Has anyone encountered the following error message when sending to Twitter?
"Error: Incorrect signature"
And on the debug console:
<0xf14cf80 SHKTwitter.m:(356)> Twitter Send Status Error: {"request":"\/1\/statuses\/update.json","error":"Incorrect signature"}
So far as I can tell I've followed the install instructions on http://www.getsharekit.com/install/#download and it is working with Facebook, e-mail etc. just not Twitter.
It would be great if someone has seen this error before and goes "aha!".
All I did to enable twitter Sharing is:
Regitered my App as a Twitter APP (Application Type: Browser)
#define SHKTwitterConsumerKey #"My..."
#define SHKTwitterSecret #"My..."
#define SHKTwitterCallbackUrl #"http://www.anything.com/callback" // You need to set this if using OAuth, see note above (xAuth users can skip it)
\#define SHKTwitterUseXAuth 0 // To use xAuth, set to 1
\#define SHKTwitterUsername #"" // Enter your app's twitter account if you'dlike to ask the user to follow it when logging in. (Only for xAuth)
Note that for the callback function you can enter any URL you want. even www.google.com. Just make sure it is the same URL in your code.
The issue is that you're signed into your twitter account, and allowed the app to connect to your profile.
However, days go by, the Key and Secret change, and now you're seeing this error. It's because you have to log out and re-log back into Twitter. I spent waaay too much time finding this out when I created a new Twitter App to hook into (and organize my apps) and found this error.
Basically, ShareKit is saving your login info, auto-logging you in, and getting the error when twitter says the app doesn't have permission to connect to your profile.
Follow these steps to log yourself out and test again :
http://www.getsharekit.com/docs/#logout
Check this previous SO question, it might be able to help you solve the problem:
Twitter API status update always returns "Incorrect signature"
Related
I've created a Facebook app, linked it with a business, submitted and passed review, the business is verified, contracts signed, the app has leads_retrieval permission, the app status is now live.
I can test it under the webhooks link in the side menu, my end point receives the test data from Facebook. The data shown below is received by my server.
When I test using the lead ads testing tool I instantly get a 102, server error, and nothing is received by my server. See below for the message.
I've spent so long getting to this stage and every step has been painful!
Can anyone suggest why using the lead ads testing tool results in an error and what I can do to resolve the issue.
Cheers
I've been struggling with this too.. Apparently you can't use it on development apps anymore. Found the answer here: https://stackoverflow.com/a/57397525/8439792
I think I found your problem! It is when you subscribe to your apps. Here is the link that shows the subscribed_fields and scope should be:
https://stackoverflow.com/a/54713182/7313872
I was going straight from the demo and the subscribed_fields is set to 'feeds' and the scope was only manage_pages. You need to change it like in the example in the above link. I will also provide the snippets I changed below:
subscribed_fields - in subscribe apps function
FB.api(
'/' + page_id + '/subscribed_apps',
'post',
{access_token: page_access_token, subscribed_fields: 'leadgen'},
function(response) {
console.log('Successfully subscribed page', response);
}
);
scope - end of facebook login function
{scope: ['manage_pages', 'leads_retrieval']});
Hope this helps!
Facebook had the problem in their startup documentation for the webhooks. I have notified them in a bug, and does look like they have fixed the documentation to now subscribe to "leadgen" and not "feeds".
https://developers.facebook.com/support/bugs/681262475926363/
https://developers.facebook.com/docs/marketing-api/guides/lead-ads/quickstart/webhooks-integration/
So I am building a restaurant app and one of the features I want is to allow a user of the app to see photos from a particular restaurant's Instagram account.
And I want a user to be able to see this without having to login to their Instagram account, so they shouldn't even need an Instagram account for this to work.
So I have read this answer How can I get a user's media from Instagram without authenticating as a user?
And I tried what it said and used the client_id(which I recieved when I registered my app using my personal Instagram account), but I still get an error back saying :
{
meta: {
error_type: "OAuthAccessTokenException",
code: 400,
error_message: "The access_token provided is invalid."
}
}
The endpoint I am trying to hit is :
https://api.instagram.com/v1/users/search?q=[USERNAME]&client_id=[CLIENT ID]
So do I absolutely need an access token for this to work(and thus have to enforce a user to log in) ?
If I do, then is there way to generate an access token somehow without forcing the user log in?
I believe there is a way around this, as the popular dating app Tinder has this desired functionality I am looking for, as it allows you to see photos from people's Instagram account without having to log in! (I have just verified this 5 minutes ago!)
Any help on this would be much appreciated.
Thanks.
Edit April 2018: After facebook privacy case this endpoint is immediately put out of service. It seems we need to parse the JSON embedded in <script> tag directly within the profile page:
<script type="text/javascript">window._sharedData = {"activity_counts":...
