I have a website on which clients will be uploading videos. The thing is - I want those videos to be uploaded to OUR channel, not users' channels. I don't see how I could make it work using YouTube API v3.
Every time a person wants to upload something using the access token I provided he has to input his own credentials. He can't simply upload anything directly to OUR channel.
Is there a way to work that around?
Short answer is: You should not ask your users to upload into your account.
But please read further:
https://stackoverflow.com/a/12626209/1973552
https://stackoverflow.com/a/15258781/1973552
Api V2 have option you've mentioned. Did you try it?
Basically you want to let Users upload Videos in your website, but upload them directly to youtube, without Google AUTH?
Yes you can. Make sure you set the setAccessType to offline.
$client->setAccessType("offline");
This will make it so you get a refresh Token with the users account authentication the first time. A refresh token allows you to reauthenticate without the user being present. (aka, offline). Create your script from the sample API v3 scripts, authorize your main account (the one you want to be predetermined) and display the response. Something like the following will show you your response:
print_r($client->getAccessToken());
You will see your refresh Token in the json response. Save that (either to a database, or hard code it into the script). Now that you have a refresh token, whenever you want to upload to youtube, just call
$client->refreshToken($THE_REFRESH_TOKEN_YOU_SAVED);
$thetoken = $client->getAccessToken();
$client->setAccessToken($thetoken);
After this, your previously authenticated account will now be currently logged into your script.
FYI, these are php examples, you might need to adjust accordingly.
Related
How can I show website activity on the Facebook timeline?
I integrated Facebook API and Facebook Connect. Now, if any new user uploads a video on the website then I want to display this activity on the Facebook log. What function of Facebook API can I use for this?
You should use Open Graph Actions and Objects. I recommend you create:
A video object
An "uploaded" action as well as utilising the built-in "watch" action
There is a full and more than helpful tutorial right here. Things to consider:
You need to request publish_actions permission from users of your website, if you are already using Facebook Login, then this is a simple matter of adding it to the list of Permissions that you are requesting
Publish an uploaded action for every new video uploaded, make sure you get explicit consent from the user to do so, so that you can use the fb:explicitly_shared parameter.
Use the watch action for any videos that people watch on your website.
I have a contest App. And many users have installed the app. I have stored the offline_access tokens of these users. I want to send a message to all users of app at the end of contest. What is the best way to do it. Because when I do it in a while loop the page never loads and browser just shows loading animation gif on tab.
You don't even need the user access tokens to accomplish something similar to what you're trying to do.
First off, mass-wall posting is both a violation of the Facebook Platform Policies (specifically IV.2, IV.3), but it's also really spammy and users will react negatively, probably blocking your app and ultimately it may get banned from Facebook. So don't do that.
Instead, you should utilise the intended social channel for notifying users of new content, App to user Requests.
This is pretty simple to do, as per the Graph API docs for apprequests you just make the following API call:
https://graph.facebook.com/USERID/apprequests?app_access_token=APPTOKEN
Where USERID is each user's Facebook ID and APPTOKEN is always your applications unique access token (see the documentation here if you do not know how to obtain one of those). You will also need to include parameters such as message, which you can read more about in the docs.
I'm using the Graph Api on PHP to fetch the albums for an user.
As I display them, I would like to also show the cover photo for each album. I do get the [cover_photo] attribute on each album, but I would like to show that picture without having to make a new request for each photo to get the source URL for all of them.
Is there any way to do this?
I tried (without success) to fetch the photos doing the following:
<img src="//graph.facebook.com/<?=$album['id'] ?>/picture">
I read a post about it where the solution is:
https://graph.facebook.com/<id>/picture?type=album&access_token=<token>
But I can't just put the access_token inside an img src publicly... can I?
It is very conscientious of you to do this. But you need not worry, as any graph api call that uses an access token automagically requires the request to be https.
Another approach: you can log out of your facebook session at the end of the script which will invalidate the access token.
On a related note, facebook does not mention this as being a security risk. They had a problem with leaked access tokens caused by including them in the HTTP request, and also not using HTTPS. Both of these holes are fixed, and non-expriing tokens have also been removed.
https://developers.facebook.com/blog/post/497/
Here is a good article explaining the security of the access token since Facebook switched to Oauth 2.0
http://www.sociallipstick.com/?p=239
If you make your access_token public, you want to take precautions such that the user doesn't unknowingly give it to someone else.
Make sure your app communicates across HTTPS, otherwise if your user is browsing your website on public wifi, someone can snoop your traffic and get the access_token. The hack is similar to how Firesheep worked.
If a malicious 3rd party gets the user's access_token, he can query Facebook with requests as if he is your app. This could get very nasty if your app has the publish_stream or manage_friendslists permissions.
As long as your user is aware of this, it's fine. The main thing you don't want the user to have is your app's secret key. During the authentication process, your app tells the user's browser to goto Facebook and come back with a "code". Your server then directly connects to facebook (the user's browser doesn't know), and sends that code along with your app's secret key. Facebook comes back to your server with the access token.
