I am using an IFrame application with XFBML and the new Javascript API.
I'd like to have a facebook application with multiple entry points. These will most likely represent different links coming from a fan page tab.
I can do this quite easily if the pages don't require authentication - for instance I can create several pages under the app and if a new user comes I can send them to any page:
http://apps.facebook.com/myapp/offers
http://apps.facebook.com/myapp/game
http://apps.facebook.com/myapp/products
The problem is that if I need to have authentication then once the user is authenticated they get redirected to my default post-authorization url.
Is there a way for a user that comes to /game to stay on /game after they are authenticated without redirecting.
I thought I could do it with the AJAX login form - but I cannot find out how to do that in a Facebook IFrame application.
I think the example using requirelogin only works for FBML.
<a href="http://apps.facebook.com/mysmiley" requirelogin=1> Welcome to my app</a>.
Is there a way to accomplish this with Facebook APIs - or will I have to do some kind of clever cookie handling?
You can use the facebook connect JS library inside of an iframe app and then redirect them to the appropriate url in javascript if they click allow. Best to go to the Facebook dev docs on the Javascript SDK on Fb:login here: http://developers.facebook.com/docs/reference/javascript/
Basically if the login is successful, you will get a callback where you should redirect them in javascript by using window.top.location = 'yoururlhere';
Related
I have created a Facebook Application which will be used as a Facebook Tab Page. My problem is that I am unable to get the page id.
I want to use this single application for multiple Facebook Page Tabs but the content will vary based on the Page Id.
The code I am trying to use to get the signed_request is using the JavaScript SDK.
FB.getLoginStatus(function(response) {
console.log(response);
})
This can be done with the signed_request parameter, which is passed on to your URL.
The easiest solution is to use the PHP SDK. It offers a function called "getSignedRequest": https://developers.facebook.com/docs/reference/php/facebook-getSignedRequest
Those are the fields of the signed_request parameter: https://developers.facebook.com/docs/reference/login/signed-request
If you donĀ“t want to use the PHP, you need to parse the parameter on your own. Check out this link for more information and search for "Parsing the Signed Request": https://developers.facebook.com/docs/facebook-login/using-login-with-games
Edit: you will not get the correct signed_request using the JavaScript SDK. Use PHP (or your server language) for this.
The mistake was that the URL added in the Facebook page tab settings was getting redirected as it did not have a "/"; there was a redirect for SEO added and the URL in the Facebook APP sittings did not have the "/".
So as it was getting redirected Facebook sent the POST variable but we have not handled it. Now it is fixed.
Special thanks to #luschn and #Fran Barbero for all your efforts in this.
I am embedding a Facebook app https://example.com into the Facebook app canvas so that it is available at https://apps.facebook.com/EXAMPLE . My application sends notification emails that contain links like https://example.com/messages/123 and that should open the page embedded into the Facebook canvas. How do I achieve this? My current thoughts:
User opens https://example.com/messages/123
Application checks for signed_request parameter
Application redirects user to https://apps.facebook.com/EXAMPLE/?requested_page=/messages/123
Application checks for requested_page parameter and redirects to this page
User sees https://example.com/messages/123 URL and is embedded into canvas
Is there a better pattern out there to get this working?
My final working solution (with Ruby on Rails)
User opens https://example.com/messages/123
Application checks on client-side if app is embedded in canvas:
if(window == top){
top.location = "https://apps.facebook.com/#{Settings.facebook.app_id}#{request.fullpath}";
}
User is redirected to https://apps.facebook.com/EXAMPLE/messages/123
Application middleware converts POST into GET if signed_request is present (code and idea borrowed from https://github.com/dekart/facebooker2/blob/master/lib/facebooker2/rack/post_canvas.rb)
Application parses signed_request with fb_graph gem
FbGraph::Auth.new(app_id, app_secret, :signed_request => params[:signed_request])
I'd just update the link to point to http://apps.facebook/example/messages/123 off the start.
When you check for authentication just set the redirect after authorization/login to the same page.
Redirecting a user around multiple pages for no reason is just not a good practice.
Im trying to put the facebook permissions dialog within an iframe, however not making much progress because of lack of Facebook documentation, and the undocumented hacks around web are not working any more.
news.yahoo.com does something that i would like to emulate.
When you click on a news article it says login with facebook. After the initial oauth dialog to authenticate the user ( which does not ask for permissions), yahoo pop's another dialog from a yahoo URL which included the Permissions dialog within as an IFrame.
