I'm just getting started with the Graph API and the Javascript SDK. I have a page that will authenticate users using the fb:login-button, and I have successfully posted on status updates using /me/feed. However, when I try to retrieve a list of Events, or Posts the response is an empty array. I've cut and pasted some of the examples from FB docs, and they result in undefined objects.
Am I missing something on authentication? My users are authorizing user_events and friend_events. I figured if I could post, I should be able to read. Hoping it is something obvious.
Here is code sample that always results in the error case:
function getFriends() {
FB.api('/me/friends', function(response) {
if(response.data) {
$.each(response.data,function(index,friend) {
alert(friend.name + ' has id:' + friend.id);
});
} else {
alert("Error!");
}
});
and my login-button and init code:
<fb:login-button autologoutlink="true" perms="status_update,publish_stream,user_events,friends_events"></fb:login-button>
<script language="javascript" type="text/javascript">
FB.init({
appId: 'myappid',
status: true,
cookie: true,
xfbml: true
});
Thanks in advance.
no you don't have to pass access_token .... maybe it is just a copy paste typo, but you miss a closing bracket in your code
Related
We plan to use keycloak to secure a bunch of web apps, some written in Java, some in JavaScript (with React).
After the user is logged in by keycloak, each of those web apps needs to retrieve the user that is logged in and the realm/client roles that the user has.
For Java apps, we tried the keycloak Java API (request -> KeycloakSecurityContext -> getIdToken -> getPreferredUsername/getOtherClaims). They seem to work fine
For JavaScript apps, we tried the following code, but could not get Keycloak to init successfully (Note this is in web app code after the user is already authenticated by keycloak, the app is only trying to retrieve who logged in with what roles):
var kc = Keycloak({
url: 'https://135.112.123.194:8666/auth',
realm: 'oneRealm',
clientId: 'main'
});
//this does not work as it can't find the keycloak.json file under WEB-INF
//var kc = Keycloak('./keycloak.json');
kc.init().success(function () {
console.log("kc.idToken.preferred_username: " + kc.idToken.preferred_username);
alert(JSON.stringify(kc.tokenParsed));
var authenticatedUser = kc.idTokenParsed.name;
console.log(authenticatedUser);
}).error(function () {
window.location.reload();
});
I assume it would be fairly common that web apps need to retrieve current user info. Anyone knows why the above code didn't work?
Thanks.
<script src="http://localhost:8080/auth/js/keycloak.js" type="text/javascript"></script>
<script type="text/javascript">
const keycloak = Keycloak({
"realm": "yourRealm",
"auth-server-url": "http://localhost:8080/auth",
"ssl-required": "external",
"resource": "yourRealm/keep it default",
"public-client": true,
"confidential-port": 0,
"url": 'http://localhost:8080/auth',
"clientId": 'yourClientId',
"enable-cors": true
});
const loadData = () => {
console.log(keycloak.subject);
if (keycloak.idToken) {
document.location.href = "?user="+keycloak.idTokenParsed.preferred_username;
console.log('IDToken');
console.log(keycloak.idTokenParsed.preferred_username);
console.log(keycloak.idTokenParsed.email);
console.log(keycloak.idTokenParsed.name);
console.log(keycloak.idTokenParsed.given_name);
console.log(keycloak.idTokenParsed.family_name);
} else {
keycloak.loadUserProfile(function() {
console.log('Account Service');
console.log(keycloak.profile.username);
console.log(keycloak.profile.email);
console.log(keycloak.profile.firstName + ' ' + keycloak.profile.lastName);
console.log(keycloak.profile.firstName);
console.log(keycloak.profile.lastName);
}, function() {
console.log('Failed to retrieve user details. Please enable claims or account role');
});
}
};
const loadFailure = () => {
console.log('Failed to load data. Check console log');
};
const reloadData = () => {
keycloak.updateToken(10)
.success(loadData)
.error(() => {
console.log('Failed to load data. User is logged out.');
});
}
keycloak.init({ onLoad: 'login-required' }).success(reloadData);
</script>
simple javascript client authentication no frameworks.
for people who are still looking...
Your code asks the Keycloak client library to initialize, but it doesn't perform a login of the user or a check if the user is already logged in.
Please see the manual for details: http://www.keycloak.org/docs/latest/securing_apps/index.html#_javascript_adapter
What your probably want to do:
Add check-sso to the init to check if the user is logged in and to retrieve the credentials keycloak.init({ onLoad: 'check-sso' ... }). You might even use login-required.
