We have some code on the site to request additional permissions, specifically Posting to Timeline, when a user performs an action. This has been working fine until recently, where the response format from FB has changed. I've included the sample code below:
FB.ui({
method: 'permissions.request',
'perms': 'publish_actions',
'display': 'popup'
}, function (response) {
var confirm = response != null && response.perms != null && response.perms != '' && response.perms.indexOf('publish_actions') !== -1;
$('.close').click();
});
Previously, the response from this would be parsable as a string to confirm whether the user accepted the escalated permissions. However, regardless of whether the user accepts or rejects, it's just returning 'false' now.
Does anyone know if we're doing something wrong, if something has changed on FB's end, etc. Really struggling to know where the issue lies.
Probably it's latest changes in facebook api.
so, check out a new doc page and I wish you will change the process of getting permissions to login:
FB.login(function(response) {
// handle the response
}, {scope: 'email,user_likes'});
here, you can find a list of permissions and add to scope whatever you need, for example:
FB.login(function(response) {
// handle the response
}, {scope: 'email,publish_actions'});
that will allow to your app to post content, comments, and likes to a user's stream and to the streams of the user's friends.
I hope that helped somehow - let me know.
Related
I am getting error with status 302
But while trying to log error in catch I am getting 200
post(url, data, successCallBack, errCallback) {
return this.http.post(apiDomain + url, JSON.stringify(data), {
headers: this.headers
}).catch(this.handleError).subscribe(
(res) => {
successCallBack(res.json());
},
(err) => {
errCallback(err);
}
);
}
private handleError(error: any) {
let errMsg = (error.message) ? error.message :
error.status;
console.log(error.status); // log is 200
console.log(error)
console.error(errMsg);
return Observable.throw(errMsg);
}
Requirement I want to send another post call on redirect URL redirects.
How to get Redirect URL.
Need help.
Late answer I know, but for anyone stumbling across this.
The short answer is you can't as the browser handles 302's itself and won't tell angular anything about that. What you can do is set-up an interceptor style class that monitors what is going on.
Google for angular2 http interceptor or similar, it's a little beefier than your example above and can monitor every XHR connection. An example is here:
https://www.illucit.com/blog/2016/03/angular2-http-authentication-interceptor/
What this now allows is that any connection will come through your interceptor. As we won't be able to monitor 302s, we have to think about what might happen. For example in my example the request suddenly changes the url to something with my auth in it.
Great so my 1st bit of pseudo code would be:
if (response.url.contains('my-auth string')) {
redirect....
}
I can also see on the headers provided that instead of application/json I've suddenly gone to text/html. Hmm, that's another change I can check for:
if (response.url.contains('my-auth string') && response.headers['content-type'] == 'text/html') {
redirect....
}
You may have other parameters you can check, however these were good enough to detect a redirect for me. Admittedly this is with respect to being redirected to login and not another example, hopefully you get enough distinct changes check for you to decide whether you have got a 302.
I am developing a simple Facebook app which will basically just allow users to POST statuses, photos, etc. - this is just an exploratory project at the moment.
I have been trying to POST statuses with varying privacy levels and have been able to POST with custom privacy successfully, however, when I try to tag a friend in the POST headers I get an oAuth exception error response.
My scope appears to include everything necessary to do what I want, but I may be missing something here.
"...&scope=email,user_groups,user_photos,read_friendlists,manage_friendlists,publish_stream,read_stream"
Here's my JS code:
FB.api(
"/me/feed",
"POST",
{
"message": $('textarea').val(),
"tags": $('input').val(),
"privacy" : {'value': 'CUSTOM','allow': $friend_list.val() }
},
function (response) {
if (response && !response.error) {
console.log('response is: ');
console.log(response);
}
else{
console.log('oops something went wrong here!');
console.log(response);
}
}
);
As the SDK docs are not really that informative, I am not really sure what the purpose of place, which I apparently have to include:
Comma-separated list of user IDs of people tagged in this post. You
cannot specify this field without also specifying a place.
I have tried setting "place" as a variety of values but I'm not sure what I am doing wrong. I have deliberately omitted it from the example code above by the way.
Thanks in advance
-- EDIT --
As requested, here is an example list of the headers being posted:
message:this is an example post
method:post
privacy:{"value":"CUSTOM","allow":"123456789012345"}
The above works correctly (given the correct user ID's that is), i.e. a status is created and it is only viewable by a single user/friend, but once I include "tags" it throws an oAuth error with little to no info or explanation. The reason I am trying to "tag" friends by the way is that I want people to be notified of a POST rather than just having access to it.
message:this is an example post
method:post
privacy:{"value":"CUSTOM","allow":"123456789012345"}
tags:123456789012345
I have also tried to set the "place" header, but again I have little understanding of its purpose so I may be supplying an incorrect value or something like that.
