I'm writing an app using Phonegap.
I'd like to give some perks to the user for posting about the app on their wall (or something of the sort) if they wish to do so.
There's a neat Cordova plugin which covers Facebook's functionality pretty thoroughly and more importantly it appears that it does so as natively as it can manage.
If a plugin like that is not available however, what is a high-level overview for having a user:
authorize with FB
post something canned on FB
ascertain that they have in fact posted what was given to them
I believe there's a way to do these things using Facebook's JavaScript SDK, but I've never seen an app ask me for my username and password (that wasn't the actual Facebook app) and I don't imagine Facebook would be happy with that, so what's the best way to go about that?
Additionally, if I want for a user to log in using Facebook in my app, (think Tinder) what is the data that I should be saving? Facebook login token and device ID? What are the best practices when it comes to using facebook and phone data to identify and store user account information server-side?
Facebook Login for Android -
The Facebook SDK for Android provides methods to implement Facebook Login for your app. The SDK provides Facebook Login support for the these common scenarios:
Your app uses only Facebook Login to authorize people using your app.
Your app provides two login options: Facebook Login and your own
login mechanism.
Your app uses your own login initially and Facebook Login is an
option to switch on certain social features.
For more - login-with-facebook.
Manually Build a Login Flow -
The easiest and quickest way to implement Facebook Login is with our official SDKs for JavaScript, iOS, and Android and we recommend you follow our separate guides for these platforms.
However, if you need to implement browser-based login for an app without using our SDKs, such as in a webview for a native desktop app (for example Windows 8), or a login flow using entirely server-side code, you can build a Login flow for yourself by using browser redirects.
This guide will take you through each step of the login flow and show you how to implement each one without using our SDKs:
Checking login status
Logging people in
Confirming identity
Storing access tokens and login status
Logging people out
Make direct HTTP requests to Graph API endpoints to retrieve
and post data.
For more check - manually-build-a-login-flow.
Pros:
No plugin dependency and no uncertainties when new versions of
Cordova or the Facebook SDK are released.
Works for all platforms, including platforms for which a version of
the plugin doesn’t exist.
Works for both browser-based apps and Cordova apps.
Cons:
Not full-fledged, less out-of-the box features.
Integration not as tight. For example, no native dialogs, etc.
The logic is integrated together and is available on github as OpenFB.
Sample Example -
Login using Facebook:
openFB.login(scope, successHandler, errorHandler);
Get the user’s list of friends:
openFB.api({path: '/me/friends', success: successHandler, error: errorHandler});
Post on the user’s feed:
openFB.api(
{
method: 'POST',
path: '/me/feed',
params: {
message: 'Testing the Facebook Graph API'
},
success: successHandler,
error: errorHandler
});
Either you have to use Facebook connect plugin to post something from cordova app, or the other way that I use to post something about my app review is using the URL way. Facebook has feed dialog / share url system to post in facebook. Simply calling it with native browser and correct parameters does the job, facebook takes care about the authorization and posting , I don't need to handle that.
https://www.facebook.com/dialog/share?
app_id=145634995501895
&display=popup
&href=https%3A%2F%2Fdevelopers.facebook.com%2Fdocs%2F
&redirect_uri=https://developers.facebook.com/tools/explorer
Found here Don't know will it work in inAppBrowser or not, I just call the native browser.
And AFAIK to post from within the app, it has to be the plugin.
OpenFB is even better than the Apache Cordova Plugin. The plugin isn't well maintained. Sometimes it takes months to update to the latest version of Facebook OpenGraph. OpenFB is constantly updated.
You would just use the JavaScript SDK to do this. See https://developers.facebook.com/docs/facebook-login/login-flow-for-web/v2.0
You have an option to use standard components or make your own buttons. You can also let users auto-authenticate after granting permissions initially or always press the button etc. The FB docs are easy to follow though.
Related
I am trying to integrate docusign with a React Native app I am building. My desired workflow is to have the user launch a remote signing envelope based on a template.
From the Node JS examples, eg009 seems to be the end result I am after. However, I am wanting to complete this with Axios/Fetch and Javascript.
My intended flow is to have the user enter in their name and email, and their spouses name and email. From there they press a submit button which sends the API call, and that is the extent of what the app does.
I am wanting the API call to then start the template flow, sending a document to sign via email to both that were entered into the app. I want the users to authorize themselves from the email, not the app. After both parties have signed, I want it sent to a third static email.
I do not want the users to have to authorize inside the app or be redirected anywhere. It seems a JWT would be best.
