I'm a Facebook app developer. I have developed some apps. Everything was working good.
I have not developed any apps for the past 6 months. Now I started to develop an app with existing code. It is not working like what I expected. I don't know why. I have checked the coding with old apps. Everything is fine.
FB.getLoginStatus(function(response) {
if (response.status === 'connected') {
} else {
loginUrl = "https://www.facebook.com/dialog/oauth/?client_id=" + appId + "&redirect_uri=https://apps.facebook.com/appname/&scope=email,user_activities,user_likes,publish_actions,read_stream,publish_stream";
top.location.href = loginUrl;
}
}, true);
I couldn't post on my facebook wall. Error ((#200) The user hasn't authorized the application to perform this action) is coming.
Please advice.
The authorization did not work. Use FB.login for authorization: https://developers.facebook.com/docs/reference/javascript/FB.login/v2.1
Important note: Call it on user interaction, and NOT in the (asynchronous) callback function of FB.getLoginStatus. You should not directly present the authorization screen/popup to the user right when he opens your App/Website anyway.
Also, publish_stream is deprecated, publish_actions is the only permission you need for posting.
Related
I'm building a ASP.NET (4.6) WebApi project and I'm using ASP.NET Identity to authenticate with Facebook, Google and Microsoft to my API. I have managed to authenticate with Google and Microsoft, but not with Facebook.
I'm using Visual Studio 2015
The problem is that I get access denied every time I authenticate. The scenario goes like this:
I make an API call to localhost:2975/api/Account/ExternalLogins?returnUrl=%2F&generateState=true through my browser.
I receive a link to my API for every external provider my API support. In the Facebook case I got localhost:2975/api/Account/ExternalLogin?provider=Facebook&response_type=token&client_id=self&redirect_uri=http%3A%2F%2Flocalhost%3A2975%2F&state=99...01
I go to that link with my browser, and gets redirected to the Facebook login page.
I authenticate to Facebook, and a dialog window appears and asks permission for the requested information about me.
I accept and gets redirected back to my API with the error "access_denied". localhost:2975/api/Account/ExternalLogin gets called.
I haven't figured out where the problem comes from, whether its some permission setting in my Facebook app, the Facebook user I log in with, or if the problem lies in the ASP.NET Identity template.
Regarding Facebook I have created a test app of my app, as well as pushed it as a live app. I can find the app on my Facebook profile, and I've removed it several times. My Facebook profile has the administrator role of the app. I have created test users, as well as added a friend of mine as developer/tester of the app. The problem remains. I read somewhere that there should be a pending request for the app that I should accept, but I haven't found any.
Regarding the ASP.NET Identity template the error is received very early in the process:
AccountController.cs:
public async Task<IHttpActionResult> GetExternalLogin(string provider, string error = null)
{
if (error != null)
{
// This is where the API comes in step 5 above
return Redirect(Url.Content("~/") + "#error=" + Uri.EscapeDataString(error));
}
if (!User.Identity.IsAuthenticated)
{
// This is where the API comes in step 2 above before it redirects me to Facebook login
return new ChallengeResult(provider, this);
}
ExternalLoginData externalLogin = ExternalLoginData.FromIdentity(User.Identity as ClaimsIdentity);
// Untouched logic
// ....
}
When I use Google Chromes Network tool I can see that I gets redirected to this link:
facebook.com/login.php?skip_api_login=1&api_key=XXX&signed_next=1&next=https%3A%2F%2Fwww.facebook.com%2Fv2.6%2Fdialog%2Foauth%3Fredirect_uri%3Dhttp%253A%252F%252Flocalhost%253A2975%252Fsignin-facebook%26state%3D...%26scope%3Demail%252Cpublic_profile%26response_type%3Dcode%26client_id%3D...%26ret%3Dlogin%26logger_id%3D...&cancel_url=http%3A%2F%2Flocalhost%3A2975%2Fsignin-facebook%3Ferror%3Daccess_denied%26error_code%3D200%26error_description%3DPermissions%2Berror%26error_reason%3Duser_denied%26state%3D...%23_%3D_&display=page&locale=sv_SE&logger_id=...
There is a cancel url with predefined error: "access_denied", error code: 200, reason: "user_denied", so maybe the "access_denied" error I receive isn't very accurate?
