Facebook authentication - javascript

I have an application which displays canvas page, even though the user clicks "Dont allow" button in a request dialog. Here is my issue:
Load the page http://174.123.24.242/fb_leagle/fbhome.aspx
Login my application through facebook login page of my application.
Click on "Dont Allow" button in a request permission dialog.
In issue #3, if he clicks "Dont Allow" button it will also display the canvas page, and when I click the "BACK BUTTON" of the browser the next dialog appears. Actually I need to skip the canvas page from displaying when user clicks "Don't Allow" button and redirects to the next dialog.
This is my login URL of my application: pls review it and guide me where i need to change it.
Blockquote
**https://www.facebook.com/login.php?api_key=************&skip_api_login=1&display=page&cancel_url=https%3A%2F%2Fapps.facebook.com%2Fleaglecases%2F%3Ferror_reason%3Duser_denied%26error%3Daccess_denied%26error_description%3DThe%2Buser%2Bdenied%2Byour%2Brequest.&next=http%3A%2F%2Fwww.facebook.com%2Fdialog%2Fpermissions.request%3F_path%3Dpermissions.request%26app_id%3D***************%26redirect_uri%3Dhttp%253A%252F%252Fapps.facebook.com%252Fleaglecases%252F%26display%3Dpage%26response_type%3Dcode%26canvas%3D1%26perms%3Dpublish_stream%252Cemail%26from_login%3D1&rcount=1**
pretty format of this url:
https://www.facebook.com/login.php?api_key=************
skip_api_login=1
display=page
cancel_url=https%3A%2F%2Fapps.facebook.com%2Fleaglecases%2F%3Ferror_reason%3Duser_denied%26error%3Daccess_denied%26error_description%3DThe%2Buser%2Bdenied%2Byour%2Brequest.
next=http%3A%2F%2Fwww.facebook.com%2Fdialog%2Fpermissions.request%3F_path%3Dpermissions.request%26app_id%3D***************%26redirect_uri%3Dhttp%253A%252F%252Fapps.facebook.com%252Fleaglecases%252F%26display%3Dpage%26response_type%3Dcode%26canvas%3D1%26perms%3Dpublish_stream%252Cemail%26from_login%3D1
rcount=1

According to the OAuth Dialog Documentation, the user will be redirected to the original app-page.
If the user clicks "Don't Allow", the browser will redirect to
http://www.example.com/response?error=access_denied&
error_description=The+user+denied+your+request.
I suggest you use the $_GET['error'] variable to recognize users that denied the request!
The different errors can be found here

Related

How to make a link so that clicking it fires a GET but do not open up a window

In my current implementetion of two-factor auth, I'm sending a SMS to the user with a link. When the link is clicked, the login proceedes on the users machine.
However, on the phone the browser will open up a empty page (since I'm currently returning 204 from the webserver for the link clicked in the SMS.
What I would like to happen is that when the user clicks the link in the SMS, the broser is not opened at all. It should just send the GET request, and the user will not have to close the browser window on his phone.
If that is not possible, is it possible to make the window that get's opened to autoclose imediately?
The browser has to open to make the request. There's nothing you can do about this.
However, if you control the content from the web server, you can attempt a window.close() on-load. Realistically, you'll probably get blocked on this and should also have a fallback content that says something like, "logged in, please close this window". (You can probably call window.close() on a button click.)

How can I skip the 'Sign in with Google' button?

I'd like users of my website to be able to sign in with their Google accounts and following the basic instructions here I've been able to do so.
However, this relies on having a 'Sign in with Google' button somewhere for the user to click. How can I bypass this button so that the Google login window automatically pops open?
I have tried finding the div of the button and using .click() but this gets blocked by any browser's popup blocker.

LinkedIn Follow Button Requires External Login on Website

What is the precise behavior that should be expected of the Follow Company button (https://developer.linkedin.com/plugins/follow-company) provided by LinkedIn?
If a user is already logged into LinkedIn, nothing appears to happen when the user clicks the FOLLOW button. Clicking the button WILL
cause them to follow that company, but the user must manually navigate to the company's LinkedIn page to confirm this.
If the user is NOT logged in to LinkedIn, clicking the FOLLOW button prompts a login in a popup window, but submitting credentials does NOT change the users FOLLOW status with the company, nor does it take the user to the company's LinkedIn page. Other than logging the user in, there is no effect.
Is this behavior what's to be expected of the LinkedIn FOLLOW button? Has anyone managed to have the button require login and then have it follow the company in one process?

How facebook/twitter share buttons avoid being blocked by popup blockers?

When a user which is not logged in to Facebook or Twitter, clicks the like/tweet button, a popup comes up asking the user to log in. This popup is not blocked by popup blockers of any kind. in IE for example, it opens up but anyway IE state a warning to the user. The bottom line is that all buttons probably use the same method.
I have a button that people click on it and it should open a similar screen, but it always gets blocked.
The button (in JS) works pretty much like FB like button. It checks if the user is logged in. If he does, then send the "like" to the servers. If he does not, then the login popup appears (and gets blocked).
So, it is a initiated by a user although not fully direct outcome, since we need to check if he logged in or not.
What is best method to do that?
The Popup Is activated by a click using the like, tweet button and they actually show only 1 popup. If you want, you can try by using only a single popup based on click for your website and you will definitely be able to understand this.

Getting Facebook Authentication Dialog to redirect to the original browser window running my application

I'm really new to the Facebook API and am having trouble getting the Facebook authentication dialog to redirect to the original browser window of my application. Here's the current process via client-side flow:
User is logged into my application (Ruby on Rails Application with Javascript/Jquery scripting).
User clicks on button in my application to log into his/her Facebook account.
The Facebook Authentication Dialog pops up in a 2nd window, asking user to log in.
User logs into Facebook
The Facebook Authentication Dialog asks the user if he/she wants to grant my application permission.
User clicks ok to share profile information.
The Facebook Authentication Dialog redirects the 2nd window to also open an instance of my application with the access token in the URL.
My questions are the following:
How can I get Facebook Authentication Dialog window to close after the user successfully logs into his/her Facebook account?
How can I gain access to the Facebook Access token after closing the second window?
The best way to illustrate what I'm ultimately trying to do is when somebody is signing into ESPN's site (1st window). Notice, that a modal window (2nd window) opens where you can click "sign in" (upper right corner) on ESPN's site. In this modal window, you can sign in with your Facebook account. Clicking on the "Sign in with Facebook Account" link will open a 3rd window which will take you through the Facebook Authentication process. When finished with signing into Facebook, the 3rd window will close and the modal window is updated based on the status of the 3rd window that closed.
How can I get the Facebook Authentication Dialog window to close and redirect to a preceding window?
Thanks!
Here is what I did in a similar situation. For the facebook dialog, have it redirect to a page on your site then simply grabs the access token and whatever other data you need. (In my case I just sessionized some of the user info). In the output of that page, include some javascript in your document.ready that will close this second window, and redirect to whatever page you want in the first window. It looks somthing like this.
window.opener.location.href = '/redirect_url_for_first_window'; //set url of the main window
window.close(); //close the popup
You can use window.opener in a popup window to refer to the window it came from. You can even have your popup window access variables and call functions of the main window as well.
Hope this helps!

Categories

Resources