I'm trying to get the Facebook C# SDK to work with offline_access and a console application.
From what I understand, I have to:
Ask for auth for offline_access - that's easy.
Get the "code" that is returned by FB when the user authorizes offline_access
Use ExchangeCodeForAccessToken to get a valid access token each time
I can't figure out how to grab the code in (2) though?
Thanks
Getting the "code" and exchanging the code for a token is something you usually do if you are doing authentication in a server-side workflow. It may be a bit of a red herring in your scenario. There are easier ways to just get the access token directly.
It would help to have more context (including code) showing how you are getting offline_access (javascript, server-side OAuth, ...?)
When you get offline_access via the Javascript SDK, which in my opinion provides the best user experience, you will get the access token back in the response from Facebook:
FB.login(function (response) {
if (response.session) {
if (response.perms) {
var accesstoken = response.session.access_token;
// do something with the token...save it, use it, etc.
} else {
// re-prompt for permissions
}
}
}, { perms: 'offline_access' });
Once you have it in javascript you can stuff it into a hidden form field, put it in an ajax post to your server, or whatever.
Note that in my experience you do not actually need the saved user access token to do offline api calls for all api methods. You can just use an app access token in some cases, and Facebook will let it fly if you have offline_access and the other required permissions. They did post a developer blog post in the last week stating you need a token for some api calls where it was not previously required, so that might be changing.
Also be aware that these tokens can go bad. For example if the user changes their Facebook account password it invalidates all access tokens. So it is good to test them, catch OAuth exceptions, and have a way to bring this to the user's attention to re-prompt for permissions and get a new access token.
After the user grants you the "offline_access" permission, Facebook will redirect the user to your application URL with a "code" query string parameter. You need to grab this "code" query string parameter.
Then, make another WebRequest using this "code" value to get the access token. Use the following URL to make the request:
https://graph.facebook.com/oauth/access_token?client_id={0}&redirect_uri={1}&client_secret={2}&code={3}
The WebResponse can be parsed like this:
NameValueCollection qs = HttpUtility.ParseQueryString(response);
token = qs["access_token"];
You need to persist the token in a database for use in your console application.
Related
when i'm try to follow to any one on instagram by use my client Applcation in my account
i'm use link to get access token and write this scope :
https://instagram.com/oauth/authorize/?client_id=ID_CLIENT&scope=basic+follower_list+public_content+comments+relationships+likes&redirect_uri=https://www.google.com&response_type=token
this is work to get access token
but when i try to follow any one be sent POST Webrequeste method like :
action=follow
this is response badRequeste 400 ;
when i try get access token by this web https://apigee.com
then that is work without problem :(
Use this free Instagram Token Generator to generate an auth token with the necessary scopes. Just check the boxes for whichever scopes you need.
I need help to obtain an authorize code, is there any way to get one without accepting anything or any window that pops up. I need this for my service as an automated process.
I tried like a thousand ways but nothing works.
Please does anyone know a solution?
As per the docs (http://msdn.microsoft.com/en-us/library/dn659750.aspx), you can use a refresh token if your app has offline access in its scope.
If offline access is set, when you retrieve your authentication token normally, you'll also get a refresh token. When the normal token expires, you can request a new one similarly to the first token, replacing the code query parameter with the refresh_token parameter.
To be clear, the process looks like this as per the docs:
Send your user to your web service
Direct them to the OneDrive authorise page with the correct parameters (make sure offline access is in the scope)
Wait for them to be redirected back to your app with the authorisation code
Exchange the authorisation code with OneDrive (using the oauth20_token.srf endpoint) to receive a set of tokens (one of these will be refresh)
Wait for the access_token you received to expire
Exchange the refresh_token you received for a new access token as per the "Getting a new access token or refresh token" section of the docs
I need to post a message from my personal website to the website´s facebook wall page. I dont want the user to authenticate against facebook, instead a default website account should be used(probably the facebook app).
This is what I have :
Created facebook App at https://developers.facebook.com
Add Facebook.dll to my ASP.NET webform site(the personal site)
Included the following code :
FacebookClient client = new FacebookClient();
result = client.Get("oauth/access_token", new
{
client_id = ConfigurationManager.AppSettings["FacebookAppId"],
client_secret = ConfigurationManager.AppSettings["FacebookAppSecret"],
grant_type = "client_credentials"
});
client.AccessToken = result.access_token;
result = client.Post("1418771281723422/feed", new { message = "Test Message from app" });
result = client.Get("1418771281723422");
This returns the following exception on client.Post
A first chance exception of type 'Facebook.FacebookOAuthException'
occurred in Facebook.dll
Additional information: (OAuthException - #200) (#200) The user hasn't
authorized the application to perform this action
What am I doing wrong and why is it so hard to do this simple task?
