I've been messing around with the graph API and have been able to access my own information just fine. However, when I attempt something like:
https://graph.facebook.com/999999/likes?access_token=xxx (where 999999 is a friend's ID)
I get a blank graph like so:
{
"data": [
]
}
Keep in mind I'm doing this all manually for the time being. This is the URL I used to request permission from my profile:
https://www.facebook.com/dialog/oauth?client_id=xxx&redirect_uri=http://www.google.com&scope=email,read_stream,offline_access,user_likes,friends_likes
It all works hunky-dory and I get my access code, yet I still receive the blank graph. Suggestions?
Thanks.
Have you tried multiple friends? Your friends can configure what information third party applications can have access to, of theirs. For example I could limit applications that you use to not see anything about me, if we were friends.
Also you could check in account --> privacy --> settings --> applications and see if your application in fact has the permissions you think you granted it as a user.
-Kevin
I agree with kevin. You need to request permissions first to get at the info and you also need to be prepared that you will get a blank list.
I suggest that you use an already built api as it will save you a lot of time. I've recently released one here that should get you going in no time at all.
The code looks like this:
Dim FB As New SessionInfo("[access_token]")
Dim Req = New Functions.Requests(FB)
Dim U = Req.GetUserInfo("[userid for friend]")
Response.Write(U.name)
Also you can get a list of friends by calling this
Dim FL = Req.GetFriends()
For Each F In FL
Response.Write(F.name)
Next
I have come to notice that even though an application can request (and be granted) certain permissions, e.g. to access Likes, it doesn't necessarily mean that an application will be able to access this information.
I'm not a 100% certain of this but there might be two instances where e.g. requesting a users Likes results in an empty data set even though the right permissions where requested and granted by the user:
The user has set custom permissions in his/her privacy settings
not make public the information (e.g. Likes). Basically, customized
permission settings overrule the granted permissions that an
application requested.
The user is under 18. https://www.facebook.com/help/?page=214189648617074
Related
as the title says, I can no longer use friends locations with the graph api explorer any more(in https://developers.facebook.com). Even if I click all access token checkboxes,(trying to get me/friends?fields=locations.fields(place)) I still get error(
{
"error": "Request failed"
}). But me/locations?fields=place works, so it must be someting with "friends" that makes it to crash.
I was able use it 2 weeks ago, and I have not done any changes, it just suddenly stoped working. if I login with my test Account I can get all the parameters I request, but not on my primary account. Is there any one that has any idea what the problem can be? or why it occurred? I have done everything that I can think of, from using diffrent web browers, deleting all history, use diffrent computer. I have compared the settings for both my test account and my main account, both have the same settings.
I am sincerely sorry if i have misspelled anything.
It happens for me as well for any of the locations methods, but the location method with out the s works. I don't know if that data is usable for you.
me/friends?fields=location,hometown
I have figured out the reason to this problem. I has to do with requests from facebook's api, if i lower the Limit per request it works. Then to save the information I use offset.
I am working on a library in LUA for an ipad app called Codea. I'm trying to figure out to use OAuth for GitHub Gists. Only part that i can not figure out is how to get an Auth token via code. I used curl in terminal to get myself a token but this seems to be to much work for other users.
I've read through the github api docs multiple times but I cant figure out how to get a Token programmatically. I've tried to duplicate the method I've used to GET and POST gists but it does not seem to work. I'm not sure how to pass the username and password.
I'm creating a table with the needed params then encoding it in json. Everything I try gets a 404 error or 500 error. Thank you all in advance.
local url = "https://api.github.com/authorizations"
local d = {}
d.scopes = {"gist"}
d.note = "AutoGist Codea"
projectAuth = json.encode(d)
opts = { data = projectAuth }
opts.method = "POST"
opts.headers = {Authorization = "basic " .."username:password"}
http.request(url,successCallback,failedCallback,opts)
Scopes are coming, but only in Q4 2013.
See "OAuth changes coming" (October 2013, by Tim Cleam - tclem):
Starting today, we are returning granted scopes as part of the access_token response.
For example, if you are making a POST with the application/json mime-type you’ll see an additional field for the granted scopes.
{
"access_token":"e72e16c7e42f292c6912e7710c838347ae178b4a",
"scope":"repo,gist",
"token_type":"bearer"
}
Right now, these scopes will be identical to what you requested, but we are moving towards a feature set that will allow GitHub users to edit their scopes, effectively granting your application less access than you originally requested.
You should be aware of this possibility and adjust your application behavior accordingly.
Some things to watch out for and keep in mind:
Most third party applications using GitHub OAuth to identify users have the best success in adoption by starting out with a request for the minimum access that the application can possibly get away with.
Something like no scopes or just user:email is very sane.
It is important to handle the error cases where a users chooses to grant you less access than you originally requested.
Now that we are surfacing the granted scopes on the access_token response, applications can warn or otherwise communicate with their users that they will see reduced functionality or be unable to perform some actions.
Applications can always send users back through the flow again to get additional permission, but don’t forget that users can always say no.
I've created a page on Facebook without creating an account. This means that a default account is created with the page_id the same as the account_id.
