I need help on how to bring in a users personal stream.
For example when I go to this webpage I want the user to be able to see his/her facebook live profile stream as if he/she was looking at the facebook website.
Also would you recommend I use the Javascript or PHP SDK ?
Any help or links to examples would be much appreciated.
To get the user's stream an app needs permission to get this data
When a user logs into an app, the app gets access to their public profile and friend list - to read more info about a person, an app must request additional permissions from them
Permissions enable you to access user information. The Graph API reference provides detailed information on the kind of information stored in a user profile and the specific permissions that must be granted by the user before your app can access it.
http://developers.facebook.com/docs/concepts/login/permissions-login-dialog/
In order to be granted permission you need an access token
An access token is a random string that provides temporary, secure access to Facebook APIs.
A token identifies a User, App or Page session and provides information about granted permissions. They also include information about when the token will expire and which app generated the token. Because of privacy checks, the majority of API calls on Facebook need to be signed with an access token
For a user profile, you need a user access token
User access tokens are the standard type for API calls; these are generated in the login flow when a user grants permissions to an app.
Once these basics are known, then you need to pull the data via an HTTP GET to
https://graph.facebook.com/me/feed?access_token=USER_ACCESS_TOKEN
Which will return an array of Post objects containing (up to) the last 25 posts.
http://developers.facebook.com/docs/reference/api/user/#feed
Now you have a JSON response that looks similar to this
{
"data": [
{
"id": "13608786_10101118139895617",
"from": {
"name": "Philippe Harewood",
"id": "13608786"
},
"picture": "https://fbexternal-a.akamaihd.net/safe_image.php?d=AQDuPlCx0L1BP7wp&w=130&h=130&url=http%3A%2F%2Fi4.ytimg.com%2Fvi%2F7_3hKVxOcRI%2Fmqdefault.jpg",
"link": "http://www.youtube.com/watch?v=7_3hKVxOcRI",
"source": "http://www.youtube.com/v/7_3hKVxOcRI?version=3&autohide=1&autoplay=1",
"name": "Suit & Tie (Acoustic Cover) - Tori Kelly",
"description": "hope you enjoy my cover of Suit & Tieeee. JT is the man. for all info and tickets to my upcoming shows go to torikellymusic.com !! love you guys! -----------...",
"icon": "https://fbstatic-a.akamaihd.net/rsrc.php/v2/yj/r/v2OnaTyTQZE.gif",
"privacy": {
"value": ""
},
"type": "video",
"application": {
"name": "YouTube",
"namespace": "yt-fb-app",
"id": "87741124305"
},
"created_time": "2013-03-23T23:21:50+0000",
"updated_time": "2013-03-23T23:21:50+0000",
"comments": {
"count": 0
}
}
],
"paging": {
"previous": "https://graph.facebook.com/13608786/feed?limit=25&since=1364080910",
"next": "https://graph.facebook.com/13608786/feed?limit=25&until=1364080909"
}
}
Based on the language of your app, you should be able to the parse response correctly. In this case to have a near persistent stream of feed data from a user profile. You will need t o store the user access token so that the app can request access any time.
Normally a user access token only lasts for two hours so extending the token to last two months will be a wise choice. You can extend the token by using the following call
https://graph.facebook.com/oauth/access_token?
grant_type=fb_exchange_token&
client_id=APP_ID&
client_secret=APP_SECRET&
fb_exchange_token=SHORT_LIVED_ACCESS_TOKEN
You can exchange this token for a longer-lived one (that will valid for up to 60 days) by passing it to the /oauth endpoint from your server (so that the secret is not exposed) with a grant_type parameter of fb_exchange_token
Now you should store this in a database, e.g. MySQL for retrieval later.
So in summary, load your SQL
CREATE TABLE IF NOT EXISTS `facebook_data` (
`ID` int(11) NOT NULL,
`access_token` varchar(255) NOT NULL,
UNIQUE KEY `ID` (`ID`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1;
Pre-populate the data if you wish
INSERT INTO `facebook_data` (`ID`, `access_token`) VALUES
(1, 'temptoken');
Normally I tend to allow JS SDK to handle the user authentication and PHP SDK to handle the API calls. At the same time allowing the cookie set by the JS SDK to be picked up by the PHP SDK
Once the PHP SDK is set up with the cookie and has parsed the signed request
I will extend the access token and the set the new access token in the database.
