I am working on my first wordpress plugin and posting to facebook. I have been looking for the last few days for ways to authenticate with facebook. I have found numerous sites that use the method of having the user create an App and then input the AppID and App Secret. However, I have used plugins before that use Oauth (I think) as it opens a pop up and the user basically logs into facebook and then says this app (your wordpress site) wants to control things.
Does anyone know of any resources for authenticating with Facebook without the user having to go through the trouble of creating apps?
Examples I have found but they require APPid and App Secrets.
http://www.sanwebe.com/2012/02/post-to-facebook-page-wall-using-php-graph http://www.pontikis.net/blog/auto_post_on_facebook_with_php
My anticipation is that they set up a website and create a single app for that. Then the plugin calls that website, gets the access token, and sends it back?
The wordpress documentation is quite confusing to me.
Creating an app takes about 5min, so I don't really see an obstacle here.
IMHO there's no other way than either
Using an app with FB Login to obtain the permission to post on a user's/page's behalf, or,
Getting an access token via the Graph Explorer and use this for your plugin
Please be aware that user access tokens expire after max. 60 days.
Related
I have a wordpress website and an android WebView app to access that website. On the app somehow, I have integrated firebase Authentication for Facebook and Google . And, as for the wordpress website it has its own Authentication system so, what I want to achieve is when a user registers through the app using firebase Auth system the user should also be registered on the wordpress Authentication database so that they can access or login into the wordpress website and access it. Is there a way to achieve this? Or if not, what would be the best way to let user register to the website using the app. I think I am missing something here because of my very little knowledge. But, I would be happy if someone could point me a way on how to achieve something as this. Thank you in advance.
By the time the user register through firbase Auth system and get the response, your app should send the registerred user info to the register api offerred by wordpress to register this user in wordpress system. You also need to look into the implementation of wordpress function wp_set_auth_cookie to mock the login cookie for clients, the cookie value may be part of your wordpress register api's response. After getting the cookie value, android need to manipulate the cookie and save the cookie to webview in order to auto login to wordpress admin backend system.
There is a plugin that helps Firebase users to log in to the WordPress site. Here is the official documentation: https://firebase-wordpress-docs.readthedocs.io/en/latest/auth/wordpress-user-integration.html
Basically what it does is when you log in through FirebaseUI Web, it will create a user in WordPress and log you into WordPress dashboard.
I'm working on a custom wordpress plugin for my site. I have multiple accounts so I'll need multiple feeds. I'm using the Fascebook SDK v3 (My server has an older version of PHP that the newest SDK doesn't work on). I've downloaded and included the correct files, no errors.
I then logged into one of my accounts and created a new app to get the App ID and Secret Key. However, my plugin doesn't work because it says it's not "live".
I need to do a submit and review that requires icons, screenshots, etc. However, I don't want my app available to everyone just my page.
You don't need to create a Facebook app for this. Apps are for situations where you need to access or modify information on other users' accounts. In situations like this one, where you only need to work with information which you personally have access to, the Facebook Graph API should be sufficient.
You will need to create a page access token for the page in question, then access endpoints related to the page to get information on the page, or read its posts.
For my web application - I need to fetch all the data for a particular facebook page. What kind of permissions do I need. Do I really need to create a canvas app for it?
I dont intend to do anything on FB - but use some of the data available to arrive at some conclusions in my web based application which will be hosted on a server outside of FB.
Facebook's API documents should provide everything you need:
https://developers.facebook.com/docs/graph-api/reference/v2.1/page
According to the permissions section, you'll need either an App token or a User token. Since you're talking server-to-server (I'm assuming this is server-to-server on account of the PHP tag), you're going to want to use an App token:
https://developers.facebook.com/docs/facebook-login/access-tokens#apptokens
You should be able to create a Facebook App from within your Facebook account, which will provide you with an App ID and App Secret. You can use those to make calls directly to the API.
Thanks in advance for reading.
I've been working with facebook login (both php and javascript sdk methods) for a couple of years and I'm facing a particular problem with new apps I'm developing.
I have an app in my localhost configured as virtual directory as follows:
http://localhost/myapp/
On facebook, the following settings of my app are pointing to that url: App Domains, Facebook Login Website, App on Facebook (https and http) and Mobile Web.
When I do the login process and point the redirect_uri to http://localhost/myapp/, it works fine, the cookie is set and I can make queries to the graph api.
The problem comes when I try to use another redirect uri like http://localhost/myapp/user_controller/register (Adds the user to the database). Although it is inside the app url configured on facebook, the SDK outputs an error message (OAuthException | An active access token must be used to query information about the current user. | Code 2500).
I figured out that, to solve this problem for a while, I have to go to the facebook app page: apps.facebook.com/myapp. I have to do it everytime my access_token has expired and, since this app is not intended to be inside facebook, I don't think that this is the best way to solve this.
I hope together we can find a good way to solve this issue and this questions helps future developers.
I'm using CodeIgniter (which I've been using about a year) and Facebook PHP SDK (downloaded directly from the github official repo) as CI library.
Thanks again.
At no point would you get that error during authentication.
I'm pretty sure that you instead have an error in your code that fails to exchange the code for the access_token on the .../register endpoint, and so you end up using an invalid access_token.
I'm trying to implement a transient oAuth authentication for a web app I'm creating. Essentially, the user needs to login with the Service each time they visit my web app. Primarily it's to enable using the web app without me having to store any of the user's authentication data. I'm trying to use the Tumblr API.
My platform of choice is PHP. However I've never really worked with oAuth before and and am still learning. The following scenario illustrates what I'm trying to achieve:
The scenario assumes that:
The user has already authorized my application in their Tumblr account.
Using my Tumblr Consumer Key, Tumblr Consumer Secret, I call to get request_token, which I later display to the user via a link.
Now on clicking the link above, I expect Tumblr to NOT to ask user to allow the app again (authorize in their account) and simply redirect user back and returning some info that will allow me to distinguish the user. There is no $_SESSION as user is trying login to the website using Tumblr
Is this even possible? If yes, can you help me figure out how to get this done?
Ps. I'm a complete oAuth Noob so please be gentle :)
If you are trying to use Tumblr in a way similar to Facebook Connect, Tumblr does not offer this feature at the moment. ie: you can not use Tumblr to log into your site.
Tumblr's OAuth implementation will allow you to have the user allow access for your app to the users account indefinitely. Which means that your app will always be able to access the users account, whether they are logged into your site or not. They will still have to log into your site each time they want to access your app.
Here is a solid guide to OAuth. Tumblr uses OAuth 1.0 :
http://hueniverse.com/oauth/