Does anybody know what API's can be used to accomplish this?
The fiddler trace indicates that the yahoo URL is calling:
the uiserver.php endpoint with the permissions.request method.
https://www.facebook.com/connect/uiserver.php?method=permissions.request&app_id=194699337231859&display=iframe&redirect_uri=https%3A%2F%2Fopen.login.yahoo.com%2Fopenid%2Fyrp%2Fsc_check&cancel_url=https%3A%2F%2Fopen.login.yahoo.com%2Fopenid%2Fyrp%2Fsc_check&perms=user_birthday%2Cuser_likes%2Cemail%2Cpublish_actions&response_type=code&locale=en_US
When i try to do this using FB's javascript SDK:
FB.ui({
method: 'permissions_request',
perms: 'read_stream,publish_stream,user_photos',
display: 'iframe'
},
function(response){
alert("badfood");
alert(response);
});
It goes to a different endpoint: facebook.com/dialog/permissions_request? ...
And I get a 500 server error from facebook without useful debug info.
Thanks
some things.
1) first add the parameter show_error=true. This will tell you more about what's really causing the error.
2) Facebook has multiple ways it can display any dialog. In the fiddler request, note the display=iframe parameter. This is used for canvas applications mainly but can be useful for regular iFrame displays as well. It opens the auth dialog in a lightbox.
3) Try loading the SDK synchronously. Remove the Async references that Facebook tells you to include at the top of the page after the body tag and use the secondary method. Include the all.js and fb-root div tag and load FB.init just before your FB.ui call.
4) Check out the echo tool.
This tool can print out your GET params or your . It can also decode
the signed_request parameter as used in Canvas applications with the
OAuth 2.0 Beta migration enabled. This is very useful in debugging
Canvas Authentication.
http://developers.facebook.com/docs/reference/dialogs/
Loading the auth/permissions dialogs inside iframes are not permitted nor possible due to the risk of clickjacking. Sites where you see this being done have special agreements with Facebook that allows them to do this.
I'm writing facebook canvas application with Rails3 using omniauth-facebook gem. The few moments are not clear:
Rdirect after sing in (in '/auth/facebook/callback' => 'session#create'):
After successful sing_in if user is redirected to root_url it sometime arrives to
my canvas page URL (http://localhost:3000) outside of the frame. On other hand, when
redirecting him to my app url (http://apps.facebook.com/my_app) it sometime stacks on
blank page inside the frame. So how to handle this redirect correctly?
What is a proper way to link between pages inside my app? Currently I use relative links and top.location url is always stay my app url (http://apps.facebook.com/my_app). But I saw that many facebook apps redirect the client top.location (http://apps.facebook.com/my_app/internal_link)... It raises one more question:
Now facebook always fetch my app into the iframe using POST method. How to handle this behavior in RESTful rails application?
I'd very thankful for any advices...
I am hosting a Facebook app on Google app engine, I need to make sure the user is logged into facebook before anything.
What I can currently do is display facebook's log in button using fbxml, but I prefer the user would be redirected to Facebook's log in page if he wasn't logged in, then back to my app's main page, this way I can make sure that the user is logged in before doing anything.
I am new to Facebook apps, I read here that I can redirect the user to
https://www.facebook.com/dialog/oauth?client_id=YOUR_APP_ID&redirect_uri=YOUR_URL
in order to authenticate him. But using GAE's self.redirect(url) doesn't work, the page stays the same. I was hoping I could do something like this in my handler:
if u'signed_request' in self.request.POST:
facebook.load_signed_request(self.request.get('signed_request'))
if not facebook.user_id:
self.redirect("https://www.facebook.com/dialog/oauth?"+
"client_id={0}&redirect_uri={1}"
.format(FACEBOOK_APP_ID, EXTERNAL_HREF))
return
but as i said earlier this doesn't work.
I'm assuming by 'Facebook App' you mean a Canvas App - so something that will live at https://apps.facebook.com/YOUR_NAMESPACE from a user perspective?
If so, you'll need to add the redirect via Javascript using window.top, as your app is loaded in an iframe. See https://developers.facebook.com/docs/appsonfacebook/tutorial/ and search for 'top', then view the example toward the end of the page.
There are also good examples on the Php Sdk that facebook provides. I like the with_js_sdk.php example. It runs seamlessly and is good to follow.
https://github.com/facebook/php-sdk
http://developers.facebook.com/docs/reference/php/