Of course you need to authorize a User to post on Facebook - else it would be incredibly easy to create a spam App.
What you need is a Page Access Token, take a look at the Facebook docs about the different Tokens and how to get them: https://developers.facebook.com/docs/facebook-login/access-tokens
More information about Access Tokens: http://www.devils-heaven.com/facebook-access-tokens/
The code is in PHP, but the text is valid for every language anyway.
This is how to generate an Extended Page Token with PHP: http://www.devils-heaven.com/extended-page-access-tokens-curl/
An Extended Page Token may be exactly what you need, it is valid forever and you can post "as Page" with it.
Doing this with ASP.NET should be pretty similar, but you don´t really need that Facebook SDK if you take a look at the tutorial for extending a Page Token with CURL. This question may help you: curl Request with ASP.NET
To create an Extended Page Token only for yourself, i suggest creating it without any coding:
Use the Graph API Explorer to create a User Access Token with your App.
Extend the User Access Token: https://graph.facebook.com/oauth/access_token?grant_type=fb_exchange_token&client_id=[app-id]&client_secret=[app-secret]&fb_exchange_token=[short-lived-token]
Put that resulting User Token in the "Access Token" field of the Graph API Explorer
Make a call to /me/accounts to get a list of all your Facebook Pages
Take the Access Token of your Page and use it in a server side call for posting
It´s explained in this article: http://www.devils-heaven.com/facebook-access-tokens/
I've created a web application that uses the OAuth authentication and universal connectors as explained in this tutorial, and started to fiddle around a little to add support for other providers like Yahoo and LinkedIn. So the authentication part works and users are created in the asp.net Membership provider. Also, all the providers return the accesstoken which I supposedly can use to retrieve more information regarding the user.
I'd really like to acquire the profile image, but it seems every provider has a different way of requesting this information. Twitter even describes a way to authorise every request by changing the HTTP header information.
Whilst reading this information on the websites of the various providers I was wondering whether this functionality isn't also already included somewhere in DotNetOpenAuth.AspNet or Microsoft.AspNet.Membership.OpenAuth implementation.
How can I use DotNetOpenAuth.AspNet and/or Microsoft.AspNet.Membership.OpenAuth to request the profile image of the loggedin user using the just acquired accesstoken?
UPDATE in response to Leo's answer
I use the following code to make a call on LinkedIn's API.
string accessToken = extraData["accesstoken"]; // Extra Data received from OAuth containing the accesstoken.
WebRequest request = WebRequest.Create("https://api.linkedin.com/v1/people/~:(id,first-name,last-name,date-of-birth,email-address,picture-url)?oauth2_access_token=" + accessToken);
using (WebResponse response = request.GetResponse())
{
// do something with response here.
}
Error message is "The remote server returned an error: (401) Unauthorized.".
What am I doing wrong?
The answer is simple...you can't use any of these. These are wrappers of OAuth and OAuth only specifies how you can authenticate a user. Now, to request the user's profile photo you will need to use the external provider's own API and you will need most likely a valid access token. So, you will need to use one of these implementations of OAuth to authenticate a user and the recieve an access token, store the access token somewhere (usually a cookie) and then use the access token to make sub-sequent calls to the provider's APIs. Examples and links....
Facebook's Graph API allows you to retrieve users profiles
https://developers.facebook.com/docs/graph-api/quickstart/
notice that all examples in the link above will require you to include the access token in a parameter named access_token, for example
https://graph.facebook.com/me?method=GET&format=json&suppress_http_code=1&access_token={your-access-token}
Google...
https://www.googleapis.com/oauth2/v3/userinfo?access_token={your-access-token}
LinkedIn...
https://api.linkedin.com/v1/people/~:(id,first-name,last-name,date-of-birth,email-address,picture-url)?oauth2_access_token={your-access-token}
You can get more specific information from these providers' websites
Let me know if you have any other doubts I might be able to help you since I have implemented stuff like these before.
Cheers, Leo
I've integrated my website with Facebook Connect, authorization/single-sign on all working great.
Now im trying to post something to the user's wall, which im having some problems with.
