Although I have full authority, error is error authority:
(OAuthException - #200) (#200) Requires either publish_to_groups permission and app being installed in the group, or manage_pages and publish_pages as an admin with sufficient administrative permission
Facebook Developer below is my display image and
screenshot of my code.
App ID 10525 : makineadresi
Type: User
App-Scoped User ID
Learn More
10214 : Makine Adresi
User last installed this app via: API N/A
Issued: 159756 (about a week ago)
Expires: Never
Data Access Expires: Never
Valid: True
Origin: Unknown
Scopes: user_events, email, manage_pages, pages_manage_cta, pages_manage_instant_articles, pages_show_list, publish_pages, business_management, publish_to_groups, groups_access_member_info, public_profile
string FBPub_ClientId = "4714088892553";
string FBPub_ClientSecret = "80749ba484de42952e928677";
dynamic FacebookPost = new ExpandoObject();
FacebookPost.link = "http://makineadresi.com/tr/80-LiK-Alman-Borwerk-1215";
FacebookPost.caption = "header";
FacebookPost.message = "sub information";
try
{
FacebookClient appp = new FacebookClient("EAABcHPvQGZBUBAA1E3gxwHpp2Ap0uBTXwZAa7ZAalHl3gf0xBhOpVHCzwZDZD");
appp.AppId = FBPub_ClientId;
appp.AppSecret = FBPub_ClientSecret;
var postId = appp.Post("/13289/feed", FacebookPost);
return postId[0];
}
Could you please help ?
All my links in my code are correct. The explanations are modified shapes.
Access Token which is incorrect. The following steps of Access Token can be accessed correctly.
https://developers.facebook.com/tools/explorer/ click url.
where( me?fields=id,name) is written (me/accounts) in summer.
Use the access token located under the data.
Related
I have an API and other services configured and secured via AWS. We have applied a RBAC style permission system to allow/deny access to resources using groups in Cognito and federated-identities.
When a user logs into to the system, they get a JWT token listing the cognio:roles they have access to, and can use these to perform different actions by requesting a temporary session token for that resource.
I currently have a Angular website, which is working as expected and once the user has logged in, is able to request the session tokens like this:
buildCognitoCreds(idTokenJwt: string, customRoleArn: string) {
let url = 'cognito-idp.' + CognitoUtil._REGION.toLowerCase() + '.amazonaws.com/' + CognitoUtil._USER_POOL_ID;
let logins: CognitoIdentity.LoginsMap = {};
logins[url] = idTokenJwt;
let params = {
IdentityPoolId: CognitoUtil._IDENTITY_POOL_ID, /* required */
Logins: logins,
CustomRoleArn: customRoleArn
};
let serviceConfigs: awsservice.ServiceConfigurationOptions = {};
let creds = new AWS.CognitoIdentityCredentials(params, serviceConfigs);
console.log('Creds for role: ' + customRoleArn + ':', creds);
this.setCognitoCreds(creds);
return creds;
}
I am now trying to do the same in .net as we have a number of desktop and mobile (Xamarin) app that need to access the AWS resources / api.
I have followed the AWS blog here: https://aws.amazon.com/blogs/developer/cognitoauthentication-extension-library-developer-preview/
and am able to authenticate my users against my cognito user pool.
I am now stuck, as how to get the session tokens for a specific role the user has permissions for - I have tried using the following:
var credentials = _authenticationService.User.GetCognitoAWSCredentials(
"us-east-1:ef964b45-939e-4ef3-91c6-xxxxxxxxxxxx", // Identity pool ID
RegionEndpoint.USEast1 // Region
);
var url = "cognito-idp.us-east-1.amazonaws.com/us-east-1_xxxxxxxxx";
var logins = new Dictionary<string, string>();
logins.Add(url, _authenticationService.AuthenticationResult.IdToken);
GetCredentialsForIdentityRequest request = new GetCredentialsForIdentityRequest();
request.IdentityId = "us-east-1:ef964b45-939e-4ef3-91c6-xxxxxxxxxxxxx";
request.Logins = logins;
request.CustomRoleArn = customRoleArn;
var c = new AmazonCognitoIdentityClient(credentials, RegionEndpoint.USEast1);
var test = c.GetIdentityPoolRolesAsync("us-east-1:ef964b45-939e-4ef3-91c6-xxxxxxxxxxxxxx").Result;
var result = c.GetCredentialsForIdentityAsync(request).Result;
Console.WriteLine(result.Credentials.AccessKeyId);
However every time I do I get a: Amazon.CognitoIdentity.Model.NotAuthorizedException with the message:
The ambiguous role mapping rules for: cognito-idp.us-east-1.amazonaws.com/us-east-1_xxxxxxxxx denied this request.
