I am building MVC C# webapi backend for my mobile app, which uses one's Facebook/twitter/Google account to signup. Now, I want to get friends list corresponding to individual's account who are using same app.
Well this is where my problem starts, would I have to pull request every time or will I have to manage a table for this purpose or is there some other best practice.
Any help/guidance would be appriciated
Once you create a App via the facebook app you can use FQL to get the names based on your applications id
Something like
SELECT uid, name FROM user WHERE is_app_user AND uid IN (SELECT uid2 FROM friend WHERE uid1 = me())";
You you basically use the facebook API to make a request to facebook which will return a JSONArray, you can parse out that a array to get a list of users.
Here is a very similar question
Facebook API friends who use same app android
I'm familiar with the Facebook API. Take a look at http://developers.facebook.com. First, you need to request permission from the user to access a list of his friends. Once you have that, you can query the open graph to get a friends list. Take a look at the documentation on permissions to learn how to request permissions and which permissions you need to request.
You could create a cache and store it locally. However, this data will change. If you do cache it in your own system, make sure to invalidate it regularly and refresh it. I pull the data each time I need it, and cache it just for immediate use.
Related
I need an advise. I'm building a Web API for my app and I need to auth users who use it. The user will have access to his data, but may have access to others users data as well. In my database I manage the users and what other users they have access to (you might think of it like in Facebook where a user has access to his profile and his friends profiles, but not to other people profiles).
In my app, the user enters a username and password, and those are saved encrypted on the devise. They are later sent (via SSL) to the API on each call - what I've done is implement a Basic Authentication. If there is a better "best practice" to work please feel free to suggest - I'm new to this.
So far it works - but the problem is that working like this
the user once authenticated also has access to other profiles - what I would like to do is have him only get the profile (http://myaddress.com/Users/{id}) that belongs to him and the items that he owns (http://myaddress.com/Users/{id}/items) - and not for profiles and items by other users.
If the user is trying to access a profile or items of another user that he is connected to - allow that access.
What I thought about is passing the requested URI to my login method, and then check what user / resource the user is trying to access and than check the database - but that seems like a lot of work and a lot of IF statements.
So before I start writing, I thought I'd ask to see if there's a better way to do this. I have the HttpActionContext, I just don't know how to use it to my advantage.
Hope I was clear about my question. If not, feel free to ask for clarifications.
So you identify the user from his/her credentials that are sent on every API request. Could be switched some token based flow, that user authenticates just once and gets token(acts like user credentials) which is then sent to back-end API on every resource request. Then you can control the token, revoke access etc. What you could is make some kind of permission service, that all resources/objects have permissions attached to it and then just assign needed persmission to users read/write to this object maybe. Might be a massive task to implement. My opinions.
I am trying to implement simple checkin functionality in a Facebook centric, location based WP7 application I am currently developing. I have managed to search and return a list of possible checkins within a given radius and checkin to one. I am now trying to add a 'custom' checkin in case none of the available options are of interest to the user. Could you please advise as to how that can be done? I am assuming it will be something along the lines of 'create location and return newly created ID' but I do not know how one can create a location.
Thank you in advance.
In order to create a Place on Facebook it must either be a Facebook Page or an Open Graph Object. You obviously can not create Facebook Pages via the Graph API, but you can however create Open Graph Objects.
Basically what you'd do here is allow your user to check in to a place, if this place is new then you create it in your own database on your servers, and you'd have an end-point that loaded the correct Open Graph data for that Place on your web servers. You'd then publish the check-in to Facebook for the user, and point it at the web end-point you created. This will cause Facebook to look up your graph data, create a graph object, and save the user's check-in. If the place they check in to already exists, then instead of passing a new web end-point, you'd pass either the existing end-point or the unique place id that Facebook assigned that place.
You can read more about each of the technologies you need to use on the Facebook developer documentation. Open Graph Protocol Check-ins, and Graph API Object Selection (http://developers.facebook.com/docs/reference/api/#reading)
I'm just getting into the Graph API and am having having a hard time trying to figure out if/how I can go about showing MY profile albums on My website with out having to have the user log into facebook. I'm getting thrown off with the access token...I realize I can retreive an access token to retreive my photos if I have someone log on to the site, but I want it to be transparent, using my credentials through code (securely) some how if necessary.
How can I accomplish this? I'm looking for a general conceptual explaination, but pseudo code never hurts. Can any one clear it up for me a little?
Using:
Facebook Javascript Sdk
Mirosoft MVC
Facebook C# Sdk
There's no way, that I'm aware of, to do that.
Facebook apps treat all users the same, you can't have special privileges for your user.
If your user is public then you should be able to get all of the public using an application access token which does not expire.
If that's not the case then you have two options as I see it.
Use the server side authentication with your user, or extend a valid token (a method to replace the deprecation of the "offline_access" permission), that will get you a long lived token, about 60 days, and in that time frame you can then get your data from facebook.
Then when that expires re-authenticate in the same way and get another 60 working days, etc.
Another approach is to authenticate as yourself and then have your app save the data, then present it from your own db.
Be sure to update the data every once in a while.
I've been googling for a couple of days, and I could not find any clue how to achieve that:
I have a desktop application(C#) in which I'd like to be able to login to my facebook profile, and pull some data from it(e.g. profile information, wall posts, likes on my posts, etc.)
Note that I DO NOT want to develop a facebook application, I simply would like to access my own user data.
As far as I see, the Graph API was designed to develop FB apps, and Graph API calls always need an access token, but I do not have token, since I do not use any Facebook application.
By now, the only way I see for that is to add a web browser component to my application, and login to the facebook through it, but it's quite inconvenient to process the pure HTML, and, since the HTML itself can change at any time, the maintenance of the application would be a horror.
So I'd like to find some way to pull data from facebook in JSON format, like the Graph API, but without having a Facebook application.
Thanks in advance for the answers.
It's not possible to access the data without a facebook application.
As you wrote, you need an access token for most graph requests, and in order to have an access token you need an application.
More than that, from what you wrote you'll need extra permissions which are not granted by default (for the user photos, wall posts, likes and so on).
Facebook can't just give you the info you see, the user has to grant a specific application the right to access their data, and because of that you must have a facebook app.
I don't see what the problem is though, just create a facebook app, it's not that complicated.
Say I have 3 google accounts and 3 facebook accounts and want to an webapp for viewing the inbox / events for all 3 accounts together. Would that be possible?
I can think of the following options:
Using the javascript api's only. (Don't know if it would be possible to have multiple users authenticated at same browse session or switch between the users without reentering passwords?)
Merge the inboxes / events on server using some c# api for gmail and facebook. Would those api require a browser session, or would it be possible to store some sort of a authentication token?
Thanks a lot for any suggestion!
Larsi
It is definietly possible to do that with Facebook by using its OAuth authenitcation and corresponding service calls to retrive data. I don't know if gmail supports something like this.
Facebook API/Auth reference: http://developers.facebook.com/docs/authentication/. Note that you'll either have to call services yourself or have one application Id per account you want to pull data for as library provided by Facebook stores user information in cookies named with application Id as prefix.
You need two separate browser sessions, possibly storing cookies in different places (if you want to remember who's logged in) to be logged in to these websites as two users at the same time. Some of them will even free up sessions by examining the IP address; if the same IP has two or more open sessions, all but the youngest are discarded.
The idea is, a computer is used by one person, and that person is supposed to be one user and interact with the web app in one session. That allows for the best overall use of resources. There are very simple ways to enforce this server-side, that are hard to "game" client-side.