Other relevant code I can come up with is in Startup.Auth.cs (I never get to the OnAuthenticated part though):
var facebookOptions = new FacebookAuthenticationOptions()
{
AppId = "XXX",
AppSecret = "XXX",
Scope = { "email", "public_profile" }
};
facebookOptions.Provider = new FacebookAuthenticationProvider()
{
OnAuthenticated = (context) =>
{
context.Identity.AddClaim(new Claim("urn:facebook:access_token", context.AccessToken, ClaimValueTypes.String, "Facebook"));
context.Identity.AddClaim(new Claim("urn:facebook:email", context.Email, ClaimValueTypes.Email, "Facebook"));
return Task.FromResult(0);
}
};
app.UseFacebookAuthentication(facebookOptions);
It feels like I've tried everything. Any ideas on how to solve this?
Thanks in advance!
Update NuGet packages solved my issue.
From this post in the line
context.Identity.AddClaim(new Claim("urn:facebook:email", context.Email, ClaimValueTypes.Email, "Facebook"));
the context.Email is null.
try to update the nuget package which Microsoft.Owin.Security,Microsoft.Owin.Security.Facebook and so on
Those who were unable to resolve the issue by just updating nuget packages, it might help.
Our Web App was working fine with External Login, what was happening before was our app redirected the users to Facebook or Google for authentication and returned the relevant details from their account. But then this issue arises in which the redirect url contains an error with a value Access_Denied. which is not descriptive at all so you need to manually find the errors.
After a lot of debugging and nuget updates I was still unable to resolve the issue and then it turned out the solution was the IP whitelisting for the server as our IT team and few developers changed the the server settings or migrated the website to new server which obviously had a different IP. Hence, I added the IP address in Facebook dev console to whitelist the address and it worked like a charm.
Whereas, Google authentication was fixed without whitelisting anything, just updating the nuget packages did the job.
Using this link facebook-phonegap-cordova-without-plugin I create an phonegap Facebook app. In that app application when I am login that application it working fine. It give me facebook friendlist, birthday, friend links and its allow to me to post on Facebook wall me and my friends Facebook wall. but when I logout and logging into another user then it allow me to login but its gives me that message The User hasn’t authorized the application to perform this action. And when I try to post some thing then it gives me that error This does not let testing post to Facebook your public profile is you name, profile and other public info
I am using
latest cordova build
In developer.facebook my application name is Testing
I am using API v1.0
following code is to share the post
function share() {
openFB.api({
method: 'POST',
path: '/me/feed',
params: {
message: 'Testing Facebook APIs',
},
success: function() {
alert('the item was posted on Facebook');
},
error: errorHandler});
}
Please remember its working fine for me but when I logging using another user then it gives me error.
Have you tried this while logging out the first user :
Revoke permissions :
openFB.revokePermissions(
function() {
},
errorHandler );
If it's working for you only then check if your app is in developer mode or not.
Go to your app facebook dashboard.
App review tab.
Check and turn on to make your app public.
Hope it helps with your question.
I have my application up which asked for the following permissions:
email,user_birthday,status_update,publish_stream,offline_access
I've implemented open graph now and tested it. It works perfectly, but after submission I have the following message from facebook
Your code is currently configured to publish a stream story. You must
change your code so that when the test user triggers the action it
produces an open graph story. Please make the appropriate changes and
resubmit.
From this blog post on facebook dev blog from april, it seems that 'publish_actions' is a subset of 'publish_stream' based on that I have some questions.
If that is true why do I need the publish_actions permission?
Do I need to take publish_stream out and put in publish_actions? But my game uses publish_stream to publish images from the game to albums. Which it will still be doing. What do I do about that?
How do I ask users for publish_actions at run time for these permissions if required and authenticate them without a reauthentication or reload. Any resources on that?
And for clarity here is my open graph publishing code
FB.api(
'/me/'+fAction,
'post',
sObject,
function(response)
{
if (!response || response.error)
{
for (var prop in response)
{
console.log(response[prop]);
callbackToFlash(0);
}
} else
{
console.log('success'+object);
callbackToFlash(1);
}
}
);
I am working on a django website which also allows users to sign in using their Facebook account. The login works fine, however I am not able to logout using Internet Explorer. The code seems to work fine on Firefox and Chrome.