From tracing through the code, and testing it seems that I somehow need to specify the CustomRoleArn to use when getting the cognito was credentials from the Cognito User, otherwise token based rule in the cognito federated identity will return a deny response. - But I can't work out how to do this in the AWS .net SDK......
I found that Applications can be assigned to users in this answer but can't seem to figure out how to do this using C#. Below is the JSON and the C# I'm trying.
Azure Active Directory: assign user to an application from the gallery via Graph API
Assign principal (user or group) to application:
•resourceId is the objectId of the servicePrincipal that get created in the tenant for the application
•id is the default role id of App.
•principalId is the objectId of the principal (user or group) that is being assigned to the app.
HTTP POST https://graph.windows.net/7fe877e6-a150-4992-bbfe-f517e304dfa0/users/de4b092e-1dd4-4d40-b74d-a2d7096c9495/appRoleAssignments?api-version=1.5
Authorization : Bearer eyJ0eXAiOi--snip--JKVBfk_Q
Content-Type : application/json
Content-Length : 176
{
"id": "fc60bc23-43df-4a60-baaa-f0b8694e0259",
"principalId": "de4b092e-1dd4-4d40-b74d-a2d7096c9495",
"resourceId": "93c60e8e-74f9-4add-9ae2-dd9bc0d6edcd"
}
AppRoleAssignment appAssignment = new AppRoleAssignment();
appAssignment.Id = appRole.Id;
appAssignment.PrincipalId = new Guid(retrievedUser.ObjectId);
appAssignment.ResourceId = new Guid("aa9b2f6b-6528-4552-a202-2039ce86d95c");
appAssignment.UpdateAsync();
A little late to the party BUT! Since the documentation is completly missing I had to do a lot of googling and trail & error.
The solution is to update the user like this:
var appRoleAssignment = new AppRoleAssignment()
{
ResourceId = Guid.Parse(principal.ObjectId),
PrincipalId = Guid.Parse(user.ObjectId),
Id = Guid.Parse(roleId)
};
user.AppRoleAssignments.Add(appRoleAssignment);
await user.UpdateAsync();
I'm developing a new update for my existing Windows 8.1 app (written in C#). On this update, I would like the users to connect to Facebook. I found a lot of tutorials to make this work but I still don't have a solution.
When the WebAuthenticationBroken is called I have the Facebook login page (with Facebook logo and email and password fields) but on the top I have this:
Given URL is not allowed by the Application configuration.: One or more of the given URLs is not allowed by the App's settings. must match the Website URL or Canvas URL, or the domain must be a of one of the App's domains.
When I fill my info and click on Login I got an error like this from the WebAuthenticatonBroken UI: (I'm not using my Windows in English, so I don't know how it is exactly written)
We couldn't connect to the service right now. Check your internet connection or try again later.
My Facebook app is live, the SID is defined on the Windows Store ID field on basic settings.
Here I have my C# code used to call the WebAuthenticationBroker on my Windows 8.1 app:
public Uri _callbackUri = WebAuthenticationBroker.GetCurrentApplicationCallbackUri();
public string FacebookAppId = "15911339xxxxxxxx";
public string FacebookPermissions = "public_profile,email,user_friends";
FacebookClient _fb = new FacebookClient();
var loginUrl = _fb.GetLoginUrl(new
{
client_id = FacebookAppId,
redirect_uri = _callbackUri.AbsoluteUri,
scope = FacebookPermissions,
display = "popup",
response_type = "token"
});
WebAuthenticationResult WebAuthenticationResult = await WebAuthenticationBroker.AuthenticateAsync(
WebAuthenticationOptions.None,
loginUrl);
if (WebAuthenticationResult.ResponseStatus == WebAuthenticationStatus.Success)
{
var callbackUri = new Uri(WebAuthenticationResult.ResponseData.ToString());
var facebookOAuthResult = _fb.ParseOAuthCallbackUrl(callbackUri);
FacebookClient fbclient = new FacebookClient(facebookOAuthResult.AccessToken);
dynamic result = await fbclient.GetTaskAsync("me");
string id = result.id;
string email = result.email;
string FBName = result.name;
ApplicationData.Current.RoamingSettings.Values["UserID"] = id;
var accessToken = facebookOAuthResult.AccessToken;
}
I've already tried with no Valid OAuth redirect uri and with the "https://www.facebook.com" as well, but it's still not working.
I've also tried setting the "Embedded browser OAuth Login" and the "Native or desktop app?" on.
