Im making an application on Phonegap, and therefore using javascript. I have added the facebook plugin, and everything seems to work fine. The user can log in and make app requests to friends using the FB.ui:
FB.ui({method: 'apprequests',
message: 'Try this application, and get ready to Guess This Sound!'
}, requestCallback);
The dialog pop up, and when I send an invitation my requestCallback method return OK
function requestCallback(response){
alert("response " + response);
}
However, my friends do not receive any notification about the request. My application is no longer i sandbox mode, and I can't figure out whats the problem is. Since Im using phonegap, I have added ios and android platform on facebook, and I guess no canvas URL is needed.
UPDATE
Some users do now receive the notifications from the application, but not everyone.However, when my friend clicks on the notification he receive this message: "The requested page can not be viewed right now. It could be temporary unavailable." Is it because my application is not available on google play and app store for the moment?
You have to Add app in your developer account
facebook -> Apps -> "You app" -> Setting -> add platform -> App on Facebook -> Add any URl
Now you will get app request notification
The problem was due to wrong set up in facebook developer API. The error still remains, but is because the app is not released yet. To see the solution to this, see:
Facebook invite request error android
Related
I have a web-app built with the AWS Amplify framework. I rely on Cognito Hosted UI w/ identity federation for registration and login. In reviewing the registrations for my app, I noticed that it got 70+ registrations, but of these only 12 went on to create user profiles. I tested creating an account and signing in through each identity provider (Amazon, Google, Facebook) as well as through standard signup with an email and password. I never had any issues.
I started testing more heavily on mobile and eventually I started to encounter the an error. I plugged my mobile device into my laptop, navigated to chrome//:inspect and checked the network tab and JS console. Only when my chosen identity provider required an OTP code, I noted that I was getting invalid_request and invalid_grant errors on after I input the code and continued with sign-in, even though registration seemed to work (I say registration seemed to work because I received AWS credentials in the initial response and amplify-signin-with-hostedUI was set to true in localStorage. Also, when I open the AWS Console and go to Cognito, I can see that I've been added as a user in my User_Pool).
If I refresh the browser at this point, it seems a new request is sent off to /token, but it comes back with a 400 error with the invalid_grant message.
I kept poking around and eventually found something interesting. There are three tabs involved in the login process, and I think this is somehow messing things up. On mobile, when I try to register or login with the Cognito Hosted UI, I am first met with the Federated Identity Provider buttons and email/password page.
First I got to my website (Tab One). Then I click sign-up and the Hosted UI page pops up (Tab Two). I select one of the login methods (Amazon, Google, Facebook, or Email/Password). If the selected method requires no OTP, I'm golden. I'm redirected to my web app and the app works fine. If my selected method requires an OTP, a new tab opens (Tab 3) which asks for the token. At this point, I can see in Chrome devtools that an error occurs on this tab (Tab 3).
After plugging in the OTP code and clicking sign-in, I'm redirected, as expected, back to the my web-app, but this redirect occurs in the original tab (Tab One), however with a query string added to the URL (/?code=). If I click the view tabs button, I see that the Hosted UI tab (Tab Two) is still open and still has the Cognito Hosted UI buttons/username+password page open. Not sure if that's important.
Now on Tab One with my web app, I don't immediately see any errors in Chrome devtools. But I can see that my app is unable to load. If I wait, it just loads and loads forever. If I refresh the page, then at this point I see a new request to /token fire off in the Network Tab of Chrome DevTools and it comes back with the 400 error invalid_grant response.
Has anyone else encountered this issue or found a resolution?
Thanks in advance!
