Develop Reference

Facebook Graph API v2.0 retrieve friends with something in common

I am building an app that is intended to work as a directory of people who work for the same org, we all have Facebook in common so it seemed easy to make this to get us together. I have a question though, how can I get their info for testing before actually deploying the app? I was reading on Facebook Graph Api v2.0+ - /me/friends returns empty, or only friends who also use my app and noticed that it's not allowed easily or at all. Am I wrong?
Right now I have:
function getFriends() {
FB.api('/me/friends', function(response) {
console.log('Friends response', response);
if(response.data) {
$.each(response.data,function(index,friend) {
alert(friend.name + ' has id:' + friend.id);
});
} else {
console("Error!");
}
});
}
but I get the empty Array, is there anything I could do?

You have to ask for the user_friends permission.
This permission grants the app permission to read a list of this person's friends who also use your app. If any of this person's friends have chosen not to share their list of friends with your app, they will not show up in the list of friends for this person. Both people must have enable the user_friends permission enabled for a friend to show up in either friend list.

How get Facebook token using Oauth2 with chrome.identity

I'm using chrome.identity in a packaged app to get a user token using Facebook. I call chrome.identity.launchWebAuthFlow, and I need to take the access token, send it to the server, and then access token is used to verify the user.
Works great with Google+. But for some reason, it doesn't work for Facebook. For some reason, Facebook's OAuth appears to be special. I've added the extensionid.chromiumapp.org to the list of redirect URLs in the API. Added
"https://extensionid.chromiumapp.org/*",
"https://facebook.com/*",
"https://www.facebook.com/dialog/",
"https://graph.facebook.com/*"
to manifest.json. But nothing changed.
In calling chrome.identity.launchWebAuthFlow I use URL like this
"https://www.facebook.com/dialog/oauth/access_token?" +
"client_id=myclientid&client_secret=myclientsecret&" +
"response_type=token&grant_type=client_credentials"
When I try to invoke it, I get the following error message:
«launchWebAuthFlow completed Object {message: "Authorization page could not be loaded."} »
And when I use URL like
«"https://www.facebook.com/dialog/oauth?client_id=myclientid&redirect_uri=https://myextensionid.chromiumapp.org/facebook.com=token&scope=user"»
I get the next error:
«launchWebAuthFlow completed Object {message: "User interaction required."} undefined »
I try to get facebook token in 4 days. I am tired. What I do wrong?
Why chrome.identity.getAuthToken work great for Google+ and chrome.identity.launchWebAuthFlow dont with Facebook?
I hope someone have done the same things and can help me.

I have solved the problem. Here is an example https://github.com/blackgirl/Facebook_Oauth2_sample_for_extensions

The "User interaction required." message means that the user needs to sign in to Facebook, and/or approve the requested OAuth scopes. The setting the { interactive: true } flag would allow identity.launchWebAuthFlow to display a window where the user would perform these steps. Since you are passing the { interactive: false } flag, identity.lauchWebAuthFlow fails.
https://www.facebook.com/dialog/oauth is most likely the URL you want to use to start your flow. The client_credentials grants are normally for cases where you are accessing resources owned by your app, rather than resources owned by a specific user.
However if you did want to debug that "Authorization page could not be loaded" case, the way to do it would be to open up chrome://net-internals and look for error responses coming back from Facebook.

chrome.identity.launchWebAuthFlow(
{'url': 'https://www.facebook.com/dialog/oauth?client_id=myclientid&redirect_uri=https://myextensionid.chromiumapp.org/facebook.com=token&scope=user, 'interactive': true},
function(redirect_url) {
/* Extract token from redirect_url */
console.log(redirect_url);
});
//'interactive': true
what will this flag do, will show a dialog box asking username and password
upon successful login it will ask for grant access just press that and
you will receive redirect url in above function body.

How to get twitter oAuth token of a logged in user

I'm trying to set up a javascript function to post a status to a twitter account using POST statuses/update, details here: https://dev.twitter.com/docs/api/1/post/statuses/update. The goal is a Twitter post similar to the open graph actions on Facebook.
I'm using jQuery ajax to make the post request, here's what I have so far:
$.ajax
({
type: "POST",
url: "https://api.twitter.com/1/statuses/update.json",
headers: jsonData,
data: {},
dataType: "jsonp",
success: function( data )
{
}
});
I believe that I need to generate a header something like this for security:
Authorization: OAuth oauth_consumer_key=consumerKey, oauth_nonce=nonce,
oauth_signature=signature, oauth_signature_method="HMAC-SHA1",
oauth_timestamp=timestamp, oauth_token=userToken, oauth_version="1.0"
I have the consumer key for my app, I can generate a nonce, I'm generating the signature and timestamp using the methods from this question Twitter OAuth authentication in javascript. The only thing I have left is th oauth_token, which I believe is the token of the user whose feed I wish to post to. Please correct me if I'm wrong about that.
The problem is, I have absolutely no idea how to get this token from the user in order to post to their feed. I've spent the last 2 hours running around in circles through Twitter's oAuth documention without finding anything that looked useful; everything I've found was either flowcharts with no code examples or predicated on my code already having the user's oAuth token.
My question is this: how can I get the logged in user's oAuth token using javascript?
If that is not possible, I have another page where I am currently storing the user's twitter id in the database with their permission, getting their token and databasing it in PHP would also be satisfactory, assuming it doesn't change very frequently.