When I try and perform a graph call to the tabs on the page:
/<page_id>/tabs?auth_token=<auth token>
I get an empty "data" representation:
{
"data": [
]
}
Even though there are application tabs installed.
Add the tab_id makes no difference, I get the same response.
I'm guessing the page is getting confused as the account but I cannot find any way to distinguish the difference between the account and the page.
Does anyone know if it is possible to retrieve the page information another way?
Double-check that the access token you're using is the Page Access Token - this is the most likely reason this will fail to return an answer
I'm using devise/omniauth to do facebook authentication and works great. However, I would like to add a flow where an existing (non-facebook) user has ability to connect his account with facebook. This would require different facebook permissions. so i can't seem to find two things
how to use devise/omniauth to request facebook connect without logging out current user
request different extended permissions from user (different from those specified in the devise configuration file)
any ideas? thanks
Answer to 1 is pretty easy: just add a if path into the omniauth_callbacks_controller::process_callback method like this
# If a user is signed in then he is trying to link a new account
if user_signed_in?
if authentication.persisted? # This was a linking operation so send back the user to the account edit page
flash[:success] = I18n.t "controllers.omniauth_callbacks.process_callback.success.link_account",
:provider => registration_hash[:provider].capitalize,
:account => registration_hash[:email]
else
flash[:error] = I18n.t "controllers.omniauth_callbacks.process_callback.error.link_account",
:provider => registration_hash[:provider].capitalize,
:account => registration_hash[:email],
:errors =>authentication.errors
end
redirect_to edit_user_account_path(current_user)
This is what I do in my application and it works fine.
Regarding question 2 I do not know how to support 2 different facebook authentication configurations however I have hard time seeing how that is useful to users since they need a consistent experience across both path: "sign in using facebook" and "link your account to facebook".
(If you still want to pursue this path one idea I would explore is to create a new facebook application with its independent keys and configuration...)
Hope this help.
One simple way to implement multi-tier permissions is to use Facebook Javascript SDK(in addition to omniauth, if you want). You can simply specify different "scope" parameter, which specifies permissions required, at each call you want. What I'm doing is making omniauth provide a basic set of permissions, then, after the user has connected through omniauth(and thus stored their data in our DB), if further permissions are needed, we show them JS-based buttons which provide expanded sets of permissions. If you want to check what particular permissions a user has granted to you, you can simply use me/permissions API call.
What's the difference between accessing user data with the Facebook Graph API (http://graph.facebook.com/btaylor) and using the Graph API to make a FQL query of the same user (https://api.facebook.com/method/fql.query?query=QUERY).
Also, does anyone know which of them the Facebook Developer Toolkit (for ASP.NET) uses?
The reason I ask is because I'm trying to access the logged in user's birthday after they begin a Facebook Connect session on my site, but when I use the toolkit it doesn't return it. However, if I make a manual call to the Graph API for that user object, it does return it. It's possible I might have something wrong with my call from the toolkit. I think I may need to include the session key, but I'm not sure how to get it. Here's the code I'm using:
_connectSession = new ConnectSession(APPLICATION_KEY, SECRET_KEY);
try
{
if (!_connectSession.IsConnected())
{
// Not authenticated, proceed as usual.
statusResponse = "Please sign-in with Facebook.";
}
else
{
// Authenticated, create API instance
_facebookAPI = new Api(_connectSession);
// Load user
user user = _facebookAPI.Users.GetInfo();
statusResponse = user.ToString();
ViewData["fb_user"] = user;
}
}
catch (Exception ex)
{
//An error happened, so disconnect session
_connectSession.Logout();
statusResponse = "Please sign-in with Facebook.";
}
The Graph API and FQL are similar in that they both access the same underlying Facebook objects: the nodes that are collectively referred to as "the social graph". The Graph API is a simple, uniform, and fairly direct way to access these objects. If you know exactly what you're looking for, the Graph API is a simple way to get it.
FQL, on the other hand, is a query language (like SQL). It allows you to search for graph objects that would be impossible (or complicated) to find using the simple, direct Graph API.
Another big feature FQL has over the Graph API is the ability to batch multiple queries into a single call (which can save you a lot of time in roundtrips for multipart queries).
Ultimately, the Graph API seems a more direct representation of what's going on "under the covers" in the social graph, so I find it simpler to use when I can. But if my Graph API request is getting really long or incomprehensible (or any time I need to make more than one related query of the social graph), that's the sign that it's time to switch over to FQL.
It seems the reason I couldn't get the birthday and other information I was looking for was because I didn't have a complete list of all the extended permissions that could be requested. I finally found the list at http://developers.facebook.com/docs/authentication/permissions (which included user_birthday).
If anyone has info about the FQL vs. Graph Object question, I'd still be interested in that. Though I think they are basically the same thing.
Looks like that have changed it (yes yet again). Because you are using facebook connect, you can ask for the permissions to give you the needed info for example user's birthday something like:
<fb:login-button perms="email,user_birthday"></fb:login-button>
More Information:
http://developers.facebook.com/docs/guides/web#login