I've installed the Android app on facebook developer app page, set everything in the same manner as for the app for which there was no such error. Opening for Facebook login the exact same URL that works for the other app:
"https://www.facebook.com/v2.8/dialog/oauth?
client_id=myClientId
&scope=publish_actions
&response_type=granted_scopes &redirect_uri=https://www.facebook.com/connect/login_success.html"
);
I've added https://www.facebook.com/connect/login_success.html to the Valid Oauth URIs in my app settings of course. My app has everything set the same way for both apps, except for their package names, yet for this one I get 'URL blocked: This redirect failed because the redirect URI is not whitelisted in the app's Client OAuth Settings.' But it is!
So I don't understand, obviously Facebook sends me the wrong error message so it's impossible to figure out where's the bug.
I've solved it by waiting about an hour and trying again. So apparently this is not mentioned in the docs anywhere but it can take really long before a new Facebook app gets registered and until then no URI can be whitelisted. This means if you just added your app and you're getting this error message no matter what you've tried of the dozens of suggestions you find on the web, it's most likely not your fault, just wait. I wish I knew this before trying all those things.
I'm building a ASP.NET (4.6) WebApi project and I'm using ASP.NET Identity to authenticate with Facebook, Google and Microsoft to my API. I have managed to authenticate with Google and Microsoft, but not with Facebook.
I'm using Visual Studio 2015
The problem is that I get access denied every time I authenticate. The scenario goes like this:
I make an API call to localhost:2975/api/Account/ExternalLogins?returnUrl=%2F&generateState=true through my browser.
I receive a link to my API for every external provider my API support. In the Facebook case I got localhost:2975/api/Account/ExternalLogin?provider=Facebook&response_type=token&client_id=self&redirect_uri=http%3A%2F%2Flocalhost%3A2975%2F&state=99...01
I go to that link with my browser, and gets redirected to the Facebook login page.
I authenticate to Facebook, and a dialog window appears and asks permission for the requested information about me.
I accept and gets redirected back to my API with the error "access_denied". localhost:2975/api/Account/ExternalLogin gets called.
I haven't figured out where the problem comes from, whether its some permission setting in my Facebook app, the Facebook user I log in with, or if the problem lies in the ASP.NET Identity template.
Regarding Facebook I have created a test app of my app, as well as pushed it as a live app. I can find the app on my Facebook profile, and I've removed it several times. My Facebook profile has the administrator role of the app. I have created test users, as well as added a friend of mine as developer/tester of the app. The problem remains. I read somewhere that there should be a pending request for the app that I should accept, but I haven't found any.
Regarding the ASP.NET Identity template the error is received very early in the process:
AccountController.cs:
public async Task<IHttpActionResult> GetExternalLogin(string provider, string error = null)
{
if (error != null)
{
// This is where the API comes in step 5 above
return Redirect(Url.Content("~/") + "#error=" + Uri.EscapeDataString(error));
}
if (!User.Identity.IsAuthenticated)
{
// This is where the API comes in step 2 above before it redirects me to Facebook login
return new ChallengeResult(provider, this);
}
ExternalLoginData externalLogin = ExternalLoginData.FromIdentity(User.Identity as ClaimsIdentity);
// Untouched logic
// ....
}
When I use Google Chromes Network tool I can see that I gets redirected to this link:
facebook.com/login.php?skip_api_login=1&api_key=XXX&signed_next=1&next=https%3A%2F%2Fwww.facebook.com%2Fv2.6%2Fdialog%2Foauth%3Fredirect_uri%3Dhttp%253A%252F%252Flocalhost%253A2975%252Fsignin-facebook%26state%3D...%26scope%3Demail%252Cpublic_profile%26response_type%3Dcode%26client_id%3D...%26ret%3Dlogin%26logger_id%3D...&cancel_url=http%3A%2F%2Flocalhost%3A2975%2Fsignin-facebook%3Ferror%3Daccess_denied%26error_code%3D200%26error_description%3DPermissions%2Berror%26error_reason%3Duser_denied%26state%3D...%23_%3D_&display=page&locale=sv_SE&logger_id=...
There is a cancel url with predefined error: "access_denied", error code: 200, reason: "user_denied", so maybe the "access_denied" error I receive isn't very accurate?
