I'am developing android application with facebook login and laravel REST API server. After user login on mobile, app get token which is sent to my server. On server I want get facebook user details by token.
Facebook SDK for PHP provides methods for that:
$session = new FacebookSession('token');
$me = (new FacebookRequest($session, 'GET', '/me',))->execute()->getGraphObject(GraphUser::className());
Can Laravel Socialite obtain user facebook details based on that token? Or just use that Facebook SDK?
I submitted a pull request to the repo which was accepted to the 2.o branch. You should be able to call Socialte::driver('facebook')->userFromToken($token) now.
https://github.com/laravel/socialite/pull/126
Cheers.
You can also extend your Socialite Facebook Provider.
For example;
Create a class as SocialConnect in App/Library folder
namespace App\Library;
use Laravel\Socialite\Two\FacebookProvider;
class SocialConnect extends FacebookProvider {
public function userFromToken($access_token)
{
$user = $this->mapUserToObject($this->getUserByToken($access_token));
return $user->setToken($access_token);
}
}
Then add these lines in boot method on your App/Providers/AppServiceProvider.php
$socialite = $this->app->make('Laravel\Socialite\Contracts\Factory');
$socialite->extend(
'SocialConnect',
function ($app) use ($socialite) {
$config = $app['config']['services.facebook'];
return $socialite->buildProvider(SocialConnect::class, $config);
}
);
Ready for use!
Socialite::driver('SocialConnect')->userFromToken($accessToken)
You can also add new methods as you wish in your SocialConnect class.
There is a method getUserByToken implemented in the Facebook Service Provider, however it's protected and only used internally to get the user details.
So you're better off using the Facebook SDK.
Related
I'm developing a Facebook authentication system using the Graph Api v2.8.
The website that makes the request requires the user's email.
Problem: the app is added on the user's Facebook regardless he unchecks or not the email permission option.
Is there any way of preventing the app being added on the user's facebook when he refuses to share his email?
If not, how can I remove the app from the user's facebook?
Thks in advance.
Here is one possible solution that solved the problem, by removing the app from the user's Facebook:
$response = $fb->get('/me?fields=first_name,last_name,email');
$userNode = $response->getGraphUser();
if (!isset($userNode['email']) || (isset($userNode['email']) && !$userNode['email'])) {
$fb->delete($userNode['id'] . '/permissions');
}
The line:
$fb->delete($userNode['id'] . '/permissions');
deletes the user app.
I got some of the APP's APIs.
When I use the browser to access these APIs, the browser popup window tell me to fill in the username/password, Then I tried to fill out my username/password and found that I passed the verification!
Then I tried to write the code
var myClientHandler = new HttpClientHandler();
myClientHandler.Credentials = new NetworkCredential("abc", "!##");
this._client = new HttpClient(myClientHandler);
this._client.BaseAddress = new Uri("http://api.xxx.com");
var result = await this._client.GetStringAsync("some_api_foo.json");
Run well!
(We know that if there are no NetworkCredential, there will be 401 unauthorized exception)
But I found out that the official APP could access some of the APIs without the user logging in. How does it work? Does it use a public account? Or is there another way to access the APIs?
It uses Windows integrated authentication (Kerberos) to authenticate your users without asking them for credentials
Use Fiddler >check Authorization Header is present: Basic xxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxx is Username:Password(Base64)
Decrypt it!
I need to integrate my web application with Rally. Using Rest Rally API(Java), though I am able to create a User story from a stand alone program hardcoding my APIKey. But how do i create it using oauth authentication in java. I did get that through oauth authentication, we will get an access token. but how do i make use of that access token for using Rally rest API since, it accepts either API Key or userName/pwd for that. Any help on authentication will be appreciated. Thanking in advance.
String host = "https://rally1.rallydev.com";
RallyRestApi restApi = new RallyRestApi(new URI(host), "my_APIKey-XXXXXX");
// Creating a User Story
JsonObject newStory = new JsonObject();
newStory.addProperty("Name", "test User Story");
newStory.addProperty("Project", projectRef);
newStory.addProperty("Workspace",workspaceRef);
newStory.addProperty("Iteration", iterationRef);
newStory.addProperty("Release", releaseRef);
newStory.addProperty("Description", "Test Description");
newStory.addProperty("Notes", "test Notes");
newStory.addProperty("c_AcceptanceCriteria","Test acceptance criteria");
CreateRequest createRequest = new CreateRequest("hierarchicalrequirement", newStory);
The Rally Rest Toolkit for Java does not currently support OAuth/SSO. API Keys are the best way forward currently.
I have a web service that servers Android, IOS and Windows Phone. Each app connects to Facebook using native SDK and passes the fb_user_id and access_token when performs API's requests. The API should retrieve the user and friends details and save them on MySQL.
The system works fine, except that it can't return friend's retionship, location and birthday.
$fb = new Facebook([
'appId' => my_app_id,
'secret' => my_app_secret
]);
$r = $fb->api("$fb_user_id/?fields=friends.fields(relationship,birthday,location)&access_token=$access_token");
var_dump( $r );
My app on Facebook has friends_relationships, friends_location and friends_birthday permissions. When we test using a Facebook user setted as developer, the app returns all the information, but when a non-developer uses we can't return those informations.
Any idea?
I figured what happened!
Facebook's SDK generates a token for /me. In PHP I was calling fb_user_id?fields=friends.fields(id,name,birthday,etc). But requests with /fb_user_id can't return info with a /me generated token.
It works when used directly on browser https://graph.facebook.com/me?fields=friends.fields(id,name,birthday,etc), but fails when called by Facebook's PHP class:
An active access token must be used to query information about the current user.
My solution:
$url = "https://graph.facebook.com/me?fields=id,name&access_token=$this->access_token";
$this->me = file_get_contents ( $url );
$json = json_decode($this->me, true);
For further information, checkout this answer. New ideas are welcome.
Is there any graph API available to logout a user from facebook? My application is able to succesfully retrieve user information and post on a user's wall. The problem is after authorization the facebook user is left in logged-in state and control goes back to my application. I want to logout the user after authprization is over and before the control comes back to my application. I want to use graph API and do it at the back end being implemented in Java.
Thanks.
Facebook PHP SDK uses a function like this:
public function getLogoutUrl($params=array()) {
return $this->getUrl(
'www',
'logout.php',
array_merge(array(
'next' => $this->getCurrentUrl(),
'access_token' => $this->getAccessToken(),
), $params)
);
}
Which creates a URL like:
https://www.facebook.com/logout.php?next={YOUR_ENCODED_URL}&access_token={YOUR_ACCESS_TOKEN}
I believe the encoded URL must be owned by the application to whom the access_token belong.
If you get that URL right, it'll work (just tried for one of my applications)
No, you cannot log-out a user programatically via Java. You should create a logout link or button on the page instead.
you can use below code for logout from app
$logoutUrl = $facebook->getLogoutUrl();
echo 'Logout';
replace above code in
try{
//above code
} catch {
//other code
}