Any better ideas are welcome.
You can use the most recent link
GET https://www.instagram.com/{username}/?__a=1
to get latest 20 posts in JSON format. Hope you put this to good use.
edit: other ways aren't valid anymore:
https://www.instagram.com/{username}/media/
Instagram used to allow most API requests with just client_id and without access_token, the apps registered back in the day still work with way, thats how some apps are able to show instagram photos without user login.
Instagram has changes the API specification, so new apps will have to get access_token, older apps will have to change before June 2016.
One way you can work around this is by using access_token generated by your account to access photos. Login locally and get access_token, use this for all API calls, it should not change, unless u change password,if it expires, regenerate and update in your server.
Since the endpoints don't exist anymore I switched to a PHP library -
https://github.com/pgrimaud/instagram-user-feed
Installed this lib with composer:
composer require pgrimaud/instagram-user-feed "^4.0"
To get a feed object -
$cache = new Instagram\Storage\CacheManager();
$api = new Instagram\Api($cache);
$api->setUserName('myvetbox');
$feed = $api->getFeed();
Example of how to use that object -
foreach ($feed->medias as $key => $value) {
echo '<li><img src="'.$value->thumbnailSrc.'"></li>';
}
This question has been asked a few times on Stack, but there have been no real answers. Let me try to explain my situation anyways.
We use an application that uses Facebook OAuth2 login. This login used to work fine till last week, and all of a sudden it is troubling us now.
Application Flow:
Step 1: User presses login with Facebook button on our website
Step 2: Redirected to Facebook login/authorization page
Step 3: On authorizing the app, the callback comes to our application, with a short lived "code" param.
Step 4: This "code" param would be exchanged for a 60 day Access token using "https://graph.facebook.com/oauth/access_token" URL.
Error in Step 4:
When we try to exchange the short living "code" for the access token, we get this error from Facebook.
{"error":{"message":"This authorization code has been used.","type":"OAuthException","code":100}}
Observation:
For users who are newly coming to the application, the above-said error does not occur.
For a returning user this call fails with the above-said error.
Our application is live for more than 9 months now, and this error has come only in the past 7-10 days. We have had thousands of users using it successfully prior to that.
What I already got from Forums:
Here is my interpretation of what I read. May be inaccurate.
Facebook has some weird policy that necessitates the app developer to maintain the temporary 10 minute code until the 60 day code that was obtained during the first login expires. So we should create a cookie with the Access token on the user's browser. I was even able to see people modifying their code in order to create the cookies.
What's really bothering me?
The suggested solutions assumes that the cookie that they create would be present in the user's browser always. This is a bad assumption to make, as the cookie may be erased at any time.
I have another app Id/app secret that I use for my development (i.e localhost), and that works perfectly. The login happens fine out there, But its only the product machine that has the problem.
This problem didn't happen on the production machine for nearly 10 months since we launched the app, and it has come all of a sudden. Worst of all, I am unable to get any record of recent changes that breaks this flow.
Edit:
Platform: Python, Google Appengine. We do not use any Facebook SDKs, we make direct HTTP Calls to all the login URLs.
Call that fails : https://graph.facebook.com/oauth/access_token - we are passing the appId, secret and code (obtained from facebook) within 20 seconds of the first call happening.
Hope there is enough information here to show that our code is not totally incorrect. Any tips/pointers from people who have encountered and solved this problem is Welcome. If its a Facebook bug, and the Facebook dev comes to notice, I would be even happier.
I got round this issue by using a random GUID which is appended to each callback url i pass into facebook. It seems the code that facebook returns is made up of a few parts including the redirect_uri parameter you have to specify. By using this GUID trick, your app continues to work but facebook thinks it's a different URL hence generating a new code.
If you store that GUID in a temporary session, it's always the same. Here's a very cut down version of what I mean. I'm using C# but the solution will be the same:
Before i start the oauth process:
Session["facebook_buster"] = System.Guid.NewGuid().ToString();
Then to kick off the login:
var facebook = new FacebookClient();
var loginUrl = facebook.GetLoginUrl(new
{
client_id = ...,
redirect_uri = ..."/facebook/oauthcallback?buster=" + Session["facebook_buster"].ToString(),
display = "popup",
scope = "publish_stream,user_photos"
});
And then in my callback method, when I want to exchange that code for a new access_token:
var facebook = new FacebookClient();
dynamic result = facebook.Post("oauth/access_token", new
{
client_id = ...,
client_secret = ...,
redirect_uri = ..."/facebook/oauthcallback?buster=" + Session["facebook_buster"].ToString(),
code = Request["code"] // this is the returned code from the first method
});
Note in that second method i'm using the same session key so that the authorization code is successful.