Does this seem possible? How would you suggest going about this?
I appreciate the help!
Looks like the JWT grant flow is the right fit for you here. Please see this article for more details: https://developers.docusign.com/platform/auth
There's no good solution for running DocuSign API calls from client as a result of CORS limitations.
Larry has some blog posts on this topic - https://www.docusign.com/blog/dsdev-building-single-page-applications-with-docusign-and-cors-part-2
You could use something like AWS lambda which is not a server per-se, but gives you server capabilities without the hassle of a server.
Check also the latest blog by Larry on this topic which superficially covers using React for single-page apps.
Working on a sketch plugin which can fetch/collect data from an illustration hosting platform based on user authentication.
I am using SKPM with sketch-module-web-view.
Currently we have Google & Facebook authentication methods for the website.
We need the same in sketch plugin to maintain the user session and required functionality.
Please suggest any documentation/tutorial out there.
PS: I have read almost every documentation available in sketch official website and other forums.
Reference - Please check Shutterstock & gallery.io sketch plugins and others.
Thanks
I don't know exactly which kind of authentication method you used to authenticate users through Google & Facebook on your website, I guess OAuth2. Using OAuth2 it is impossible to authenticate users on a local running app, since OAuth2 strictly requires a callback URL which can't be configured on a local running app.
Since you are using sketch-module-web-view, is not enough to make user land on your website login URL?
const BrowserWindow = require('sketch-module-web-view');
const win = new BrowserWindow();
// load your website login URL
win.loadURL('https://your_website.com/login');
Hope this helps.
Quick short background
I'm building a standalone web app using Angular JS 1.5. This web app makes usage of a API built with Laravel 5.2 (no sessions, just JWT Tokens and REST calls). Using Laravel-Socialite, I managed to make the following structure. It works nice and all, but we kind of have a overload of redirects.
The Button calls a /facebook route that invokes the Socialite magic box which leads to redirect to the Facebook Page for authorization.
After I achieved this, I noticed that a Facebook Login LOOKS a lot more of a front-end task than a back-end one. It's just about helping the user quickly sign up using Facebok available data or sign in without a password.
The Problem
Socialite makes usage of my Facebook App Secret, not to mention that it's a known environment server operation, while a Front-end we may never trust. Here is what I managed to achieve using JavaScript SDK (with AngularJS).
On a first-time access, I can get that information and sign up the user and automatically sign him in. But the problem lies on a existing user.
In this case, technically I can use the response.email information that Facebook gave me and make a request to my API to make a login without a password. But can I really do it? How do I make sure the request is being made because Facebook authorized it? After Facebook replies to my Web App, what is a secure way to tell my server that it can issue a JWT Token to that email?
Conclusion
Do I make the three-step redirection (Web App → Server API → Facebook) to sign in / authenticate a user using Facebook or is there something I'm missing here that could be the key to transferring this responsibility to the front-end (and avoiding a 3-step-redirection)?
On an iOS application, I plan to host Facebook Comments using Facebook Connect within an UIWebView, have already done some tests and read articles where I think that it shall work fine.
My question regards authentication: I wanted to use Facebook iOS sdk to have and store the proper tokens within Objective C, so that the user doesn't have to do it every time. I know how to inject any data in the UIWebView if needed, but my question is WHAT do I need to inject so that the facebook scripts already see the user as authenticated every time ?
Thanks
See https://developers.facebook.com/docs/authentication/. You will get an access token when you authenticate the user which you can then use throughout your application to request information on the users behalf.
Download the latest Facebook iOS SDK.
Create the Facebook object:
Facebook *myFacebook;
[self myMethodToDoSomeAuthenticatedStuffsWithAccessToken:myFacebook.accessToken];
Also, you can see the sample "Hackbook" project to see how the access token is setup for the Facebook object within the application and how it is auto refreshed.
This keeps the user authenticated on the iOS Device and you can use this access token a NSString* type to do your stuffs.
I want to show my own custom image for facebook connect. How can I do it?
You can use the Oauth2.0 protocol to do the user authentication.
The javascript libraries by facebook are just a service you can but don't have to use.
It is described in detail here: http://developers.facebook.com/docs/authentication/desktop
You basically just have to direct the user to a link, and analyze the link (serverside) when the user gets redirected back.
What button/link/image you use in your frontend is then all up to you.
There is also a nice port of facebook to openid available here, that you may be interested in: Best way to implement Single-Sign-On with all major providers?