I've followed this tutorial: https://developers.facebook.com/docs/opengraph/tutorial/ multiple times and always get the same result.
I always get this error: (#15) This method must be called with an app access_token. I tried adding the app access_token and I got another error that was saying something like that I can only query for information and not make posts. (I checked in the privacy settings and the app is allowed to post to timeline.) I did make the objects and found nothing wrong when using the facebook debug tool.
I also read this part:
Why am I getting "This method must be called with an app access_token"
error when publishing an action?
Uncheck the "Require app access token to write" checkbox on the
configuration page (hidden under the Advanced section) for your Open
Graph action type in the Developer App.
I couldn't find this in app config and I have a feeling that this is old. The code I'm using to make the post is exactly the same as the tutorial:
function postCook()
{
FB.api(
'/me/[YOUR_APP_NAMESPACE]:cook?recipe=http://fbwerks.com:8000/zhen/cookie.html',
'post',
function(response) {
if (!response || response.error) {
alert('Error occured');
} else {
alert('Cook was successful! Action ID: ' + response.id);
}
});
}
[I did make the appropriate changes of course :)] Any help would be greatly appreciated.
I think the me here assumes that you are already authenticated. If you are not, you will have to substitute the me with the the fb id of whoever user's timeline you are posting to. That user has to be authenticated in your app. and you have to use the app's access token. So the curl url would look like:
curl -d "access_token=<app_access_token>" -d "badge=<object_url.(this has to be publicly accessible)>" https://graph.facebook.com/<authenticated_user_fb_id>/<app_namespace>:<action>
Related
I have a simple application that I'm hosting on bluemix.
I have set up a Single Sign On service for my application and paired it with facebook. I can successfully log in using the SSO service from bluemix and then I want to check that status of my login (I am logged in or not).
function CheckStatus(){
console.log("I'm trying to check the status");
FB.getLoginStatus(function(response) {
console.log("Here is the status response:");
console.log(response.status);
});
}
I trigger this piece of code with a simple button defined before. Whenever I click the code I get the following error:
Given URL is not permitted by the application configuration.: One or more of the given URLs is not allowed by the App's settings. It
must match the Website URL or Canvas URL, or the domain must be a
subdomain of one of the App's domains.
I had a look at a number of posts on stackoverflow about this and none of them seem to work. My understanding is that there is something wrong with the configuration of my application but I can't figure out what.
Below is my configuration:
And this is the url my application is trying to reach when I try to get my login status:
https://www.facebook.com/connect/ping?client_id=913147408730179&domain=fncsecuritydemo.mybluemix.net&origin=1&redirect_uri=http%3A%2F%2Fstatic.ak.facebook.com%2Fconnect%2Fxd_arbiter%2FrFG58m7xAig.js%3Fversion%3D41%23cb%3Df29b5c6b3%26domain%3Dfncsecuritydemo.mybluemix.net%26origin%3Dhttp%253A%252F%252Ffncsecuritydemo.mybluemix.net%252Ff21657f8dc%26relation%3Dparent&response_type=token%2Csigned_request%2Ccode&sdk=joey
I am out of ideas about what I should be trying next. Any help is very much apreaciated. Let me know if you need more info.
The answer for this error lies in the Valid OAuth redirect URIs that fall under the Advanced tab from settings.
While setting up the application profile on facebook I have set the Valid OAuth redirect URIs to an URL generated by bluemix.
In order to received response on my application I had to add my app url in there as well. Rookie mistake.
I am building a web app integrating with Facebook. I have on Facebook an app id and app secret already.
I'd like to use javascript to retrieve my app's access token to make further app-to-user app requests. I'm following the instructions here
However, I could not make my FB.api call working. I tried
FB.api('https://graph.facebook.com/oauth/access_token','get',
{client_id:'XXXXX', client_secret:'XXXXX',grant_type:'client_credentials'},
function(response) {
alert(JSON.stringify(response));
});
and
FB.api("/oauth/access_token?client_id=XXXXXX" +
"&client_secret=XXXXXXXX&grant_type=client_credentials",
function(response) {
alert(JSON.stringify(response));
});
but only to get {"error":{"type":"http","message":"unknown error"}}
Do I use FB.api incorrectly? At this time, I could not find further documentation showing what I did wrong.
On the other hand, I can manually request it from my browser with the url like:
https://graph.facebook.com/oauth/access_token?client_id=XXXXX&client_secret=XXXXXX&grant_type=client_credentials
So, what is missing in my code? Thanks a lot for your help.
you dont need to expose your app secret.