Make sure that you register a separate client for the front-end. While the Java backend client is of type confidential (or bearer only), the JavaScript client is of type public.
You find a very minimal example here: https://github.com/ahus1/keycloak-dropwizard-integration/blob/master/keycloak-dropwizard-bearer/src/main/resources/assets/ajax/app.js
Alternatively you can register a callback for onAuthSuccess to be notified once the user information has been retrieved.
Once you use Keycloak in the front-end, you will soon want to look in bearer tokens when calling REST resources in the backend.
You might have solved the problem by this time. I hope this answer help rest of the people in trouble.
when you use JavaScript Adopter
Below javascript should be added in of html page.
<script src="http://localhost:8080/auth/js/keycloak.js"></script>
<script>
/* If the keycloak.json file is in a different location you can specify it:
Try adding file to application first, if you fail try the another method mentioned below. Both works perfectly.
var keycloak = Keycloak('http://localhost:8080/myapp/keycloak.json'); */
/* Else you can declare constructor manually */
var keycloak = Keycloak({
url: 'http://localhost:8080/auth',
realm: 'Internal_Projects',
clientId: 'payments'
});
keycloak.init({ onLoad: 'login-required' }).then(function(authenticated) {
alert(authenticated ? 'authenticated' : 'not authenticated');
}).catch(function() {
alert('failed to initialize');
});
function logout() {
//
keycloak.logout('http://auth-server/auth/realms/Internal_Projects/protocol/openid-connect/logout?redirect_uri=encodedRedirectUri')
//alert("Logged Out");
}
</script>
https://www.keycloak.org/docs/latest/securing_apps/index.html#_javascript_adapter Reference Link.
Note : Read the comments for 2 methods of adding json credentials.
I am using login using facebook in my website,
Here is the button
<fb:login-button scope="public_profile,email" onlogin="checkLoginState();">
</fb:login-button>
I am using the exact example given here
But after the check login status, i am getting the response with only the userid of facebook and token, but i want to get the username too.. How can i get that ?
Help pls
Here is the script
window.fbAsyncInit = function () {
FB.init({
appId: 'xxxx',
cookie: true, // enable cookies to allow the server to access
// the session
xfbml: true, // parse social plugins on this page
version: 'v2.2' // use version 2.2
});
FB.getLoginStatus(function (response) {
console.log(response);
console.log(response.email);
//here status is connected
//statusChangeCallback(response);
});
};
In the resopnse, i am getting the entire json,
In the response.status i am getting as connected
But while i try response.email i am getting undefined
How can i get the email or username ?
EDITED to show what actually fixed it for me:
So it does appear to depend on what version of the API your config is set to allow. BUT, I was able to get the email address on a v2.5 api by using the following:
If you are using the Hello World code, then replace this section:
FB.api('/me', function (response) {
console.log('Success ');
console.log(response);
});
With this:
FB.api('/me', { fields: 'email' }, function (response) {
console.log('Success ');
console.log(response);
});
The difference is adding the { fields: 'email' } object to the call. This appears to have been a new addition in either v2.4 or v2.5 of the API which is why older code you see on SO appears to work for the poster but not for you. Hope this helps.
I'm not sure this qualifies as a solution, but I was able to reproduce this issue (no email returned after a valid request).
I have two apps, each created under a different FB account. The first one was created more than a year ago and the second one was created today. I have code that runs perfectly against the older app (returns email) and fails against the newer app (no email).
At first I thought maybe FB just holds back on certain data for brand new apps but I thought it was odd that it wouldnt be documented anywhere.
So I decided to compare each app configuration side by side. I found that the older one had API VERSION (at the top of the dashboard) set to 2.0 and the newer was 2.5. The Hello World code on the API SDK page requests version 2.2 like so:
window.fbAsyncInit = function () {
FB.init({
appId: [my app id here],
cookie: true, // enable cookies to allow the server to access
// the session
xfbml: true, // parse social plugins on this page
version: 'v2.2'
})
};
According to the documentation, the fact that the newer app has API set to 2.5 in the config means that any requests for an older API (eg 2.2) will be automatically upgraded to 2.5. When I set the javascript above to request 2.5 (eg version: 'v2.5'), I was able to get the older app to fail too. So I suspect the issue is with the newer v2.5 api.