First of all, I'm aware there are plenty of questions and answers relating this topic. However, none of them works for me (maybe because they are old and the methods have become outdated, I don't know)... Let me briefly explain my problem:
I've been trying to login to Facebook with extended permissions on CocoonJS for about two weeks and I'm completely unable to do it... I can successfully login with basic permissions and everything works as expected, but I can't figure out how to request for extended permissions... When calling the Cocoon's FB login with the optional params, only the basic permissions are requested, so actually it seems that Cocoon (or FB) ignores the extended requests:
var socialService = CocoonJS.Social.Facebook.getSocialInterface();
socialService.login(function(loggedIn, error) {
if (error) {
console.error("login error: " + error.message);
}else if (loggedIn){
console.log("login suceeded");
CocoonJS.Social.Facebook.getLoginStatus(function(response) {
if (response.status === 'connected')
CocoonJS.Social.Facebook.api("/me/permissions",
function (response) {
if (response && !response.error) {
console.log("Granted perms.: "+JSON.stringify(response));
}else{
console.log("ERROR: unable to retrieve permissions");
}
}
);
}
});
}, { 'scope': 'user_photos,publish_actions',return_scopes: true });
The thing is, the login function seems to work properly and the "login succeeded" log is printed, and so is the "Granted perms." log. However, it only shows the basic permissions, completely ignoring the 'user_photos' and the 'publish_actions' ones (they don't even appear in the retrieved list...
I tried calling the option with 'scope', with scope, with 'perms'... but nothing changes the result. I've asked in the CocoonJS forums, I've been googling for two weeks, tried different solutions, different Facebook accounts, even tried hardcoding the extended params in the CocoonJS's FB login function (which result in crash), but nothing works...
Anyone knows how to achieve it?
Thanks in advance for your time and effort!
CocoonJS parses the 'scope' parameter as a string with comma separated values. But these permission values are used with a readonly session login. Facebook has deprecated logging in with the "publish_actions" permission and suggests that an app should request the bare minimum of read permissions during login and then request any additional or publish permissions when a person actually needs them.
I recommend that you request extended permissions this way:
CocoonJS.Social.Facebook.requestAdditionalPermissions("publish", "publish_actions", function(response) {
callback(response.error ? false : true);
});
I have a Facebook app with namespace 'thenovel'. It has an action 'rate' assigned to an object 'sentence'. When the 'dofacebookstuff()' function is called, I want the user's rating of a sentence - 'testsentence', for the moment - to be published to their timeline. 'Rating' doesn't require an access token.
Whenever the dofacebookstuff() is called, the error alert pops up. I have tested whether the '!response' or 'response.error' was causing it, and it is the 'response.error' every time.
I can get the user id, name etc. fine with FB.login but the api call just does not work. If I go straight to 'https://graph.facebook.com/me/thenovel:rate?sentence=testsentence&access_token=XXXXX', I see the following:
{
"data": [ ],
"paging": {
"next": "https://graph.facebook.com/me/thenovel:rate?sentence=testsentence&access_token=XXXXX&offset=25&limit=25"
}
}
I have checked my HTML and all the Facebook-related stuff is there and in the right place. None of the other scripts on the page produce errors. Here is the function in question:
function dofacebookstuff() {
FB.api(
'/me/thenovel:rate?sentence=hello&access_token=' + accesstoken,
'post',
function(response) {
if (!response || response.error) {
alert('Error occured');
} else {
alert('Action ID: ' + response.id);
}
});
}
Could anyone explain where I'm going wrong? Where is my response data?
If you're posting to /me you need an active access token for that user - do you have one? it may have expired already, but i think the message is specifically referring to the fact that you haven't provided one, as there'd be a specific message if the token is invalid or expired.
You should be able to post to /USER_ID/thenovel:rate with the app access token if you're doing offline publishing of some kind
Try logging in using FB connect first.
I saw a similar question, and it mentions about the change in December 2011, and that part was right
http://facebook.stackoverflow.com/questions/8753085/in-facebook-login-how-do-you-see-the-permissions-that-the-user-granted
but the rest of the answer is wrong
I did notice this is part of the url though
https://s-static.ak.fbcdn.net/connect/xd_proxy.php?version=3&error_reason=user_denied&error=access_denied&error_description=The+user+denied+your+request.#cb= ...
You will not know which permissions the user granted to your application in FB.login callback. You should query permissions connection for user object:
FB.api('/me/permissions', function(response){
if (response && response.data && response.data.length){
var permissions = response.data.shift();
if (permissions.email) {
alert('User have granted `email` permission');
}
}
});
Update:.
While it's not stated by Facebook that callback for FB.login will not include perms or scope property which was used before switch to OAuth2 this is the case! There is nothing said in current documentation about permissions passed to callback for FB.login, FB.getLoginStatus or FB.getAuthResponse.
There is also bug report about this behavior which is marked as Won't Fix