I'm using the most recent Facebook SDK for Windows Store.
I hope someone can help me fix this error.
PS: sorry for my bad English...
Thanks,
Rafael Pedro da Silva
Ok, I got it :) It's working now.
I just had to set the redrect url ( "FacebookClient().GetLoginUrl()" and on the callbackUri of the WebAuthenticationBroker ) and on Facebook settings to "https://www.facebook.com/connect/login_success.html".
using facebook sdk v 6 for .net i want my server to create a post to a user wall using facebook app
My code:
var client = new FacebookClient();
dynamic result = client.Get("oauth/access_token", new {
client_id = appId,
client_secret = appSecret,
grant_type = "client_credentials"
});
client.AccessToken = result.access_token;
var args = new Dictionary<string, object>();
args["message"] = "abc";
args["caption"] = "This is caption!";
args["description"] = "This is description!";
args["name"] = "This is name!";
client.Post("user/feed", args);
app configuration:
extended permissions : publish_stream , read_stream , export_stream, status_update ,share_item
user permissions : user_about_me, publish_actions
visible to all users
sandbox mode : disabled
appdomains : localhost
Website with Facebook Login - site url:localhost:8085
this 'user' im trying to publish on his wall is a TEST user in my app.
now, when i get to client.Post("user/feed", args); it throws this exception:
(OAuthException - #200) (#200) The user hasn't authorized the
application to perform this action
solution ?
you are using app's token to post on user's wall - that's not allowed. Your USER should give permissions to your app - and in return you will get USER token - and you should use it in API calls.
I am trying to implement user registration on my mvc3 site using fb. My question is regard this bit of code
FacebookClient fbClient = new FacebookClient(accessToken);
dynamic me = fbClient.Get("me?fields=id,name");
What other parameters can be specified in the request "me?fields=id,name,??". My application requires Email Address, phone number, address and name (first name, last name). I would be grateful if someone could tell me or better yet point to to somewhere I can find documentation on this.
This is a sample of the parameters you get inside dynamic me = fb.Get("me") without user permission:
"id":"894555532"
"name":"John Doe"
"first_name":"John"
"last_name":"Doe"
"link":"http://www.facebook.com/johndoe"
"username":"john"
"bio":"Sample bio"
"quotes":"\"Sample quote""
"work":[{"employer":{"id":"39233323343","name":"Sample Company"}
"position":{"id":"142461033332450","name":"Backend Developer"}
"projects":[{"id":"214103971985333"
"name":"Coors Light, Sample Project"}]}]
"favorite_teams":[{"id":"171522852874952","name":"Juventus"},{"id":"112325268793829","name":"Barcelona F.C."}]
"favorite_athletes":[{"id":"326971266226","name":"Alessandro Del Piero"}]
"gender":"male"
"timezone":-6
"locale":"en_US"
"verified":true
"updated_time""2012-01-24T09:12:17+0000"}
"email" requires user permission
I'm sure there are other things you can get, though there is no official list for c# sdk yet.
This is a sample of how to get all that info:
var fb = new FacebookWebClient();
dynamic me = fb.Get("me");
imgProfilePic.ImageUrl = string.Format("https://graph.facebook.com/{0}/picture", me.id);
lblName.Text = me.name;
lblFirstName.Text = me.first_name;
lblLastName.Text = me.last_name;
Here's an updated / complete list a scopes for Facebook C# SDK:
ads_management
create_event
create_note
email
export_stream
friends_about_me
friends_activities
friends_birthday
friends_checkins
friends_education_history
friends_events
friends_games_activity
friends_groups
friends_hometown
friends_interests
friends_likes
friends_location
friends_location_posts
friends_notes
friends_online_presence
friends_photo_video_tags
friends_photos
friends_questions
friends_relationship_details
friends_relationships
friends_religion_politics
friends_status
friends_subscriptions
friends_videos
friends_website
friends_work_history
manage_friendlists
manage_notifications
manage_pages
offline_access
photo_upload
publish_actions
publish_checkins
publish_stream
read_friendlists
read_insights
read_mailbox
read_requests
read_stream
rsvp_event
share_item
sms
status_update
user_about_me
user_activities
user_birthday
user_checkins
user_education_history
user_events
user_games_activity
user_groups
user_hometown
user_interests
user_likes
user_location
user_location_posts
user_notes
user_online_presence
user_photo_video_tags
user_photos
user_questions
user_relationship_details
user_relationships
user_religion_politics
user_status
user_subscriptions
user_videos
user_website
user_work_history
video_upload xmpp_login