Hope I will get some help and not get marked as duplicate because spent a couple of days and still didn't find a solution for this one.
My problem is that I am working on an application that should get data from Facebook marketing API and I didn't manage to do it and am working in C#, FE is in React but would like to do this all on BE.
I created an app on Facebook, have appId, app secret, my client Id, accountId, set business manager and realize that one way to go is to go through app review but this is not an option because there are too many clients and it is not the best scenario.
Is there any other way that I implement fully user authentication, to first get authorization code and then user access token so I could get the data I need.
If I get the code over the browser I can generate a token but I would like to do it automatically over my code.
If I call https://www.facebook.com/v9.0/dialog/oauth?client_id=%7Bapp_id%7D&redirect_uri=%7Bredirect_uri%7D over httpClient it gives back some HTML text and I would need the URL it redirects you to in the browser (like on facebook - how to get a new authorization code for an access token)
And didn't find a way access token without that authorization_code
Related
I start to working with the Facebook graph API and I have question:
I make Facebook Authentication, so after user approve my application I got accessToken and the facebookUserID. note: The accessToken is expire after One hour(!!!).
Then, in another webpage "index.html", I want to show all the users who approved the application with their full name and profile picture taken from Facebook.
Now I don't understand.. if someone will enter the "index.html" page to see list of users who accepted the application - 5(!!) month after their authentication, when i will make the HTTP call to get thier fullname and profile picture, the accessToken is now expire(a lot time before) so the HTTP call will not succeed.
The last option is to save the full name just in the One hour between user accept the application and before the accesstoken expiration. but if the user will change his name sometime... I don't have the updated Name!
if its important - I'm usind the javascriptSDK with asp.net project.
Please help me to understand how to solve this situation.
It would appear that it is not possible to generate a long-lived token with the JS SDK directly, you will have to involve the server side, see this page for details.
I would like to post to my company Yammer feed from Console C# application.
Before, I created Javascript and Rest Application. But now, I do not know How to get access Token.
I tryed to use HttpWebRequest Class to Endpoint
https://www.yammer.com/dialog/oauth/?client_id=[my_client_id] &response_type=code&redirect_uri=[redirect_url]
However, Httpresponse Not contain "code".
Someone who know get access token, please tell me how to get access token.
There are a number of ways to get a sample token. You can now generate one within the screen where you created your client application. Go to https://www.yammer.com/client_applications/ and select the app you want to get a token for.
There is a link for 'Generate a developer token for this application'
For the API request you have listed I think the user would need to authenticate first then get a dialog box to accept\reject the app which would then redirect to get the code to exchange for an access token.
Docs are here:
https://developer.yammer.com/docs/oauth-2
I want that my Windows Phone 8 app uses LinkedIn in order to search companies and get contacts. To do so I need an Access Token and, to get that, I need an Authorization Code.
As far as I have read, the LinkedIn API uses OAUTH2 and the url to get the Authorization Code is the following:
https://www.linkedin.com/uas/oauth2/authorization?response_type=code
&client_id=YOUR_API_KEY
&scope=SCOPE
&state=STATE
&redirect_uri=YOUR_REDIRECT_URI
The problem is the REDIRECT URI parameter. I don't want that, because I just want to get the Authorization Code, and then get the Token with the code.
Do you know if is there any way to avoid redirecting? Or using some kind of redirect which doesn't bring you to other webpage?
I decided to use a custom host, so now the problem is solved.
In case anyone has a similar issue, I struggled with this and found an easier way (maybe not the correct way).
I redirected to a made up address (http://madeupaddress.com) and on the Navigating event checked if the url started with my made up address, if so, i closed the browser and take the token from the e.URI.Query parameters, then apply for the access token using the code.
Thanks go to Vittorio Bertocci
I have no idea how to start to retrieve my Facebook friends using the Facebook API. I have read the Graph API docs.
Secondly, I'm doing TDD so I want to start with my test cases.
At first, these will be integration tests because I have to integrate the real life Facebook api. After that works, I'll mock out these tests to make them unit tests.
So this is why I'm stuck. Please assume that I have a Facebook account (eg. email + password) so I can authenticate and then use the access token to get my friends.
UPDATE:
I also do have an FB App already setup (eg. app id / app secret).
The first thing that you need to do to get the list of friends, or any other api request on the behalf of the user, is to authenticate the user and get a user access token.
There are two authentication flows:
Client-Side: will result with a short lived access token (expires within a few hours) which you can then extend (on the server side) for a long lived using the new endpoint.
Server-Side: results with a long lived access token for about 60 days.
It will probably be hard to do that with TDD (at least at first), and so you might want to use one of the following facebook tools which will generate the access token for you:
Access Token Tool: gives you a list of `access tokens for all your apps bound to your own user'. Per application you get both a user token and an app token.
Graph API Explorer: Select your application at the top right corner and then click the "Get Access Token" button, then select the permissions you need and approve it, when the dialog closes you'll see the access token in the field.
With the access token that you get you can start querying the api.
