I'm working on a new module for TomatoCMS. Here you'll be able to post new content on the website and forward is to a fanpage on Facebook (as page admin).
While experimenting and trying to get things working, it seems like I HAVE TO put an application url ... Is this correct?
So I won't be able to reuse the module on another URL?
Is there a way to make it re-usable? (Not URL-specific)
I'm working in PHP (with Zend Framework) and the phpSDK.
Thanks for your insight :-)
If i am getting it right you want to have your code module work on any other application's domain url. If this is the case then to admin pages you need access token which need appid and appsecret which are bount to the application url with you registered. so you can't do it without a url.
I know this is late (older post) but it might be helpful to someone else perhaps.
From what I understand, if you're not designing an on line application (lets say for a program that runs on Windows), you would use::
https://www.facebook.com/connect/login_success.html as your redirect.
And then to attach the required permissions to the call, you'd add it as such::
https://www.facebook.com/connect/login_success.html&scope=email,user_online_presence,sms,offline_access
Related
I hope I am not duplicating a question. I am banging my head against a wall for several days now. I am adding the Dailymotion PHP SDK to our site, I am using the Dailymotion::GRANT_TYPE_AUTHORIZATION, I am able to authenticate using a static call back url in my API on Dailymotion.
I want to be able to use this from several different scripts on the site. The first will be to call a link up page, so we can capture that a person has linked to Dailymotion. The second will be to upload video's through our system to Dailymotion, to that users account, not mine. I know I could do this with the authentication type of password, but I want to use the API and not have to have the visitor sign in or enter their credentials every time.
Back to the question, I see that the API can have a dynamic url, but I can not figure out how to make this work. If I someone could send me an example of how to enter this in the API section I would appreciate it. This does not work:
http://example.com/dailymotion/[dailymotion_checklogin.php]
nor does something like this:
http://example.com/callback/[dailymotion_upload.php][dailymotion_checklogin.php]
I would appreciate any help.
Thanks
Mrpepik
Replace the [dynamic] part with your dynamic part.
If your redirect URI on your API key is http://example.com/dailymotion/[dynamic], then your real redirect URI could be http://example.com/dailymotion/dailymotion_checklogin.php
I'm basically looking at a security problem between a parent page and an iframe with links to a third party.
I want to send a POST or a GET (doesn't matter which as I can control the other side) to the third party, but not expose any details within it (say a SID or a user token) and have it's HTML content (JS/HTML/Images) loaded into the iframe.
I've looked at server-side redirects, creating a proxy using webclinet/webresponse and am curious to whether there is a good way to do it.
Has anyone ever done this before, or think that the secrity is not possible? Hell, even if I'm barking up the wrong tree on how to solve this.
If anybody has any examples on this it would be greatly appreciated.
Cheers,
Jamie
[Edit] Was thinking I might need to add some more details.
Say I have a parent page: https://mycompany.com/ShowThirdParty.
This has an iframe in it at the moment which will have the content of another component (also owned by me, or another team more specifically)
Basically I'd like to send some credentials to content in the iframe in such a way that the external pages can't read it, the iframe is put into a modal (I've done that) and the iframe has the restricted content with the auhtentication almost seamless and invisible.
I currently have it working as a GET url generated dynamically via JS and then passed into the iframe src parameter, obviously that isn't secure.
I kind of want some kind of server side redirect across a full url, but I don't even think that's possible.
You could try using AJAX and load a PHP script (with any parameters to the script encoded/encrypted) to query the 3rd party page and load the response into the iframe. Not really sure how your code is setup but there should be a way.
It can also be done by POST Method (submit the data to iFrame using POST) as it is HTTPS so the data you send to iFrame is encryped.
The new version of site is not ready yet.Thats why we use a subdomain.To make the link more user friendly we made the links to be like userName.site.com or at this point userName.dev.site.com instead of dev.site.com/userName
main url
dev.site.com
some example urls
jack.dev.site.com
stefan.dev.site.com
If i try to login in with facebook at this url dev.site.com , everything is ok. But when i go to jack.dev.site.com im not logged in anymore if i try to loggin, facebook returns an error.Then if i go to dev.site.com i'm actually logged.
I try with
document.domain = "dev.site.com";
with no effect. Any ideas ?
If I understand correctly you have 2 versions of your app, one is 'live' and one is 'beta'. Because these two versions reside in different sub-domains, you must create two apps on facebook. That is, the same app can't be hosted on two different subdomains.
According to add to page documentation you should be able to add an app to a page via a URL. The documentation lists two ways of defining the redirect URL next and redirect_uri
I have tried creating the URL using both methods but get redirected to a Facebook error page from both of them which states:
Sorry, something went wrong. We're working on getting this fixed as
soon as we can.
Is there something wrong with how I am creating the URL?
string.Format("https://www.facebook.com/dialog/page?app_id={0}&display=popup&redirect_uri={1}", appId, HttpUtility.UrlEncode(redirectURL));
and
string.Format("https://www.facebook.com/dialog/page?app_id={0}&display=popup&next={1}", appId, HttpUtility.UrlEncode(redirectURL));
UPDATE: It does work via the JavaScript SDK. Any reason why the link I am trying to generate above aren't working?
if you are not using the JS-SDK, you should specify the redirect_uri. Most likely the next parameter is from an old implementation and no longer in use.
you are calling the wrong endpoint /dialog/page, it should be /dialog/pagetab:
Example:
string.Format("https://www.facebook.com/dialog/pagetab?app_id={0}&display=popup&redirect_uri={1}", appId, HttpUtility.UrlEncode(redirectURL));
Upon install of my app on a Facebook Page, I'd like to send the user to an URL with further instructions. I'm starting the installation with http://facebook.com/add.php?api_key=app_api_key&page=page_id, which installs but redirects the user to the Facebook Page itself. It seems like various forms of redirect were available at some point:
Post-authorize callback URL. I can no longer find that in App settings.
The next parameter for add.php. I can't seem to get this to work
I have seen some apps that do redirect upon install, so I believe this is possible. Maybe it's using an old Post-authorize setting that's no longer visible?
Any help or point would be greatly appreciated! I'm also not attached to using add.php, if there's a Facebook Connect method that does this I'd use that instead (I'm looking at profile.addtab though that doesn't seem to work either).
You can set the redirect URL in the app properties. You can no longer set it from the developer control panel in Facebook, but you can still set it using the REST api.
The list of app properties is here: http://developers.facebook.com/docs/appproperties/
To set the "post_authorize_redirect_url" you would use something like this:
https://api.facebook.com/method/admin.setAppProperties?
access_token=CURRENTTOKEN&
properties={'post_authorize_redirect_url':'http://mydomain.com/post_authorize_folder/'}
I am not completely clear on this, but I believe the url needs to point to a folder, terminated with "/" rather than a specific file.
The callback gets two parameters:
installed = 1 (true)
fb_page_id = the page id when your app was installed
First page that Canvas is point to should have
< script type='text/javascript'>top.location.href = 'REDIRECT-URL';< /script>
So when your app is opened it will automaticaly redirect to REDIRECT-URL
I'm not sure that you can avoid opening of application canvas page after installing application.