Is there a way to take a existing web application and make it available as a Facebook application or in Google Marketplace without doing recoding. How much effort would that require (10% or 90% of original effort).
What would be the pre-requisites around that within application.
If your application don't use any sort of authentication, you can just link it on Facebook's dev dashboard (as iframe) and it'll work. My guess is that Facebook won't allow any other kind of authentication besides their own, so if your app uses authentication, then you're going to have to implement Facebook's authentication.
With Google Marketplace you'll need a manifest for your app and also a listing manifest. And the authentication thing also applies, but with Google's.
Related
I hope you can direct me with my query.
I wish to create my own authentication method for users in my Google Apps for Work account. Currently I am using built in Google Authentication, however I wish to build my own authentication method in PHP, Phyton or .NET; language doesn't matter really. So I want users to go to the page I will create, then they will need to pass authentication and be logged to Google Apps.
I know SSO is the way to do it but after my research I found very little about how to achieve it with Google Apps. I mean there is tones of third party platforms like OneLogin etc but I would like to have something I build myself. Ideally I would like to have some examples of SSO which works with GAFW so I could figure out the rest myself. I read somewhere that building own SSO portal it's not a piece of cake and also found an article that you can create something based on oAuth2.0 instead. So tried research about oAuth2.0 but all documentation I found is about authenticating to the application that I build using Google Apps Credentials, where I want the opposite; to be able to access Google Apps using the app that I build.
Hope someone could direct me to some examples or documentation or explain the process of learning curve to get my head around this project of building SSO for GAFW.
If you want to write your own Auth system and become the Identity Provider (IdP), you need to use SAML as that is the only supported method for now.
Here are the step by step instructions
I built a native Windows app (non Windows-Store) that uses the Facebook API.
I wanted to make it public which means going through their review process which means (among other things) selecting the app's platform.
Sadly a native Windows app is not one of the choices: Facebook app platform selection screenshot
I found 2 unanswered questions on SO on the same topic:
one
two
How should this be done in a proper way?
Thanks in advance.
PS:
I found a post a few days ago where the poster said he registered such an app by setting the platform to "web site" (I didn't keep the link).
This does not look like a good long term solution and also I don't have a domain to provide.
In short, you must set your platform to Web.
The reason for this can be found in the official documentation on building your native logon flow. There is no secure way of creating a logon flow without a server, as this would imply storing your App Secret inside your binary or app config file.
So the recommended (and only supported) way is to create a server which stores the App Secret and handles authentication for you. And use this server from the WebBrowser/WebView control which you embed into your native application.
This means you use the logon flow from a web browser via a custom server and you should have a domain for it (a domain is quite cheap nowdays, it should not be a problem). So you are building a web app embedded into a native app.
For a successful login review do the following:
Choose Web as your platform
On the Settings page in the Advanced tab choose Native App.
Create a screencast (Start your app, logon, use all the requested permissions and that's it. Do not edit it!) and upload it to the web (YouTube/Vimeo/...)
When submitting provide a link to your screencast.
I used to develop a few FB apps in the past (using the old rest-ased api), and now I'm considering to make them actually usable again by porting them to the new 3.1 API.
Sounds nice, but for some reason this is way harder than I should be...
So here are few questions:
Is there any example of a canvas app using the 3.1 API? Google did not give me anything useful
Is there still a difference between iframe and FMBL canvas applications? In my app settings, I checked the fmbl-option, but when I'm back at the app overview page, it still says it's an iframe app.
The SDK mentions the getUser() function to get the user-id, but how do I request the necessary permissions for my app? When I do some googling, I find even another solution which calls a specific url and then performs a callback. This solution however doesn't seem to php sdk at all!
Where is the documentation of the php-api? The only usable thing I find is this: https://github.com/facebook/php-sdk which consists only a few lines of code. And I suspect this is for having a fb login-button on your own website, not for a canvas app.
Firstly, good luck, and best wishes - you'll need it. Maintaining Facebook apps is way harder than it should be, because Facebook doesn't believe in legacy support, changes things all the time, and deprecates things quickly and completely. As a (former) Facebook app dev myself, I can tell you there is only one constant: apps will die if you leave them alone. As an app developer, Facebook owes you no favors, and it is vicious when it comes to breaking apps.
As for specifics: as of June 2012, Facebook has deprecated and removed FBML and the REST API, and there is no longer any difference between canvas apps and iFrame apps. This isn't a soft, "you shouldn't use it" deprecation - it's a hard, "your apps are now broken" deprecation. All apps are now iFrame apps, as there is no longer any other way to build them. The docs on how to build a canvas/iFrame app are here, and there's an auth migration guide that may be helpful in conversion. Oh, and you'll need to get your app running on HTTPS too, if you haven't already.