$facebook->setExtendedAccessToken();
$fbdb_result = $fbdb->query("UPDATE facebook_data SET access_token='" . $facebook->getAccessToken() . "' WHERE ID = 1");
Now in my presentation page, whenever I need I will pull in the access token from the database and set the PHP SDK to the correct user.
$result = $fbdb->query("SELECT access_token FROM facebook_data WHERE ID = 1");
$access_token = mysql_result($result, 0);
$facebook->setAccessToken($access_token);
Then I ensure that no invalidation has occurred since I last stored it
// Get User ID
$user = $facebook->getUser();
if ($user) {
try {
// Proceed knowing you have a logged in user who's authenticated.
$user_profile = $facebook->api('/me');
} catch (FacebookApiException $e) {
error_log($e);
$user = null;
}
$user_posts = $facebook->api('me/feed'); // The user's feed on their wall
}
Then start handling each post and displaying it with some styled CSS
foreach($user_posts['data'] as $post){
$post_link = $post['actions'][0]['link'];
$page_id = $post['from']['id'];
$page_name = $post['from']['name'];
$message = ($post['message']) ? $post['message'] : " ";
$name = ($post['name']) ? $post['name'] : " ";
$story = ($post['story']) ? $post['story'] : " ";
$post_time = $post['updated_time'];
}
You can create a badge for your site (the gear wheel at the top-right of your FB profile) and click on "edit badge". There are quite a few options available.
Related
I want to delete a facebook post or comment that is on my facebook feed. I tried to follow facebook docs,but no in vain.
Here is my code for post delete request.
$postid = "2512732972186856_2511181632341990";
$token = facebook user access token
$feed = $this->facebook->deletes($postid,array (), $token);
When I run this query it says :
{
"error": {
"message": "(#3) Publishing comments through the API is only available for page access tokens",
"type": "OAuthException",
"code": 3,
"fbtrace_id": "A9fyXxLUY3ui9S3CqiCuIDJ"
}
}
However it is important to mention that i didn't create post in page, my post is in my facebook feed.
You cannot create or delete posts on your Profile, you can only create posts on a Page, and you can only delete posts made by your App.
The error message actually tells you that those actions are only available for Pages (with a Page Token).
I having problem that when user logged in i get a token and i am building apis and that token i need to pass on every request in postman:
My Response when i got current logged in user;
{
"token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwOi8vMTI3LjAuMC4xOjgwMDAvYXBpL2xvZ2luIiwiaWF0IjoxNTIzMjY5OTUxLCJleHAiOjE1MjMzMDU5NTEsIm5iZiI6MTUyMzI2OTk1MSwianRpIjoiSlNXa0hPbGxvOWdQNnRkNCIsInN1YiI6MiwicHJ2IjoiODdlMGFmMWVmOWZkMTU4MTJmZGVjOTcxNTNhMTRlMGIwNDc1NDZhYSJ9.Dt9fLL4d1mgwU7LMCNOeBoITs4Q0mAIeG07aCjRgaNM",
"currentUser": {
"id": 2,
"name": "Shahzad Hussain Shah",
"email": "shahzad.hussain#vaivaltech.com",
"created_at": "2018-04-09 10:22:18",
"updated_at": "2018-04-09 10:22:18"
}
}
and this token i need to pass everytime and if shut down my pc and on again then i have to login my user again so that i got a new token and then i can start my work with that token:
Here i want to avoid this token and when my website comes to live what will be the solution of tproblem:
When i used Auth::user()->id; it says trying to get property of non object then i need to pass the token: but here i want i just used Auth::user(); and it should pick id of current logged in user:
Any help will be highly appreciated!
I have implemented Google OAuth login on my website. A user signs in using his/her Google Account, reaches my welcome page & now on my welcome page & other subsequent pages/scripts what are the variables which I need to validate to authenticate & check whether the user is logged in or not. Right now am just doing this :
checklogin.php (using it in require_once in all my subsequent php scripts)
if(isset ( $_SESSION['access_token'] ))
{
//logged in
}
else
{
//NOT LOGGED IN
header('location:login.php');
}
Do I need to check the value also of the access token & any other security variables to make my login inspection process more robust ? If yes, then how can it be checked ? Or is this check just sufficient enough ?
Ripped from comment
$_SESSION['access_token''] = 'foo' and runs it then again my condition will return true and he will just jump in my website and view all the private data of any user?
If you are really woried that someone will do this then the best thing to do would be to validate your access token against the tokeninfo endpoint. Doc
https://www.googleapis.com/oauth2/v3/tokeninfo?access_token=[access_token]
Am not really sure how you think a user could do this as your talking about a session variable in the browser. However browser hacking is not my specialty.