Other relevant code I can come up with is in Startup.Auth.cs (I never get to the OnAuthenticated part though):
var facebookOptions = new FacebookAuthenticationOptions()
{
AppId = "XXX",
AppSecret = "XXX",
Scope = { "email", "public_profile" }
};
facebookOptions.Provider = new FacebookAuthenticationProvider()
{
OnAuthenticated = (context) =>
{
context.Identity.AddClaim(new Claim("urn:facebook:access_token", context.AccessToken, ClaimValueTypes.String, "Facebook"));
context.Identity.AddClaim(new Claim("urn:facebook:email", context.Email, ClaimValueTypes.Email, "Facebook"));
return Task.FromResult(0);
}
};
app.UseFacebookAuthentication(facebookOptions);
It feels like I've tried everything. Any ideas on how to solve this?
Thanks in advance!
Update NuGet packages solved my issue.
From this post in the line
context.Identity.AddClaim(new Claim("urn:facebook:email", context.Email, ClaimValueTypes.Email, "Facebook"));
the context.Email is null.
try to update the nuget package which Microsoft.Owin.Security,Microsoft.Owin.Security.Facebook and so on
Those who were unable to resolve the issue by just updating nuget packages, it might help.
Our Web App was working fine with External Login, what was happening before was our app redirected the users to Facebook or Google for authentication and returned the relevant details from their account. But then this issue arises in which the redirect url contains an error with a value Access_Denied. which is not descriptive at all so you need to manually find the errors.
After a lot of debugging and nuget updates I was still unable to resolve the issue and then it turned out the solution was the IP whitelisting for the server as our IT team and few developers changed the the server settings or migrated the website to new server which obviously had a different IP. Hence, I added the IP address in Facebook dev console to whitelist the address and it worked like a charm.
Whereas, Google authentication was fixed without whitelisting anything, just updating the nuget packages did the job.
I have configured the Facebook Webhook of my app, that it sends a call when a change has happened on my (user)feed. When I post something on Facebook via my laptop or mobile browser, the Webhook triggers.
But when I post something via the native iOS app, it doesn't trigger.
Does anyone have an idea about this?
I'm trying to create manual Facebook login in iOS using UIWebView for the login flow
for learning propose. I know there is framework for this.
Any way I'm starting with :
First
https://www.facebook.com/dialog/oauth?client_id=80xxxxx03174&redirect_uri=http://www.
facebook.com/connect/login_success.html&scope=user_friends&response_type=token&display=
touch
Redirects me to :
https://m.facebook.com/v2.0/dialog/oauth?redirect_uri=http%3A%2F%2Fwww.facebook.com%
2Fconnect%2Flogin_success.html&scope=user_friends&response_type=token&client_id=
80xxxxx03174
Redirects me again to error
https://m.facebook.com/login.php?skip_api_login=1&api_key=8072xxxx03174&signed_next=1&
next=https%3A%2F%2Fm.facebook.com%2Fv2.0%2Fdialog%2Foauth%3Fredirect_uri%3Dhttp%253A%252F%
252Fwww.facebook.com%252Fconnect%252Flogin_success.html%26scope%3Duser_friends%
26response_type%3Dtoken%26client_id%3D8072922xxx174%26ret%3Dlogin&cancel_uri=http%3A%2F%
2Fwww.facebook.com%2Fconnect%2Flogin_success.html%3Ferror%3Daccess_denied%26error_code%
3D200%26error_description%3DPermissions%2Berror%26error_reason%3Duser_denied%23_%3D_&
display=touch&_rdr
Now the user and the app do exists.
I tested the first ( no'1 ) URL in the browser and it returns me the access_token back
UPDATE:
I found out the number 3 request is invoking twice and in the first time I present the WebView and then in the second time it sends this. I try to present the same web view that is already presented and I got exception.
So way do this request send it self twice?