I created a number of posts on behalf of the user by issuing an HTTP POST request to (PROFILE_ID/feed) with the publish_stream. Sample:
https://graph.facebook.com/me/feed?
I got everyone's post ids, but I when I'm trying to access and read them I getting a "false" respond..
I was at a Perl Mongers meeting (Los Angeles) last week where the presentation was on integration with Facebook. In particular, one of the developers was discussing his new module, Facebook::Graph. He indicated that in producing the module he learned a lot about what Facebook would do if you request information but don't provide everything it is expecting in your request. Your problem description sounds like a case in point.
The module's description is:
This is a Perl interface to the Facebook Graph API
http://developers.facebook.com/docs/api. With this module you can
currently query public Facebook data, query privileged Facebook data,
and build a privileged Facebook application. See the TODO for all that
this module cannot yet do.
There is a companion POD for that module called Facebook::Graph::Cookbook. It contains a couple of cookbook examples.
While the module is still fairly new and under development, I know that the individual who worked on it has spent many hours working on it in a professional setting where solid results are expected. I'm confident that he "got it right." It's currently being used by a high-traffic well known website.
There's no point trying to re-implement interfacing with this API when someone else has done a good job of it already. Through the discussion that took place after the presentation I know that the module has gone through extensive testing. That's not to say it's perfect, but it's probably a hundred or more man-hours further along the journey.
It's my suggestion that you implement your Facebook Graph interactions through using this module. I suspect when you do, many of your headaches will go away.
You'll need to ask for the read_stream permission to do this
Related
I'm new to OAuth and I would really appreciate if someone could give me a hand with my problem. I need to create a simple web application for track expenses, with some basic actions (user must be able to create an account and log in, list expenses, edit them, etc) with a REST API for each one, and the trick is that I need to be able to pass credentials to both the webpage and the API. So, after some research I've found some examples using Digest Authentication and HMAC Authentication but lot of posts also mentioned OAuth as an alternative approach, so my question is, given this scenario, would be proper to use OAuth? I mean, as far as I understand OAuth is suitable when you want to share resources with other application, which I'm not doing for this project; besides that, when you try to access the shared resource it appears a page requesting permission for the foreign application, would that page appear at some point in my application? (maybe after the login?)
Thanks in advance guys
In your current scenario it does not make sense to use OAuth. It's not what OAuth is designed for.
If your application ecosystem is going to have multiple webapps running on a single SSO (like google) then it is very helpful to have OAuth.
Suggestion: Decide based on your business/operation plan and implement accordingly.
Note: If you plan to have 10 apps in the span of the next 5 years but only have one app now it does not make sense to spend time to implement complex protocols like OAuth right now. Scale as you grow.
A bit or problem here, well I figured out how to store users signing up from FB/Twitter using SecureSocial, but how am I to register users using email-registration, Can anyone provide me with a brief explanation of how one does it in SecureSocial. I have googled a lot to find tutorials about how thats done, but with no avail.
Yes, of course I can store the token data easily, but in case of email users how am I to integrate the stored data with the user trying to login through the email-password menu. I am confused with the whole work-flow of registering user-by-email
Since I am new to scala, and even new to SecureSocial, I couldn't get the user-regsitration working properly, and didn't properly understand the guide provided in the SecureSocial site regarding this matter.
It would be helpful, if you could provide me with any pointers, or point me to resources/tutorialscovering the part.
Well, I researched about my own question and gained some ideas about Token,
As the name itself describes, Tokens are like real world tokens/tickets:
Tokens-id in SecureSocial exactly are JAVA UUID generated keys, which are unique and used to describe if a particular SecureSocial request is valid or not.
For example if you have used SecureSocial, you might have come accross links like:
http://someapp.com/signup/xxxx-xxxx-xxxx-xxxx
Most imp part of the Token Object, token-id=> xxxx-xxxx-xxxx-xxxx, its unique and you will find them in every links connected to email registration and its other functionalities, like :
Password Change Links
SignUp Links
I 'll try and posting more elaborate answers, after I learn more about SecureSocial.
Ok before you jump to some conclusion like I'm looking for a free lunch or something of the sort, read the description entirely.