First of all, im using the "old" JavaScript API (FeatureLoader.js).
These are the Graph API URL's im using:
private const string UserDetails_Url = #"https://graph.facebook.com/{0}?access_token={1}";
private const string Feed_Url = #"https://graph.facebook.com/{0}/feed?access_token={1}";
private const string TokenExchange_Url = #"https://graph.facebook.com/oauth/access_token?{0}";
I'm using the TokenExchange_Url URL to receive the unique user OAuth token to make calls with.
This is working fine, because a) i receive the token back, and b) i can issue HTTP Get Requests to the Graph API (i.e UserDetails_Url) and it works fine.
But, i cannot Post to the User's wall using the Feed_Url.
I'm pretty sure the issue is i haven't got the appropriate user permissions to post to a wall (i.e facebook-side setting).
Now, i realise i can use the fbPublish API method client-side to do this, but i want to do it server-side with the Graph API.
I wont bother showing my code which attempts the call to the Graph API to post to the user's wall, as its pretty straightforward (HttpWebRequest, set method to "POST', set content type/length, write bytes to Stream, etc).
I think the problem is i need the user to grant my aplpication "publish_stream" extended permissions.
The Facebook Graph API doco says to do this in your authorization request:
https://graph.facebook.com/oauth/authorize?
client_id=...&
redirect_uri=http://www.example.com/callback&
scope=user_photos,user_videos,publish_stream
Which confuses me because im using the following URL to get the OAuth token:
https://graph.facebook.com/oauth/access_token?bunchofqsparams
Am i using the wrong Token Exchange URL? Why is there two different URL's to seemingly get the same piece of information?
Yes - i have read the Facebook API doco (numerous times), and yes i have read other similar SO questions, but they all result in using the client-side API to publish to wall, i want to do it server side.
For the actual "Facebook Connect" button, i'm using the standard FBML:
<fb:login-button length="long" size="medium" autologoutlink="false" background="light" onlogin="facebookLogin('/login')" class=" fb_login_not_logged_in FB_login_button FB_ElementReady"><a id="RES_ID_fb_login" class="fbconnect_login_button"><img id="RES_ID_fb_login_image" src="http://static.ak.fbcdn.net/rsrc.php/zB6N8/hash/4li2k73z.gif" alt="Connect"></a></fb:login-button>
When i click this (and not logged into Facebook), it pops up a window which the user can login. But it doesnt have the "Request Extended Permissions" dialog - shouldnt it? Or is that another popup i need to manually trigger?
So to sum up, here are my questions:
How do i grant extended permissions to publish to the user's wall?
What is the correct URL for obtaining an OAuth token?
Is there a definitive source for showing how to post to a user's wall using server-side Graph API calls?
As i presumed, i was missing a call to the client-side API to request extended permissions. (ie publish_stream).
I had a simple JavaScript function which was executed as part of the "onlogin" attribute of the FBML Login control.
Previously, i was simply doing a redirect (which would then do a single-sign-on in the server-side code).
Now, im doing this:
function postLogin(targetUrl) {
FB.Facebook.apiClient.users_hasAppPermission('publish_stream', function(result) {
if (result == 0 || result == null) {
FB.Connect.showPermissionDialog('publish_stream', function() { redirectTo(targetUrl); });
} else {
redirectTo(targetUrl);
}
});
}
Translated to english:
// On "Facebook Connect" click (which passes in a redirect URL)
// Check if user has 'publish-stream' permissions
// If they do, just redirect.
// If they dont, show a dialog requesting that permission, then redirect.
Now the server-side Graph API calls all work fine.
So to answer my own original three questions:
How do i grant extended permissions to publish to the user's wall?
Answer: make use of the client-side JavaScript API function 'FB.Connect.showPermissionDialog' to show the popup, and 'FB.Facebook.apliClient.users_hasAppPermission' to check if they have the permission.
What is the correct URL for obtaining an OAuth token?
Answer: I still believe it is "https://graph.facebook.com/oauth/access_token?{0}", but "https://graph.facebook.com/oauth/authorize?{0}" might be able to be used for a server-side authentication/authorization process.
Is there a definitive source for showing how to post to a user's wall using server-side Graph API calls?
Answer: If there was, i wouldnt have to had asked this question - so the answer in short, is no. =)
Advice to anyone starting Facebook Connect work, try to avoid the "Old JavaScript API". Do as much as you can server-side (Graph API), and only use the client-side JavaScript API for the initial handshake (cross domain receiver).