UserInfo endpoint
Another option is to check the user info end point. All identity servers have this endpoint which returns info about the current user. Because you are requesting the profile scope you should be able to see this.
Request
GET www.googleapis.com/userinfo/v2/me
Authorization: Bearer ya29.GluEBbGJOYKQ0gcDAFvU2iRKotG-a6MvbyNP6mUUk96RDKJHIFOR_RKiWxl8vQ01rbgy9lP_KmspvrHDzHMZ_
Response
{
"family_name": "Lawton",
"name": "Linda Lawton",
"picture": "https://lh5.googleusercontent.com/-a1CWlFnA5xE/AAAAAAAAAAI/AAAAAAAAl1I/UcwPajZOuN4/photo.jpg",
"locale": "en",
"gender": "female",
"email": "xxx#gmail.com",
"link": "https://plus.google.com/+LindaLawton",
"given_name": "Linda",
"id": "7200475532672775346",
"verified_email": true
}
The id is my internal id with google
I am far from the programming and PHP, but got the challenge to get the Fb share count for the website :)
I'm trying to get the proper App Access Token and send the request to Fb
according to this article.
The request should be like this:
https://graph.facebook.com/?ids=http://www.myurl.com/my-page&access_token=myappid|myappsecret
And I getting this error.
{
"error": {
"message": "Invalid OAuth access token signature.",
"type": "OAuthException",
"code": 190,
"fbtrace_id": "FfZKAkCyad1"
}
}
I am going to use it in PHP roughly like this:
function facebook_count($url)
{
$results = #file_get_contents('http://graph.facebook.com/' . $url .'&access_token=myappid|myappsecret');
if ($results) {
$like_array = json_decode($results, true);
if (!empty($like_array['shares']))
return ($like_array['shares']);
}
return 0;
}
My guess, I checked wrong Permissions (scopes) for my App token. Did not found an answer in FB dev page. Checked this for now:
user_likes, read_insights, read_audience_network_insights, public_profile
What Scope do I need to check, if I need only the shares count by the link?
Or in what else could be the problem?
You need to use an App Access Token... So the actual permissions (referring to User Access Tokens!) are irrelevant.
So, hopefully you are replacing myappid|myappsecret with your actual App Id and App Secret. If ynot, there's your error. Furthermore, I think in the file_get_contents call then ?id= part in the URL is missing.
In my database some users have Facebook IDs stored, as once they logged into my website via Facebook. For each of those users I would like to store a profile picture, which would be retrieved from their Facebook accounts.
Facebook PHP SDK specifies the following way to get a user picture:
/* PHP SDK v4.0.0 */
/* make the API call */
$request = new FacebookRequest(
$session,
'GET',
'/me/picture'
);
$response = $request->execute();
$graphObject = $response->getGraphObject();
/* handle the result */
The problem is the $session param. Currently, I get the FacebookSession object after the user logs into my website via Facebook. However, for what I want to achieve, I don't have the session present.
Is it possible in PHP SDK to get Facebook user profile picture when having only the user ID, and without them being logged into Facebook?
I hope this helps,
http://graph.facebook.com/USERNAME OR USERID/picture?type=large
http://graph.facebook.com/USERNAME OR USERID/picture?type=small
http://graph.facebook.com/USERNAME OR USERID/picture?type=square
You do not need to log into facebook just use USERNAME OR USERID.
This is simple, basic thing and require only Googling...
If you're not looking for this, please elaborate the task you're doing...
Good Luck!!!
Simply use the following Graph path via GET request:
/{user_id}?fields=picture.type(large),id,name
Field type can be one of the following values:
small
normal
large
square
Or using width and/or height value like this:
/{user_id}?fields=picture.width(200).height(200),id,name
Also you can add redirect=0 param.
By default the picture edge will return a picture instead of a JSON response. If you want the picture edge to return JSON that describes the image set redirect=0 when you make the request.
So you will have the following JSON response:
{
"picture": {
"data": {
"height": 120,
"is_silhouette": false,
"url": "https://scontent.xx.fbcdn.net/hprofile-xaf1/v/t1.0-1/c53.10.120.120/165675_138088076251005_752993_n.jpg?oh=a9450bf53f2d2294531e11ae28be99c1&oe=56C740A5",
"width": 120
}
},
"id": "138087416251071",
"name": "Zenonis",
}