Heres the code
function logoutFBUser()
{
//logout user from website and Facebook and reload
alert ("called FB logout");
if (FB.getAuthResponse())
{
alert ("has auth response");
FB.logout(function(response)
{
window.location.href = '/accounts/logout?next=/';
});
alert ("logged out of FB and redirected");
}
else
{
alert(" no auth response");
window.location.href = '/accounts/logout?next=/';
}
}
In Firefox, I get the alert of has auth response, however in IE, I get the alert no auth response. If I only use FB.logout without FB.getAuthResponse then the function hangs when it hits FB.logout.
What am I missing?
Finally solved this. I debugged into the javascript for FB.logout and for some reason it doesnt have the access_token which is why the call to FB.logout fails. Researching the Facebook documentation led me to this URL which I used for the logout process on my website successfully
Logoutlink from Facebook Documentation
https://www.facebook.com/logout.php?next=REDIRECT_URI&access_token=LOGGEDINUSER_ACCESS_TOKEN
Needless to say, I am using this on the serverside, so no need to use javascript any more.
Please refer Facebook Authentication documentation for more information.
http://developers.facebook.com/docs/authentication/
Thanks for all the help
I'm fairly new to the Facebook API, but I've tried to do my due diligence to figure this out, but I can't seem to. I'm simply trying to get a list of the logged-in user's albums, using various techniques, to no avail. I'm using the JavaScript SDK, and I have the following code:
<script src="http://connect.facebook.net/en_US/all.js"></script>
<script>
FB.init({
appId:'{MY_APP_ID}',
cookie: true,
status: true,
xfbml: true,
oauth : true
});
FB.login(function(response) {
if(response.status === 'connected') {
FB.api('/me/albums', function(response) {
console.log(response);
});
}
}, { scope : 'user_photos' });
</script>
Note that {MY_APP_ID} is actually my application ID. So, when this executes, the popup will request access to the users photos, and that works fine. Now, in code, response returns a data array that contains no elements. In addition to trying the above, I've tried initiating a JSON request to the following URL as well as directly visiting it in the browser:
https://graph.facebook.com/me/albums?access_token=" + response.authResponse.accessToken
And this returns an empty data array as well. The access token that I'm using is coming either from the FB.login method or FB.getLoginStatus. Any help would be greatly appreciated. Thanks in advance.
So, I figured it out, so I will answer my own question. All the other answers on SO was related to permissions, but this wasn't it. It turns out that if I looked at my account settings (I'm the 'user'), and looked at apps, for this application, for some reason, it showed it only was requesting the email address. I knew this wasn't correct, because I was clearly asking for user_photos as well. So, after deleting the application from my profile, and reinitiating the connect, it looks like I'm able to access the albums fine. I'm not sure if Facebook intended to do this by design, but it seems like a potential bug to me.
This can also happen if you're using the JS SDK, as that authentication process and auth dialog are apparently complete separate from what you set up in the developer app.
You need to ALSO include the permissions you desire when you call FB.login() using the optional scope parameter, eg...
FB.login(function(response) {
if (response.authResponse) {
M.FB.setIsAuthorised(true);
// On success.
} else {
// On failure.
}
}, {
scope: 'email,friends_birthday,user_photos,friends_photos,publish_actions'
});
I had a similar issue. Several solutions on stackoverflow mostly attributed the issue to the lack of required permissions. Check the permissions you need by using the Graph API explorer or documentation (The tables have a column called permissions for each field).
Jonathan's solution actually gave me a clue about where I went wrong. I had a different issue where I had double-checked all the permissions set for my app dashboard that were correct, but while logging in, I had specified a scope with a set of permissions which seemed to override the app settings. :( I found this strange, but I rectified it by including the other permissions in the scope too and my problem was resolved.
An effective way to see if the right permissions are being set through the code is to use the following code:
FB.api({ method: 'fql.query', query: 'SELECT user_status,friends_status,user_photos,friends_photos,user_location,friends_location FROM permissions WHERE uid=me()' }, function(resp) {
for(var key in resp[0]) {
if(resp[0][key] === "1")
console.log(key+' is granted');
else
console.log(key+' is not granted');
}
});
P.S: Also make sure that if you changed the permissions in the app dashboard, you log out of your application and login again before testing.
I wasted over 3 hours trying to fix this issue and facebook documentation did not help me a bit, so hope this helps someone!