i am trying to implement the 'Like' operator by using access tokens from user.
if a user Login in my site using Facebook i will store access token from that user and then using that access token how i can make like on another people's status or photo?
Is it possible using Facebook app ? if yes,can you give me any link to know more about it or just give me brief about it.
Thank you
You can like a photo by issuing a HTTP POST request to PHOTO_ID/likes connection with the publish_stream permission. No parameters necessary.
If the write is successful, you get a boolean response as return.
Link:https://developers.facebook.com/docs/reference/api/photo/
Similarly for liking a status use OBJECT_ID/likes
Related
I am basically building a blog-style application which will post to a facebook page a link and a description whenever a new post is made. Users will not login to the application, so it shouldn't ask the individual posters for their facebook credentials.
I am using the Facebook Version 5 PHP SDK
Basically, the simplest way would be to have it always use my account's access token to obtain the page access token and post as the page every time someone makes a post.
I understand how to do this handoff of tokens and to post as the page, but I don't know how to always obtain the access token for my account to make this transaction without there being an additional step of following a callback url after each post.
Not sure if i understand what you are trying to do, you should not let other users post something on your Page with your Page Token - but there IS an Extended Page Token, and it is valid forever so you could just store it.
More information on Tokens and how to generate them:
https://developers.facebook.com/docs/facebook-login/access-tokens
http://www.devils-heaven.com/facebook-access-tokens/
I am using the facebook JS sdk to login a user. These are the steps that I follow:-
1) I use the FB.login(...) to get the details of the user.
2) Now, after receiving the details from Facebook, I send a POST request using jQuery's $.post(..) function to a php page say FBUser.php with the parameters - name,uid(Facebook User Id),email and access_token for publish_actions.
3) Now in the FBUser.php page, I do all the stuff like converting the short-lived-token to long-lived and then I check that if the uid received is present in my users table. If it is not, I create a new user, else I log in the old user. Today, I just realized that I was making such a big security compromise because anyone can send a POST request to the FBUser.php page with a uid of an existing user and get access to his account. But, on the other hand I am sure that some big websites also use the JS SDK. So obviously, I am wrong somewhere. What would be the correct procedure to log in the user securely and preventing his account getting hacked?
You should match the app and user id first, then you should check the access token, like this:
graph.facebook.com/debug_token?input_token={token-to-check}&access_token={app-token}
You can get the app token from https://developers.facebook.com/tools/accesstoken/
You can get the uid of the user using the access token that was sent to you, by using this token to access Facebook graph and query "/me".
You shouldn't relay on the uid that is sent by the client. My application only receives the access token and gets the rest of the data from a server-to-server call.
I'm building an application for an event so they can directly post their news messages on facebook. I'm trying to use de php SDK V4 for this but there are some parts of the login process I don't understand (still couldn't find a solution after searching for several hours).
My Problem is in the login process. First you have to specify which applicaton you are and give your application secret. Than you have to login to facebook with an account.
But which account should I use for that? The one of their event? Mine?
(I'm an admin of the events page) (this means that all messages will
be posted from mine account while i'm not the poster...sounds pretty
weird..)
Which method should I use to login into facebook? There is a veriaty of methonds like the FacebookRedirectLoginHelper(), the FacebookCanvasLoginHelper() or the Javascript one. However as far is I understand all these helpers for your users to login to their facebook accounts and that's not what I want.
During my search I found some an example of someone who is making a similar system (Facebook Graph API PHP SDK v4 - Post on Page). He/She uses the folowing piece of code for getting a facebook session:
FacebookSession::setDefaultApplication('{APP ID}','{APP SECRET}');
$session = new FacebookSession('{Page Access Token}');
This suggests that you don't need to login into facebook by user but only need a Page Acces Token. However if I understand it correctly (correct me if I'm wrong), to get a Page Acces Token, you first need an User Acces Token (https://developers.facebook.com/docs/facebook-login/access-tokens/#pagetokens). To get an User Acces Token you should be logged in, and than we're back to question 1 and 2 in the beginning of my story.
Or can I just get a Page Acces Token using the following api request (according to https://developers.facebook.com/docs/facebook-login/access-tokens/#pagetokens)
GET /{user-id}/accounts
Using a random user-id as long as the page admin gave this user permission to generate such a token (so the user related to "user-id" shouldn't be logged in while retrieving the Page Acces Token?) .
Sounds like you'll need to use the following flow:
Have the page admin log in with their Facebook account. Make sure to request the manage_pages extended permission. This will give you access to the pages they admin.
Once they grant access to your app, you'll get a short lived user access token. Exchange it for a long lived user access token.
Get the list of the user's pages with /me/accounts. Each page will have an access_token field returned with it. These are all page access tokens. We want to use a long lived user access token to get this list so that all the page access tokens returned will not have an expiration date. They live forever! :)
Use the page access token to post to the wall of the page if you want to post as that page. Use the user access token to post to the wall of the page if you want to post as that user.
And the Facebook Query Builder might make this whole process a lot easier. :)
Hope that helps!
Basically, I'd like my users to be able to register and log into my site using their Soundcloud accounts (much like Google or Facebook).
But I'm following the login flow from their docs (http://developers.soundcloud.com/docs#authentication), and I understand how to redirect them to the Soundcloud connect screen to authorize my app. And from that, I get a code that I can exchange for an access token. But after that the docs state this:
You should now store the access token in a database. Associate it with
the user it belongs to and use it from now on instead of sending the
user through the authorization flow.
So they're assuming that I already have registered users who then connect to Soundcloud through some other function of my app. But what I want, is for them to be able to create their account from their Soundcloud user info. I think this is initally possible, but when they return to log in again, I need that access token to identify them. But I can't get that access token without sending them through the auth flow again.
I'm guessing what I want to do can't be done, but it's also possible I'm overlooking something. Any help would be appreciated!
I've done this with IMGUR OAuth2 API. After you get the access token, make a new request to their /me endpoint. This way, you'll have the SoundCloud id for that particular user. Now you can check if you already saved this user in your database. If you have, just save the new token to make sure this user has granted your app access to their SoundCloud. I'm not sure if I were clear enough. Let me know if you need any further help .
I am trying to get FB user's full name using the access_token. I have the access_token with me but I am not sure how I can use it to access user information.
I have read the documentation and it says to get more user info we can use:
https://graph.facebook.com/userid?access_token=...
So, does this mean I need to use cURL to get response from this URL?
Btw, I am using PHP.
Thanks.
Accesstoken you can use for getting the information of the user which is necessary. Also if you have asked offline_access permission from user, you can store this accesstoken in your database and can get the user information even if he not logged in with facebook. That means, from next time you automtically get the information using this token.