I am a little confused with the Facebook call back URL. I am building a iPhone application with Facebook login. So I will receive the access token from Facebook after the user logged in. Then I save this access token to my local (server side) DB. After that I want to use this access token to sent for example a post via C#.
What should I define for the callback URL? What is the importance of this?
The callback url is used to provide fast app switching, that is, the user of your app is first redirect to facebook app or site to do the login, then it invokes the url you did define and, if properly configured, it will be redirected to your app again.
You can specify the callback url from developers section on facebook, then you have to support it in the your app plist.
Related
I have created an App on facebook and I am using this app to authorize an user via dotnetopenauth.
Here I would pass APPID and APPSECRET and get the token which would be used to call Facebook Graph to get facebook user details.
If I'm doing this for the first time, user would be asked to enter username/passowrd on the Facebook website and then the session is created in the browser and it will redirect to my website as a Facebook user. This means that if I open a new tab in the current window and open facebook, user will see his/her page directly without asking for username/password. - this is obvious and understandable.
// code
request = WebRequest.Create("https://graph.facebook.com/me?access_token=" + Uri.EscapeDataString(strAccessToken));
response = request.GetResponse();
My query is:
After the scenario above, if user logs out from Facebook website OR I close the browser window, the facebook session is lost. However, I still have the access token (string in the above code) that I got while authenticating.
So, As of this moment I am not storing any user information from Facebook (not even cookies or anything else). I am just requesting user to authorize my application as a Facebook user. When user does that, I get the access token which I can use it to make calls to Graph and REST APIs. This access token usually remains same, so I really dont need to pass the applicaition id and secret to get the token next time onwards. Actually I can request the graph APIs and REST APIs with the stored token and request user details. I have tested this and works fine.
What I am looking for is, if user opens www.facebook.com, user should see his/her personal facebook page which obviosuly is possible only if I have a session in the current browser. Hence, my question was: how do I use my access token OR what call should I make with my access token so that I can set the browser session for the facebook user? Is it possible technically?
Regards,
AG
No. Your access token is used by your web server to call facebook. It's impossible (and undesirable) for this to impact the user's browser in a way that would set a facebook.com cookie so that the user would be implicitly logged into Facebook by your use of the access token.
I use the Twitter Anywhere API and OAuth to authenticate users on my website. The cookie with the accessToken expires after two hours, which is why the user needs to login and connect to Twitter regularly. The workaround would probably be to store the auth_token in a cookie and provide it the next time the user loads the page after the cookie set by twitter expired.
Now something that is not clear to me: I'm also providing Facebook as an authentification method and somehow it doesn't forget the login. The Facebook JS API doesn't store any cookies on my page, so how does it know that the user is authenticated with Facebook and my application?
are you talking about this? see the channel file portion.
EDIT: Above link has been changed. And, facebook api has changed too.
The Facebook JS API doesn't store any cookies on my page, so how does it know that the user is authenticated with Facebook and my application?
It makes a cross-domain request to facebook.com, to see if there are cookies under that domain that indicate there is a user currently logged into Facebook in some other browser window/tab.
Once it has figured out that a) there is a logged in user and b) this user has used your app before – it logs him in to your app on the fly and gives you a fresh (short-lived) user access token to work with.
In the Spotify App's API docs there is a module to authenticate via Facebook - now I try to find a way to logout from Facebook but can't find any documentation about the correct procedure. The Facebook Javascript SDK provides a logout method via FB.logout() for this - how about the Spotify API?!
In order to log out, you need to make a GET request to the Facebook's logout URL, which at the moment is https://www.facebook.com/logout.php, passing two parameters:
access_token: It is the access token provided by Facebook when access to the user's account was requested.
next: It is a URL that has to be part of the domain URL that was set on Facebook's app profile.
Logging out is performed by making an AJAX call to that URL. If it was successful, a redirection to the next URL will me made. Otherwise, the redirection will be made to http://www.facebook.com/home.php (for instance, if the next URL doesn't belong to the registered app domain).
You can read the response of that AJAX call and check that the content you get is that from your next URL.
You need to use the Facebook API - if you look at the documentation, you'll see that auth.authenticateWithFacebook is just a thin wrapper around auth.showAuthenticationDialog. It doesn't actually interact with Facebook's "proper" API at all - it only loads Facebook's login page and gives you a callback when the user is logged in.
I am new to Facebook app development and have stumbled across a road block. After reading the documentation, I sort of understand that the process of using Facebook login is done in there steps: user authentication -> app authorization -> app authentication. I see where the app authroization/authentication is done, but I can't seem to figure out how to bring up a "user login" screen of Facebook on my WPF. Can anyone advise? Thanks!
First of all you need to register a application in Facebook. Don't forget to give a canvas url when registering an application. After registration you should get app id and app secret values.
https://www.facebook.com/dialog/oauth?client_id=YOUR_APP_ID&redirect_uri=YOUR_URL
YOUR_APP_ID means your application id
YOUR_URL means that application canvas url.
Wpf has a web browser control, you just call the Navigate function and give this url. You should get a Facebook login dialog.
After giving the correct user id and password, Facebook should popup a permission dialog then click the Allow button , you should get a code with redirect url. Then you should parse the code from this url and create a web request to get an access token:
https://graph.facebook.com/oauth/access_token?client_id=YOUR_APP_ID&redirect_uri=YOUR_URL& client_secret=YOUR_APP_SECRET&code=THE_CODE_FROM_ABOVE
YOUR_APP_ID is application id
YOUR_URL is application redirect url
YOUR_APP_SECRET means application secret
THE_CODE_FROM_ABOVE code get from above.
After executing this request, you should get an access token. Using this token you can access Facebook functionality from your application.
I have a PHP iFrame application that needs to clean up data when it is uninstalled from the user's fan page. Is there a URL callback which happens when the application is uninstalled?
App Deauthorization
When a user of your app removes it in
the App Dashboard or blocks the app in
the News Feed, your app can be
notified by specifying a Deauthorize
Callback URL in the Developer App.
During app removal we will send an
HTTP POST request containing a single
parameter, signed_request, which
contains the user id (UID) of the user
that just removed your app. You will
not receive an user access token in
this request and all existing user
access tokens will be automatically
expired.