http://username:password#siteaddress.com/rest/model/atg/userprofiling/ProfileActor/create?_dynSessConf=1161953573111590000&email=t3June0#yopmail.com&password=project#3June0&confirmPassword=project#3June0
Even after passing session Confirmation number,I am getting the following error
Your Session expired due to inactivity.
This problem doesn't arise when i use Curl command.
Is this Problem got Solved?, Is your Login API is working ? where are you using this ATG API (for mobile or web- portal ) ?
Answer is for Web portal.
This error is because of sessionconfirmation number mismatch.
use this Code to retrieve session confirmation number.
var xmlHttp = new XMLHttpRequest();
xmlHttp.open( "GET", "http://IP:Port/rest/model/atg/rest/SessionConfirmationActor/getSessionConfirmationNumber", false ); // false for synchronous request
xmlHttp.send();
var hostResponse=xmlHttp.responseText.split(" ");
localStorage.setItem("getSessionConfirmationNumer",hostResponse[1].replace("}", ""));
Session confirmation number is large,Number will assign to LONG if you are using json to retrieve the same.
Please check and let know. Good Luck :)
Related
I'm trying to have users login to facebook with a desktop app and am following this guide and am on the "Generate a Code" step: https://developers.facebook.com/docs/facebook-login/for-devices#tech-step1
I am trying this request using the graph API explorer tool I select POST and apparently v8.0 is the only choice and then the request is device/login.
The parameters in JSON I'm using are:
{
"access_token": "<app_id>|<client_token>",
"scope": "user_status,user_posts",
"type": "device_code"
}
I get this error message: "(#190) This method must be called with a client access token."
I grab my app_id from the top of my facebook app dashboard and I grab the client_token from the Settings > Advanced section.
I've also tried passing in the App Access Token I get when I do an oauth/access_token call using my app_id and app_secret, but that has the same issue.
When I try this request in my C# code I'm using a code like the following:
string url = "https://graph.facebook.com/v2.6/device/login?access_token=1234|ABCDEFG&scope=user_status,user_posts";
WebRequest request = WebRequest.Create(url);
request.Method = "POST";
WebResponse response = request.GetResponse();
I've tried every combination of app_id, app_secret, client_token, and access_token I can think of instead of the "1234|ABCDEFG" portion here but I just get "The remote server returned an error: (400) Bad Request."
I'm sure it shouldn't be this hard to do a device login for facebook and I'm missing something.
maybe it's too late to answer to your question.
actually I faced with same issue when I trying on postman.
simply I sent (access_token) as params instead of headers and I got respond.
hope to usefull.
I'm using Facebook PHP SDK to obtain user's access token. The code is copied from here https://developers.facebook.com/docs/php/gettingstarted/4.0.0
They should be like below:
$helper = new FacebookRedirectLoginHelper('your redirect URL here');
$loginUrl = $helper->getLoginUrl();
// Use the login url on a link or button to redirect to Facebook for authentication
And then in the redirect action:
$helper = new FacebookRedirectLoginHelper();
try {
$session = $helper->getSessionFromRedirect();
var_dump($session);
} catch(FacebookRequestException $ex) {
// When Facebook returns an error
} catch(\Exception $ex) {
// When validation fails or other local issues
}
A couple of weeks ago, I could see the expires value was returned from the API. But now, only access_token is returned.
Has Facebook changed its API output?
Update : I learned the extended token was created with an account that scoped offline access. I backed all out and removed that access and the token is extended 60 days.
It appears that extending the token returns 0 instead of an expiration date because it never expires. Extending a token started breaking my app because it was returning 0. It used to return a timestamp about 60 days out. I took the extended token to the Open Graph Debugger, https://developers.facebook.com/tools/debug/ The value for Expires = Never.
Can anyone confirm this or point towards updated documentation. The docs still say 60 days.
The above code looks fine but for,
Token expiration Sol :
Facebook has changed its endpoint redirect url for long live tokens,
Now the end point is :
https://graph.facebook.com/oauth/client_code?access_token=...&client_secret=...&redirect_uri=...&client_id=...
Also generally facebook bydefault provides short live access tokens which expires in 2hours if you want a long live token access which has life for 60days than you can use following function.
link for ref
$longLivedSession = $facebookSession->getLongLivedSession();
echo $longLivedSession->getToken();
check following links which highlights more information related to long live tokens.
https://developers.facebook.com/docs/facebook-login/access-tokens#extending
http://www.devils-heaven.com/facebook-access-tokens/
I am using oauth.io to handle authentication in an Android app. I login using the service and then pass the access token to the server. As part of the server-side verification, I make a call to https://graph.facebook.com/debug_token?input_token={user access token}&access_token={app token}. I was receiving a response with the error message "(#100) The App_id in the input_token did not match the Viewing App".