Is it possible to change someone's profile picture via the Facebook API?
The Graph API discusses POSTing a picture to an account but I see nothing related to the direct altering of a user account. I suspect they only recognize GET requests under their RESTful API (for the user area). Thus, a no.
That's just information gleaned from the Facebook API docs, however. I could be missing something though.
not possible: Facebook API/PHP - Is it possible to change a user's profile image via FB Graph API?, and also my own experience.
This feature is not possible, period. Although you can upload an image to the Graph API and then redirect the user to the permalink of that post :)
It's possible by adding makeprofile=1 at the end of uploaded photo url. You can find example (PHP) and demo here: http://4rapiddev.com/facebook-graph-api/php-change-facebook-profile-picture-with-graph-api/
I have a site and I want to upload videos onto YouTube without a login. Is it possibe? If yes, how can do this?
Create an account and use its credentials all the time, for all users of your site. You simply can't upload a video without a user account 'responsible' for it. #Pekka: ask for forgiveness, not for permission? ;)
Google at least has a youtube API (with uploading capabilities and PHP examples) right here: http://code.google.com/apis/youtube/2.0/developers_guide_php.html#Uploading_Videos
It is not possible to upload Video to YouTube without logging in.
That said, I wouldn't be surprised if even automated uploading with a login would be forbidden by YouTube's Terms and Conditions.
There is a way to do that without zend client library. Its in core php (PHP4).
https://github.com/techie28/YouTubeUploadPHP.
Note: AuthSub is deprecated now.Please refer to Google Deprecated policy for details.
EDIT:
Because codershelpingcoders.com now points to godaddy's parking page and the original link zendtutorials.wordpress.com has an empty article linking to codershelpingcoders.com, I found the original article via the archive: http://web.archive.org/web/20130123044500/http://codershelpingcoders.com/ and have tried to replicate it's contents in this answer for future reference (NOTE: I have no idea if this info still works).
This tutorial describes the direct browser based upload technique using AuthSub.
AuthSub is the Authorization module of the YouTube that lets your application interact with the YouTube for specific purposes such as Uploading videos etc on user’s behalf.
It is same like Auth and a cousin of oAuth.
A user grants the privilege to your site application and you can do the job on his behalf as simple as that.
We will go through the way to upload a video using AuthSub.
It goes as follows and can be really done in following 4 simple steps:
To allow the application run on user behalf a user must have
authorized it first.
So our first step to implement is to get the app Authorized by the user.
We do it by simply redirecting user to the authorization page the url
is as follows:
$nextUrl = urlencode(‘http://www.xxxx.com’)
$scope = urlencode(‘http://gdata.youtube.com’);
https://www.google.com/accounts/AuthSubRequest?next=’.$nextUrl.’&scope=’.$scope.’&session=1&secure=0
The nextUrl here is the url of the your application where the user
will be redirected after authorization procedure.
scope is to tell the YouTube about the scope of the process which is google
data youtube in this case.
So if user has not authorized your app yet he must be redirected to
the above mentioned authorization page once the user has approved
your application it needs not to follow the step one ever again until
and unless the user revokes the access to you app from the users
control panel of his account.
On successful completion of the authorization process user will be
redirected to your application and this complete the first step of
AuthSub.
If from the first step the user authenticates your application
YouTube will redirect him back to your application with a token in the url.
You are going to use this token and here is where the actual AuthSub process
comes into play you are going to use this token to obtain an entity called
AuthSubSessionToken which will allow you to interact your app to YouTube
on the user behalf who has just approved your application.
In PHP you do it by issuing a curl request. The details are as follows:
Issue a curl GET request to https://www.google.com/accounts/AuthSubSessionToken
with the token you received just after the authorization step.
Remember to turn ON the curl’s response gathering status as you gonna need that.
If everything went well till now you would be responded from YouTube with
the AuthSubSessionToken.
BINGO :-)
Now when you have received the AuthSubSessionToken you are gonna use
that to get an upload token which will actually upload the data
related to your video to YouTube i.e.title,description,category and
keywords. This is kinda reverse process as in AuthSub you upload the
data related to the video to YouTube first and then upload the video
itself. The uploading of video data also referred as MetaData will be
done by feeding XML to the YouTube,the xml will be:
title goes here
description goes here
category goes here
Keyword goes here
and again curl has business to do you will upload this by issuing another curl call:
url:http://gdata.youtube.com/action/GetUploadToken
headers:AuthSub token=”Your AuthSubSession token goes here”
GData-Version:2
‘X-GData-Key: key=”Your Api key goes here”
Content-length: length of the xml you formed above goes here
Content-Type:application/atom+xml; charset=UTF-8
POSTFIELDS: the xml itself that you formed
If the step 3 completes successfully then its time to upload the
video actually on your successful last curl execution you will be
reverted back by the YouTube with a url an a token.
Now you will create a form which will have this url as its action and token
as a hidden field something like this.
Just select the video and click submit and your video will get uploaded.
On successful submission you will be redirected back with status 200.
The github link for the Sample code is here.