Instead you can use the app token directly in your calls (App token does not expire until you reset the secret key).
Facebook Documentation Reference link access tokens and types
Have Fun!!!
Regards,
hbk
Is it possible to make a Facebook wall post using the FB.ui but without showing the pop up dialog box to the user ?
No, not with FB.ui. To post directly to the users wall without a dialogue you would have to use FB.api. To do this the user will have to be logged in and have granted your app the publish_stream permission. The code example from the documentation:
var body = 'Reading JS SDK documentation';
FB.api('/me/feed', 'post', { message: body }, function(response) {
if (!response || response.error) {
alert('Error occured');
} else {
alert('Post ID: ' + response.id);
}
});
Be aware though that Facebook dislikes direct wall posting, and unless the content you are posting is a direct result of the user's interaction with the flow of your app, you run the risk of being flagged as spam and having your app suspended. From the platform policy (section IV):
.2. You must not pre-fill any of the fields associated with the following products, unless the user manually generated the content earlier in the workflow: Stream stories (user_message parameter for Facebook.streamPublish and FB.Connect.streamPublish, and message parameter for stream.publish), Photos (caption), Videos (description), Notes (title and content), Links (comment), and Jabber/XMPP.
.3. If a user grants you a publishing permission, you must still obtain consent from the user before taking any action on the user's behalf, such as publishing content or creating an event.
From personal experience, Facebook will insist on your app notifying the user in some way before taking any publish action. This won't stop you putting an app live that contravenes their policies, but if their app monitoring team pick up on it they can and will suspend the app until you make the required changes.
Try the graph api? Here's the relevant section:
You can publish to the Facebook graph by issuing HTTP POST requests to the appropriate connection URLs, using an access token. For example, you can post a new wall post on Arjun's wall by issuing a POST request to https://graph.facebook.com/arjun/feed:
curl -F 'access_token=...' \
-F 'message=Hello, Arjun. I like this new API.' \
https://graph.facebook.com/arjun/feed
Obviously, this isn't the JavaScript API, but it does the trick. I don't think it can be done without the popup directly through the JavaScript API.
I am trying to add a couple to test users to an app I'm developing using google app engine and the javascript sdk. Following this link:, I tried this code:
FB.api ('/app_id/accounts/test-users', 'post', {installed:'true', permissions:'read_stream'}, function (response) {
alert (response.id);
});
(app_id was changed to the App ID as obtained in http://www.facebook.com/developers/apps.php)
But I get a popup "undefined". What is wrong with this code? I could not find any example for the javascript sdk.
As per the same facebook help page, response is supposed to be:
{
"id": "1231....",
"access_token":"1223134..." ,
"login_url":"https://www.facebook.com/platform/test_account.."
}
BTW, if I log in as myself,
FB.api('/me', function(user) {
welcomeMsg (user);
});
works just fine, so it's not a problem with app activation.
I don't think it's possible to perform this type of task using the Javascript SDK, which is intended to make calls on behalf of a user, not an app. For this type of call, it's necessary to authenticate as the app, and for that you need the app OAuth token and secret, which aren't available via Javascript (nor should they be, for security reasons). So the best solution here is to make this call serverside. To do so, you should follow the "App Login" instructions here to get an app access token, and then pass that token in to the /app_id/accounts/test-users API call (as the "access_token" param)
I have just used the javascript sdk to publish to the wall when the user is online.
I am starting to like it. Now I want to post to wall when user is offline. I already have extended permissions from the user.
How can I post to user's wall when user is offline using javascript sdk.
here is my code:
function Publish(body){
FB.api('/me/feed', 'post', { message: body }, function(response) {
if (!response || response.error) {
alert('Error occured');
} else {
alert('Post ID: ' + response.id);
}
});
}
I appreciate any help.
Thanks.
That's only possible when user permits you. In other words, you need offline_access extended permission from user and only after that you can do that.
I'm not 100% sure of this, but I don't believe you can accomplish this with only the JavaScript API.
Just getting the user to accept the permissions isn't enough - that doesn't make all your API calls "automagically" work. As mentioned in item #3 here, you are given an access_token that is to be used in future API calls on behalf of the user.
And so enters the problem with the offline_access permission. If using JavaScript only - where are you going to store the access token that grants offline access so that you may use it when the user is not at their computer?
If even you figured out how to store it and retrieve it for later use, I'm not sure if you can even use the JavaScript SDK to make API calls for a non-session user.
From my understanding, you only need 'publish_stream' permission - please check Do I need “offline_access” permission if I request publish_stream?