As for the rest of it, it sucks, but the only way you're really going to be able to maintain and get your application working is using the Open Graph API. Using the PHP SDK, you just run $facebook->api('/graph/url/here') - for instance, to get user information, run $facebook->api("/$userid"). You get the URLs off of the Open Graph docs - just grab everything after the graph.facebook.com bit and pass it to api(). It's another learning curve, and (depending on the complexity/modularity of your code) is anywhere from a lot to a nightmarish mountain of changes, and there are no drop-in replacements. Sometimes you can use the old REST api, but I doubt that will last very much longer either. It's painful, but that's how it goes. You're at the mercy of Facebook, because it's their data.
Upgrading apps involves a shift in thinking: apps are now literally just webpages surrounded by the Facebook chrome. There is now no difference between an external website that uses Facebook's api to pull in information and an app that runs inside of Facebook. It's for that reason, personally, that I've shifted to just that for my own app - an external website that just happens to use Facebook for most of its posting/sharing/user info needs.
For authorization, you request permissions via OAuth, using any number of methods. There are docs on how to do that over on Facebook as well. Specifically for the PHP api, you generate a URL using getLoginURL() and then redirect to it. Facebook eventually redirects back to a URL you specify with info about whether they authorized your app and such, after which you can do a getUser(). If you want fancy/slick/user-friendly popup dialogs without a bunch of redirecting, the Javascript SDK is your friend.
I'm looking to implement Single Sign On for a native iOS app whereby logging in with this single sign on gives the mobile device authenticated access to our private service in a fashion that is somewhat similar to oauth.
The marketing text on openid.net suggests that "OpenID is a safe, faster, and easier way to log in to web sites.". Emphasis on web sites.
So the question is: Is it reasonable to implement openID on a native mobile app, or is openID only for web sites.
I've been scouring the web and I'm not finding a way to fit openID in as my login option.
The best way to do this seems to be to use a UIWebView and render a log in page from your site in it. Once the user logs in, they'll be redirected back to your site and have an auth cookie, which you can extract, store, and send on subsequent HTTP requests to the server.
See this, which has a sample code link at the bottom.
OpenID sends its messages as a series of HTTP requests and responses. Your app and the openid provider must communicate to each other via HTTP post, and you will need to redirect the user to corresponding URLs, and have a URL for the user to be redirected back to. As such, you will probably find it difficult to integrate with your app.
Derek Knight claims to have been experimenting with iOS and OpenID using the Janrain Engage iOS SDK. Although the github link he references no longer exists and he doesnt provide a complete and verified solution, he does offer an idea for how it might work.
OpenID and iOS development - gordonknight.co.uk
Janrain Engage for your iPad Apps
The accepted answer diminish the OpenID protocol. OpenID is a federated authentication protocol aiming simple SSO experience, its a web based protocol but it can be implemented if you design an authentication broker.
APPs share nothing, apps should never access anything but identity token and access token (if allow). here is a link to get you starter in the right path to build seems-less SSO in the mobile between apps regardless the app isolation level.
https://www.pingidentity.com/developer/en/resources/napps-native-app-sso.html
Libraries:
https://github.com/openid/AppAuth-iOS
https://github.com/openid/AppAuth-Android
I'm writing a sort of visualization desktop (non-web) application, just for fun.
However, ideally I'd want it to be able to pull information from the user's facebook account. (after getting its credentials, of course)
What's the best way to do this? Should I register a new 'facebook app' even though I'm not really making it web-based? I've never written a facebook app before.
I'm using Java as my prog language, btw.
Thanks!
Yes. Facebook supports desktop applications, but they must go through a special authentication mechanism. Essentially, the user will need to be directed to facebook through a web browser window as part of the authentication process.
Here is the documentation on the authentication process: http://wiki.developers.facebook.com/index.php/Login_Desktop_App
There is a relatively polished Java library for facebook here: http://code.google.com/p/facebook-java-api/
If the Java library above does not meets your needs, you can build an implementation on your own. Essentially, you will need to interact with the Facebook REST server, as described at the top of the page here: http://wiki.developers.facebook.com/index.php/API
Edit: After doing some more research I have a few more resources to provide:
Here is a list of some applications written using Java for facebook:
http://wiki.developers.facebook.com/index.php/Facebook_apps_written_in_Java
And there's even a neat desktop application that is open source here:
http://code.google.com/p/fb-photo-uploader/
Good luck!