I took this to mean that the app that generated the access token was not the same as the app that owns the app token I was sending in the request. Upon further inspection, I noticed that when I debugged the token with Facebook's tool (https://developers.facebook.com/tools/debug/accesstoken) I was seeing a different app id that belonged to oauth.io itself instead of my app. Since the app token is based on the app id and app secret, it obviously would not be correct if it was expecting oauth.io's app token.
Is there any way to continue using the debug_token endpoint through Facebook with a token generated by oauth.io?
Sorry this is a bit late - but it may still help you :) I had the same issue. In my perl code, I just did:
use LWP::Simple;
my $check_session_first = LWP::Simple::get("https://graph.facebook.com/me?access_token=$in->{token}");
if (!$check_session_first) {
print $IN->header;
print Links::SiteHTML::display('error', { error => qq|Sorry, we couldn't log you in. |});
return;
}
Basically, if $check_session_first is empty, then it means the session isn't valid. If its valid, it'll return a JSON object (which in my case, I process using the "JSON" perl module)
I am working with facebook graph api rsvp_event. I am using javascript SDK. Everything works great when the user is logged in. But when the user is not logged in, it gives an error.
I need information about who is attending a public event. I now understand that I would need an access token to retrieve this information. So, my question is how do I get the access token if no user is logged in? Is it impossible or is there a workaround? Could it be done server side using app_id and client_secret?
I am developing a ColdFusion page, but I can use PHP if needed. I have support for both.
I have heard the term *offline_access_permission*. They have removed this feature. Could it be done when it was still available?
EDIT:
Could this be achieved by test user? Say, on server side I login via test user, get the event information (Just a "get" request to read who is attending an event) and then log off. On the client side I do the rest ( user login, rsvp to an event).
I don't know much about "test user" or its purpose. Can anyone confirm whether this can be achieved or not?
Thanks in advance.
Are you sure you actually need the user's access token? According to documentation here you may need:
- a generic access_token for public events (those whose privacy is set to OPEN)
- a user access_token for a user who can see the event for non-public events
- an app access_token (for non-public events, must be the app that created the event)
- a page access_token (for non-public events, must be the page that created the event)
You can get info on how to get those tokens here https://developers.facebook.com/docs/concepts/login/access-tokens-and-types/
A good idea could be to store the attending users (in the DB) when you have access to the event - when some user is logged in.
UPDATE for getting the data from FileContent.
I don't know what API response exactly you are referring to, but from my experience they are returning data:
- serialized using JSON - you need to use DeserializeJSON(), for example like this:
local.returnStruct = DeserializeJSON( local.requestResult.FileContent );
or
local.returnStruct = DeserializeJSON( local.requestResult.FileContent.toString() );
send as something similar to URI. I'm using a function to get that data:
function getStructFromQueryString( queryString ) {
var ret = StructNew();
var i = 0;
var key = '';
for(i=1; i LTE ListLen(arguments.queryString,'&'); i++) {
key = ListGetAt(arguments.queryString, i, '&');
ret[ListFirst(key,'=')] = URLDecode(ListLast(key,"="));
}
return ret;
}
Basically what you want is a refresh token that can get access tokens when the user is offline, unfortunately facebook does not provide them anymore as far as i know.
To learn more about oauth2 pleas play around with https://developers.google.com/oauthplayground/ its a very nice tool to understand the oauth2 process.
I'm building a web application and I'm using OAuth to provide Facebook authentication. I've successfully generated an access_token and each time the user logs out/back in, I match their access_token to find their account. This works very well.
In addition, I'm building a Windows Phone 7 companion app. I've got the same process for authentication, using the Facebook SDK, but the access_token that is returned is different. This means I cannot match the account.
Since the logout/login to my web application appears to generate the same access_token repeatedly, I'm confused as to why the mobile app generates a different access token.
Can anyone tell me if the behaviour I'm expecting is correct? I've scoured the Facebook documentation, but can't find anything relevant. Maybe OAuth isn't the correct thing to do here.
Each time I logged in, the code would return a different access_code value. I needed to add a new field called "response_type" with a value of "code". This then redirected me to the login page and responded with the correct token, which I then exchanged for an access code.
To generate the URL, this was the code:
Facebook.FacebookOAuthClient client = new Facebook.FacebookOAuthClient();
client.AppId = "285539721457932";
client.AppSecret = "65233641cf71e6fa9fef5ecd7d802ebf";
client.RedirectUri = new Uri("http://www.imaybelate.com/Account/FacebookCallback");
url = client.GetLoginUrl(new Dictionary<string, object>()
{
{ "display", "wap" },
{ "response_type", "code" },
{ "permissions","offline_access"}
}).ToString();