In order to obtain the oauth_token you need to follow the authentication process. Your application needs to be authorized to act on the behalf of the user.
I would recomend to take some time first and learn how OAuth exactly works (there is a lot of information available) and then implement it in your app. (http://hueniverse.com/oauth/)
You could also benefit from a library which will make your life easier. (in your case, look at: https://dev.twitter.com/docs/twitter-libraries#php).
Hope this has been useful.

Here is example for get twitter oauth token and post tweet in twitter .
Code sample is in php .
http://www.phpgang.com/how-to-post-tweet-on-twitter-with-php_414.html
1) to obtain the oauth token you need to follow the authentication process.
2) and your application needs to be authorized to act on the behalf of the user.
you can also see this twitter example for better understanding how it works
In this use can see the process of authorized user and post and get json result.
https://dev.twitter.com/rest/tools/console
I hope this will help you.
thanks

Facebook Open Graph Object Post to Timeline

I've followed this tutorial: https://developers.facebook.com/docs/opengraph/tutorial/ multiple times and always get the same result.
I always get this error: (#15) This method must be called with an app access_token. I tried adding the app access_token and I got another error that was saying something like that I can only query for information and not make posts. (I checked in the privacy settings and the app is allowed to post to timeline.) I did make the objects and found nothing wrong when using the facebook debug tool.
I also read this part:
Why am I getting "This method must be called with an app access_token"
error when publishing an action?
Uncheck the "Require app access token to write" checkbox on the
configuration page (hidden under the Advanced section) for your Open
Graph action type in the Developer App.
I couldn't find this in app config and I have a feeling that this is old. The code I'm using to make the post is exactly the same as the tutorial:
function postCook()
{
FB.api(
'/me/[YOUR_APP_NAMESPACE]:cook?recipe=http://fbwerks.com:8000/zhen/cookie.html',
'post',
function(response) {
if (!response || response.error) {
alert('Error occured');
} else {
alert('Cook was successful! Action ID: ' + response.id);
}
});
}
[I did make the appropriate changes of course :)] Any help would be greatly appreciated.

I think the me here assumes that you are already authenticated. If you are not, you will have to substitute the me with the the fb id of whoever user's timeline you are posting to. That user has to be authenticated in your app. and you have to use the app's access token. So the curl url would look like:
curl -d "access_token=<app_access_token>" -d "badge=<object_url.(this has to be publicly accessible)>" https://graph.facebook.com/<authenticated_user_fb_id>/<app_namespace>:<action>

Facebook Javascript SDK

Is it possible to make a Facebook wall post using the FB.ui but without showing the pop up dialog box to the user ?

No, not with FB.ui. To post directly to the users wall without a dialogue you would have to use FB.api. To do this the user will have to be logged in and have granted your app the publish_stream permission. The code example from the documentation:
var body = 'Reading JS SDK documentation';
FB.api('/me/feed', 'post', { message: body }, function(response) {
if (!response || response.error) {
alert('Error occured');
} else {
alert('Post ID: ' + response.id);
}
});
Be aware though that Facebook dislikes direct wall posting, and unless the content you are posting is a direct result of the user's interaction with the flow of your app, you run the risk of being flagged as spam and having your app suspended. From the platform policy (section IV):
.2. You must not pre-fill any of the fields associated with the following products, unless the user manually generated the content earlier in the workflow: Stream stories (user_message parameter for Facebook.streamPublish and FB.Connect.streamPublish, and message parameter for stream.publish), Photos (caption), Videos (description), Notes (title and content), Links (comment), and Jabber/XMPP.
.3. If a user grants you a publishing permission, you must still obtain consent from the user before taking any action on the user's behalf, such as publishing content or creating an event.
From personal experience, Facebook will insist on your app notifying the user in some way before taking any publish action. This won't stop you putting an app live that contravenes their policies, but if their app monitoring team pick up on it they can and will suspend the app until you make the required changes.

Try the graph api? Here's the relevant section:
You can publish to the Facebook graph by issuing HTTP POST requests to the appropriate connection URLs, using an access token. For example, you can post a new wall post on Arjun's wall by issuing a POST request to https://graph.facebook.com/arjun/feed:
curl -F 'access_token=...' \
-F 'message=Hello, Arjun. I like this new API.' \
https://graph.facebook.com/arjun/feed
Obviously, this isn't the JavaScript API, but it does the trick. I don't think it can be done without the popup directly through the JavaScript API.