I have not been able to find out how to set my new app to accept older api calls but will update here if I do.
When a user logs out of my site, unless they also log out of their Facebook account, they remain logged in to my site.
I'd like to comply with point 6 of this policy, so how can I log my users out of my site and out of their Facebook accounts for security https://developers.facebook.com/policy/
I have the following code bound to my login button and it's not working - the user is still logged in to FB after clicking. My console shows that the var accessToken is not defined but I'm not sure why. I'm sure I'm doing something fundamentally wrong, would really appreciate some help!
<script src="http://connect.facebook.net/en_US/all.js"></script>
<script type="text/javascript">
$(document).ready(function(){
$(".logout").click(function () {
FB.init({appId : <?php echo $this->config->item('facebook_appid');?>,
status : true,
cookie : true,
oauth : true,
frictionlessRequests: true});
FB.login(function(response) {
if (response.authResponse) {
console.log(response.authResponse.accessToken);
var accessToken = response.authResponse.accessToken;
}
});
window.location.replace("https://www.facebook.com/logout.php?confirm=1&next=http://www.mysite.com&access_token="+accessToken+"");
});
});
</script>
<div id="fb-root"></div>
To log out of Facebook, you need to use the FB.logout() method.
If you have already called the FB.init() and the FB.login() methods, you don't need to call these again in your click function.
I am new to facebook app development. I am trying to get access token from the facebook. For that, I am trying to check my login status using the following code
<html>
<body>
<fb:login-button></fb:login-button>
<div id="fb-root"></div>
<script src="http://connect.facebook.net/en_US/all.js"></script>
<script type="text/javascript">
window.fbAsyncInit = function() {
FB.init({appId: 'appId', status: true, cookie: true, xfbml: true});
alert('page 1');
FB.getLoginStatus(function(response) {
if (response.status === 'connected') {
alert('Page 2');
// connected
} else if (response.status === 'not_authorized') {
// not_authorized
} else {
// not_logged_in
}
});
}
</script>
</body>
</html>
When i executes the above code, it shows a login button where i can login sucessfully. I can get 'Page 1' alert but I cannot get 'Page 2' alert. I dont know what's wrong with this code.
Thanks.
Check if you have enabled Sanbox mode in your application. If yes, and if you're not currently logged in as a user that has admin or developer role for this application, this will happen. Try if it'll work after disabling Sandbox for a while. Check answer to this question - https://stackoverflow.com/a/8485361/1816426
Of course I'm assuming, that appId: 'appId' part is an example only and you have correct application ID in your code taken from application's settings.
A few tips to get you going:
1) Check if your appID is valid (I'm hoping you didn't literally write appId, and have actually inserted an appID which you registered)
FB.init({appId: 'appId', status: true, cookie: true, xfbml: true});
2) try looking at the actual response by doing:
alert(response);
*The details of the response are stated here: https://developers.facebook.com/docs/reference/javascript/FB.getLoginStatus/
But my guess is that your application isn't registered correctly, or that you haven't inserted a correct appID in your appID field. That is usually the case.
EDIT: It turns out I am not very intelligent. I should have checked first thing if my partner changed the settings of the FB app... which he did. I think he actually mentioned it to me as well. Ah, the importance of communication. Sorry to the people who answered my question.
Here's the code I have. The following will print out the BALH and the BALefefH but not "response". There's no error on the console.
$(document).ready(function(){
console.log("BALH");
var myID;
var access_token;
FB.init({
appId : NUMBER,
status : true,
cookie : true,
xfbml : true,
});
console.log("BALefefH");
FB.getLoginStatus(function(response) {
console.log("response");
if(!response.session) {
FB.login(function(response) {
myId = response.session.uid;
access_token = response.session.access_token;
beginStuff(myId, access_token);
if (!response.session) {
console.log('User cancelled login or did not fully authorize.');
}
});
}
else if(response.session) {
myId = response.session.uid;
access_token = response.session.access_token;
beginStuff(myId, access_token);
}
});
});
Are you loading the sdk asynchronously? If you are loading it asynchronously, you should put all calls to FB within a window.fbAsyncInit function. This is called once the sdk has finished loading and will ensure that FB is defined.
Also make sure if you aren't loading asynchronously that you are loading it before this script runs. So if you are including both the fb js sdk and your snippet above, make sure the fb js sdk is first.