Been testing this all morning by revoking permissions / manually changing my stored access_token (in my db) / removing my stored access_token completely and it works every time.
Hope this helps!
I struggled with this today for a while too. Not sure if you're using the Facebook PHP class (from what you wrote, it seems you don't), however, it could be a pointer anyways - the problem was that the Facebook PHP library seems to obtain the token from the code automatically and I was trying to do it again.
My app should implement login with facebook but I have noticed that every time I want to login the facebook tell me you are already authorize this app , the question if I already authorized the app the facebook should return automatically without pressing the okey button as I saw in other applications ?
see the attached image
I fixed my problem by doing the following steps :
1- login to your facebook as admin to your app.
2- go to https://developers.facebook.com/apps/YOUR_FACEBOOK_APP_ID/summary.
3- go to settings > basic > Native IOS app
4- set the Configured for iOS SSO: to enabled
In iOS/Android the FBAccessToken's expiration time is up to 60 days. When you do FBLogin in your app you get the access token. once you get the token you should not do login again(otherwise you will be prompted already authorized this app since your app has already been given an access token earlier which is not expired ). You should reuse the unexpired access token.
Like this :
if FBSDKAccessToken.currentAccessToken() != nil {
print(FBSDKAccessToken.currentAccessToken().userID)
print(currentAccessToken().tokenString)
//OR call the *FBGraphRequest*
}
Note: for in-App browser login (SVC: Safari View Controller)
see more:
https://developers.facebook.com/blog/post/2015/10/29/Facebook-Login-iOS9/
and
https://developers.facebook.com/docs/reference/ios/4.9/class/FBSDKLoginManager/
You need to make sure that your app has the proper URL Prefix in your Build Settings. Also make sure that the URL Prefix matches your Facebook ID/URL Prefix in the Facebook developer app.
Edit: Your issue is probably that the access_token is expiring so it's have to re-ask for permissions.
This will happen if your application did not request offline_access permissions. In the newer SDK offline_access is deprecated and you now have to extend the access_token.
See this link: https://developers.facebook.com/docs/mobile/ios/build/#extend_token
As this Question is already answered , but i would like to add another helpful answer for Swift 3.0 :
While using FB Login in Swift , i having issue and i previously did this way:
let fbLoginManager : FBSDKLoginManager = FBSDKLoginManager()
fbLoginManager.loginBehavior = .systemAccount
As this uses , System account to check user is authorized for login or not . Unless you logout and login through different user , application shows same "Already authorized" message in place of Fresh login . So i used this way and this trick does the work :
let fbLoginManager : FBSDKLoginManager = FBSDKLoginManager()
fbLoginManager.loginBehavior = .web.
This show Login Screen after logout.
Hope this helps to solve this issue.
Feel free to comment . Thanks.
You should check if there is a current session before logging in with FBSDKLoginManager. Do not use [loginManager logout] before logging in.
if ([FBSDKAccessToken currentAccessToken])
{
NSLog(#"Token is available : %#",[[FBSDKAccessToken currentAccessToken]tokenString]);
// Now get details using graphpath.
} else {
// login with permissions using FBSDKLoginManager and get details using graphpath in completion
}
There is a open bug at facebook.com
https://developers.facebook.com/bugs/190389531089978
But the bug only appears at android, ios works fine.
(btw. same behavior in the foursquare and spotify android app - check it out)
Run your iOS FB application into device not simulator it works fine, and didn't shows the already authorized screen.
Thank you.
I'm trying to run the samples but having a couple of problems.
1. the CASPNETWebRegistrationForm - I get an error of "Invalid 'client_id'." when I run app. I've set the app id and key in web.config.
I just can't get the CASPNETWebsite to run - I always get a response from Facebook that says "An error occured - please try again later"
The URL returned from Facebook is https://www.facebook.com/dialog/permissions.request?api_key={185034998201688}&app_id={185034998201688}&display=popup&fbconnect=1&locale=en_US&method=permissions.request&next=http://static.ak.fbcdn.net/connect/xd_proxy.php%23cb%3Df9b7e2c4%26origin%3Dhttp%253A%252F%252Flocalhost%253A5000%252Ff7f1e1a04%26relation%3Dopener%26transport%3Dpostmessage%26frame%3Df36d8dadac%26result%3D%2522xxRESULTTOKENxx%2522&return_session=1&sdk=joey&session_version=3
I notice the api-key and the app-id are the same... but I have correctly setup web.config.
Any thoughts ?
I could be wrong, I'm not having much luck with the samples, though I believe you should leave out the curly braces in the config ie.
appId = "185034998201688"
appSecret = "185034998201688"
Have you filled out all the facebook application settings on the facebook webpage. I found i was missing the Canvas URL and a few other URLs, and filling this out made things work a little better.