I have experience only in making small simple apps in PHP, Java and ASP.NET. I had no idea what GET, SET etc exactly are and what REST services are. To try to use the Twitter API, I did some reading and got to know (I might be wrong here, because this is what I THINK that I know..) that you can make a GET request like this one:
http://api.twitter.com/1/statuses/user_timeline.json
Using, say, cURL (I haven't tried it yet), and you get a JSON object returned which contains the statuses on your timeline in a certain format. And I verified this from here
But I don't understand how does Twitter know that it is ME and return only MY data? Where am I sending my account details?
What I want is for the use to come to my website, click a button to give my application the permission to access his/her Tweets and I do some processing in PHP and display the output. But I don't know where do I start from?
I am not asking you to give me bread, I'm asking you to tell me what should I do to learn to fish?
All tutorial I have been following till now have been sort of spoon fed where they say things like 'Download this php file from our site, include it in your source file, use this method to do this and that method to do that.'
This one is a change for me, so does anyone have any pointers? Is there any reading that I should do or approach that I must follow to learn that I'm doing wrong?
EDIT : I know there are 3rd party libraries out there and it might be easier to learn to use those, but I want to have an idea of how the people who made those did it.
To use Twitter (at least its REST API), you had better to read tutorials about the following things :
REST architecture because it is how Twitter communicates with your application.
HTTP requests. Useful for Authentication of requests (HTTP headers), kinds of HTTP requests (GET and POST for the Twitter API) and return codes of requests.
OAuth which is the protocol used by Twitter for authenticating requests.
Format of datas returned by Twitter after the requests. Most of the time it is JSON but it can also be like in a URL query string (for OAuth authentications). You are lucky because before there were XML and Atom (for RSS feeds) too.
And of course the Twitter Documentation to know how they use all that stuff, how they know that is YOU with THIS application (request authentications) and to know the objects manipulated by the API (mainly tweets, users and timelines).
Good luck for it !
Time ago it was easy to make a distinction between desktop and web applications, but today while reading while the documentation I've noticed that this difference is less pronounced.
I'm using the Facebook::Graph module to create a desktop application, but still can not go beyond the stage of configuration. I'm stuck at authentication phase:
my $ q = Plack::Request->new($env);
$fb->request_access_token($q->query_param('code'));
(http://metacpan.org/pod/Facebook::Graph)
It keeps telling me "$ env is required".
Reading the documentation I've realized that Plack is only concerned with web applications.
(http://metacpan.org/pod/Plack::Request)
Can you confirm this? If not, how do I get past this step?
It would not be a problem getting the access_token using Mechanize and then making a GET request as described in the documentation, but I do not want to complicate my existence, so if there are other ways...
A bit late, but there's a workaround.
To get an access token, take a look here:
https://developers.facebook.com/docs/howtos/login/login-for-desktop/
Just create a client with Mechanize or whatever you want and login with the desidered credentials
Perform the request as described
Move on from the authorization page
Parse the response and get the token
$fb->access_token($token);
http://developers.facebook.com/docs/reference/api/application/ says:
Note: Applications that are configured as Native/Desktop apps will not be able to make API calls that require an application access_token.
So it's not a Plack, it's Facebook who requires your app to be web.
But if you may avoid access_token request, it might work.
I've been looking all over to find the correct API call to block applications via application ID, however I've yet to find it. I'm actually becoming quite certain that it's not possible (for obvious reasons, Facebook revenue being one of them), however I was wondering if anyone knew of a way, even via URL call ('https://www.facebook.com/apps/block.php?id=' + APPID + '&action=block' no longer works correctly, if it ever did.)
Basically I've been making a ruby script to be deployed to help users block spammy and generally unwanted applications via application ID's, the script is almost complete, however I need a method to be able to actually block the applications! If anyone could give me some help, I'd very much appreciate it.
Refer to https://developers.facebook.com/docs/reference/api/application/#banned
Create/Ban
You can ban a user for an app by issuing an HTTP POST request to
APP_ID/banned?uid=USER_ID1,USER_ID2 with an application access token
(i.e. a token created using the app secret, not an application Page
access token as described above). You can specify the following
parameters.
This is not (and probably/hopefully will not ever) possible via API. There are too many reasons to leave it that way. You don't want applications block each other...
This may sounds like a show-stopper for you, but it's not! Generate report arguing the reason why some applications better be blocked/removed/reported and show it to users instructing 'em how to do this.