am trying to bring comments made on a particular event by targeting this URL: https://graph.facebook.com/1466384840257158/comments
I am passing the user_access_token
I have two comments at present on this event made on the same
day(2014-03-29)
Now I try to pass a date which should bring an empty data result/object
like this: https://graph.facebook.com/1466384840257158/comments?since=2011-01-01&until=2014-01-10
This request has no effect, it still shows me the two comment made
on the 29th
I have tried the same kind of date range on my user-id/feed and it
gave me an empty data object.
Finally i tried event-id/feed (before trying date filter) and it
gave me the following error
.
{
"error": {
"message": "An unexpected error has occurred. Please retry your request later.",
"type": "OAuthException",
"code": 2
}
}
Could you please guide me about date filter on that particular query (point4) or if you have any other idea to use date filter on comments made for an event.
Comments use Cursor-based Pagination, so you cannot use since or until on the comments endpoint (these parameters would work f.ex. for the feed endpoint).
To get the comments in a time range you have to fetch all comments from NOW to the start of the time range, f.ex. with https://graph.facebook.com/1466384840257158/comments?filter=stream&limit=1000+paging (the filter=stream will order the result with the timestamp).
USING SINCE UNTIL FOR COMMENTS on GROUP
If you want to use since and until for comments, it is not possible directly for a group. So, First you can apply it for status(feed) and then get the comments for that feed.
This works for me:
{group_id}/?fields=feed.since(08/25/2016).until(08/31/2016){from,comments{from,message}}
Why don't you try first to filter by notifications?... notifications allows you to add parameters like since. For example (using Facebook pages):
https://graph.facebook.com/PAGEID?fields=notifications.since(2015-3-31 00:00:00).limit(250).include_read(true)&{id,created_time,updated_time,unread,object,link}&access_token=ACCESSTOKEN
Once you got the json data, loop through data, get the ID and send a second request but this time using the PAGEID_POSTID edge. Something like this:
https://graph.facebook.com/PAGEID_POSTID/comments?fields=id,from{name,id},message,can_remove,created_time&limit=1000
Voahla!... there's no need to read every comment!...
Note 1: A Page access token is required, along with the manage_pages permission
Note 2: Use the parameter/field include_read to get all the notifications, even the already readed
Note 3: In the second request, use the parameter/field "filter=stream" to order the posts and get the comments made in the name of your page
Note 4: Don't forget to control the asynchronicity once you loop!
Note 5: Notifications duplicate posts, use an array to avoid to read more than one time the postUse the parameter/field include_read to get all the notifications, even the already readed
I do not know if it's too late. But, Yeah it works in the graph api version 3.3.
for example: if you wanna get comments on a post of a Facebook page you can do it like this:
You have to use page Access-token
The get Graph Request : post_id/comments?since=some_date
I am having problems running queries with FQL that include a supplied "Large"(beginning with 10000..) User ID
here is an example of one that is not working:
fql?q=SELECT uid, first_name,last_name,pic,pic_square,name
FROM user
WHERE uid=100002445083370
Is there a way to encapsulate the long number so it's passed as a string?
here is another example:
/fql?q=SELECT src_big
FROM photo
WHERE aid IN (SELECT aid
FROM album
WHERE owner=100002445083370 AND type="profile")
ORDER BY created DESC LIMIT 1
Has anyone been able to solve this issue? I am testing the queries in the graph explorer with no luck as well.
I see what the problem is,
The User id I am trying to pass is supposed to be: "100002445083367", but from querying the list of friends and grabbing their User Id, I am getting back "uid":1.0000244508337e+14 which is being shortened to: 100002445083370 (php removing the e+14) throwing off the second query. I need to make sure the id I am grabbing is staying as a string value not a number while I pass it back and forth from PHP and Javascript.
The problem is because of the way PHP handles JSON_DECODE. I had to modify Facebook PHP SDK and add a preg_replace previous to the json_decode. It will make sure json_decode doesn't convert large integers to floats by first converting them to strings.
here is the code:
line 803 from base_facebook.php:
$result = json_decode(preg_replace('/("\w+"):(\d+)/', '\\1:"\\2"', $this->_oauthRequest($this->getUrl($domainKey, $path),$params)), true);
here is more information on the subject:
http://forum.developers.facebook.net/viewtopic.php?id=20846
What do you mean by "not working"?
That query works for me in Graph API explorer but the response is
{
"data": [
]
}
I think that user-id isn't valid; https://www.facebook.com/profile.php?id=100002445083370 gives a "Page not found" error for me.
Looking for a way to get an exact phrase match out of the Graph API's search endpoint. For example, all activities with "dogs and cats" in them. Putting the phrase in quotes doesn't seem to work, the API will return activities containing those words, but in any order.
curl -v "https://graph.facebook.com/search?q=%22dogs%20and%20cats%22&type=post&limit=75&access_token=&since=Wed+Jan+25+20%3A59%3A30&until=Wed+Jan+25+20%3A59%3A40"
returns and activity whose text is:
"Ohhh man it's raining dogs cats lobsters crab birds and horses up here. I'm scared!"
"dogs" "cats" and "and" are all in that post, but not in order.
Yeah I faced the same problem. There's a similar question that might help Using the Facebook Graph API to search for an exact string
Facebook doesnt allow exact phrasal matching drectly, atleast not at the API level, You would have to fetch the entire data and programmically check for exact matches (too slow though).