To get the list of friends simply issue a request to me/fiends as explained in the Friends connection of the User object documentation.
I'm not a C# developer, but I'm aware of this C# SDK for Facebook, it should (like all other facebook SDKs) have implemented most of the work for you for sending the api requests and parsing the returned data.
From a quick look at their getting started documentation it should look something like:
var accessToken = "THE ACCESS TOKEN YOU HAVE";
var client = new FacebookClient(accessToken);
dynamic me = client.Get("me/friends");
...
I've integrated my website with Facebook Connect, authorization/single-sign on all working great.
Now im trying to post something to the user's wall, which im having some problems with.
First of all, im using the "old" JavaScript API (FeatureLoader.js).
These are the Graph API URL's im using:
private const string UserDetails_Url = #"https://graph.facebook.com/{0}?access_token={1}";
private const string Feed_Url = #"https://graph.facebook.com/{0}/feed?access_token={1}";
private const string TokenExchange_Url = #"https://graph.facebook.com/oauth/access_token?{0}";
I'm using the TokenExchange_Url URL to receive the unique user OAuth token to make calls with.
This is working fine, because a) i receive the token back, and b) i can issue HTTP Get Requests to the Graph API (i.e UserDetails_Url) and it works fine.
But, i cannot Post to the User's wall using the Feed_Url.
I'm pretty sure the issue is i haven't got the appropriate user permissions to post to a wall (i.e facebook-side setting).
Now, i realise i can use the fbPublish API method client-side to do this, but i want to do it server-side with the Graph API.
I wont bother showing my code which attempts the call to the Graph API to post to the user's wall, as its pretty straightforward (HttpWebRequest, set method to "POST', set content type/length, write bytes to Stream, etc).
I think the problem is i need the user to grant my aplpication "publish_stream" extended permissions.
The Facebook Graph API doco says to do this in your authorization request:
https://graph.facebook.com/oauth/authorize?
client_id=...&
redirect_uri=http://www.example.com/callback&
scope=user_photos,user_videos,publish_stream
Which confuses me because im using the following URL to get the OAuth token:
https://graph.facebook.com/oauth/access_token?bunchofqsparams
Am i using the wrong Token Exchange URL? Why is there two different URL's to seemingly get the same piece of information?
Yes - i have read the Facebook API doco (numerous times), and yes i have read other similar SO questions, but they all result in using the client-side API to publish to wall, i want to do it server side.
For the actual "Facebook Connect" button, i'm using the standard FBML:
<fb:login-button length="long" size="medium" autologoutlink="false" background="light" onlogin="facebookLogin('/login')" class=" fb_login_not_logged_in FB_login_button FB_ElementReady"><a id="RES_ID_fb_login" class="fbconnect_login_button"><img id="RES_ID_fb_login_image" src="http://static.ak.fbcdn.net/rsrc.php/zB6N8/hash/4li2k73z.gif" alt="Connect"></a></fb:login-button>
When i click this (and not logged into Facebook), it pops up a window which the user can login. But it doesnt have the "Request Extended Permissions" dialog - shouldnt it? Or is that another popup i need to manually trigger?
So to sum up, here are my questions:
How do i grant extended permissions to publish to the user's wall?
What is the correct URL for obtaining an OAuth token?
Is there a definitive source for showing how to post to a user's wall using server-side Graph API calls?
As i presumed, i was missing a call to the client-side API to request extended permissions. (ie publish_stream).
I had a simple JavaScript function which was executed as part of the "onlogin" attribute of the FBML Login control.
Previously, i was simply doing a redirect (which would then do a single-sign-on in the server-side code).
Now, im doing this:
function postLogin(targetUrl) {
FB.Facebook.apiClient.users_hasAppPermission('publish_stream', function(result) {
if (result == 0 || result == null) {
FB.Connect.showPermissionDialog('publish_stream', function() { redirectTo(targetUrl); });
} else {
redirectTo(targetUrl);
}
});
}
Translated to english:
// On "Facebook Connect" click (which passes in a redirect URL)
// Check if user has 'publish-stream' permissions
// If they do, just redirect.
// If they dont, show a dialog requesting that permission, then redirect.
Now the server-side Graph API calls all work fine.
So to answer my own original three questions:
How do i grant extended permissions to publish to the user's wall?
Answer: make use of the client-side JavaScript API function 'FB.Connect.showPermissionDialog' to show the popup, and 'FB.Facebook.apliClient.users_hasAppPermission' to check if they have the permission.
What is the correct URL for obtaining an OAuth token?
Answer: I still believe it is "https://graph.facebook.com/oauth/access_token?{0}", but "https://graph.facebook.com/oauth/authorize?{0}" might be able to be used for a server-side authentication/authorization process.
Is there a definitive source for showing how to post to a user's wall using server-side Graph API calls?
Answer: If there was, i wouldnt have to had asked this question - so the answer in short, is no. =)
Advice to anyone starting Facebook Connect work, try to avoid the "Old JavaScript API". Do as much as you can server-side (Graph API), and only use the client-side JavaScript API for the initial handshake (cross domain receiver).