I have the facebook page and all photos and albums are public.
I've used previously this query for get all albums:
https://graph.facebook.com/67695062976/albums
Now this query writes this error:
An access token is required to request this resource.
My javascript function for get all albums:
getAlbums: function()
{
$.get('http://graph.facebook.com/67695062976/albums?callback=?', {
}, function (res) {
$('#AlbumsContent').html("");
$.each(res.data, function (key, value) {
var image = res.data[key];
$('#AlbumsContent').append('<div class="PhotosAlbums"><a id="buttonPhotosAlbums'+image.id+'" href="album-'+image.id+'"></a><div class="PhotosAlbumsName">'+image.name+'</div></div>');
});
}, "json");
},
How can i fix this problem in javascript side?
You need an Access Token for almost everything now, for public stuff of pages you can just use an App Access Token, which is the App Id and The App Secret, combined with a pipe:
App-ID|App-Secret
There you go:
https://graph.facebook.com/67695062976/albums?access_token=App-ID|App-Secret
If you did not create an App yet, this is where you do it: https://developers.facebook.com/apps
Related
in my django project, i have a url that has login_required set, because i need the request.user variable in it to process some data,
i also created a simple chrome extension where i'm going to have to send requests to that django project url.
i do not want to use the username and password in the extension to login and send the request
i want to:
redirect the user when the extension is installed to the my website
they will login,
the extension will know that the user has logged in and it will get (and save) a key that i could maybe inject in the page after login is successful
the key can be used as a query parameter in the request in order to identify the user without any username and password
i'm sorry if this seems as a stupid question, but i'm very confused on how to do this
PS: i have already a system in place where the user can use a key in order to make requests without logging in,
i just need a way to open a tab when the extension is installed, and login then get the key (which is injected in the page after login), and save it to use it in the extension later.
When the extension is opened for the first time, I'm showing the user a login page. The login page sends the username & password to an API where they are authenticated. If the information is correct, the required user info is returned (mainly the API key). The information is then saved to local storage.
var username = document.querySelector('[name="username"]');
var password = document.querySelector('[name="password"]');
$.ajax({
URL : 'https://example.com/api/extension-auth/',
type: 'POST',
crossDomain: true,
data: JSON.stringify({
'username': username.value.trim(),
'password': password.value.trim(),
}),
success: res => {
if (res.api_key) {
browser.storage.sync.set({ 'user_data': {'api_key': api_key} }, () => {
// show extension main logged in page
});
}
else {
// show invalid login information alert
}
},
error: function (err) {
// show server error aler
},
});
Everytime the extension is opened the local storage is checked
browser.storage.sync.get('user_data', data => {
if (data.user_data) {
if (valid_api_key(data.user_data.api_key)) {
// show extension main logged in page
}
else {
// show login page
}
}
else {
// show login page
}
});
the valid_api_key function makes a random call to the API to check if there is not an authentication error.
Then, I use the saved API key from local storage to do API requests.
I m new to loopback and don't know how to do following things in loopback
I want to set access token and other value in a session using middleware for that I found this thing in server folder of loopback
"session": {},
in middleware.json but don't know how to use this because there is not much documentation
I want to condition in session middleware like if I has session value then continue else throw to login page
note i already install this npm install express-session
Could you be a little more specific about what you want? but I'll explain a little bit about how authentification sessions are handled, there are two native ways you treat it all; The first one would be using a more raw reading pulling for modeling of your api and the second would be to use the JWT in aligned with accessToken and Passport.JS.
There are two examples available today with Loopback 3.x
loopback-example-user-management
loopback-example-passport
Basically using the raw reading with app.post('/login', function(req, res) then if your client is successfully authenticated you generate a cookie using your client's accessToken, example res.cookie('access_token', token.id, { signed: true , maxAge: 300000 }); res.set('X-Access-Token', token.id); and finally if you want you can transport the generated token to your pages:
res.render('home', {
email: req.body.email,
accessToken: token.id
});
Now with Passport.JS a middleware is used to secure all your connection and authentication:
app.middleware('session:before', cookieParser(app.get('cookieSecret')));
app.middleware('session', session({
secret: 'Seal Playing Saxophone',
saveUninitialized: true,
resave: true,
}));
passportConfigurator.init();
One of the authenticated page rendering pillar is var ensureLoggedIn = require('connect-ensure-login').ensureLoggedIn; you can use this ensureLoggedIn('/login') to free up your routes:
app.get('/auth/account', ensureLoggedIn('/login'), function(req, res, next) {
res.render('pages/loginProfiles', {
user: req.user,
url: req.url,
});
});
Now if you just want to skip this all and already have your environment set up and just want to create a route to get the accessToken of the logged in client use the template below;
app.get('/session-details', function (req, res) {
var AccessToken = app.models.AccessToken;
AccessToken.findForRequest(req, {}, function (aux, accesstoken) {
// console.log(aux, accesstoken);
if (accesstoken == undefined) {
res.status(401);
res.send({
'Error': 'Unauthorized',
'Message': 'You need to be authenticated to access this endpoint'
});
} else {
var UserModel = app.models.user;
UserModel.findById(accesstoken.userId, function (err, user) {
// show current user logged in your console
console.log(user);
// setup http response
res.status(200);
// if you want to check the json in real time in the browser
res.json(user);
});
}
});
});
I hope I have illuminated your ideas :] I am here to answer your questions.
I am using the OffAmazonPayments JS library to allow users to log into their Amazon account, access their address book, and eventually to pay with their Amazon account. The AddressBook widget will let me retrieve general address info, but without the address consent token, I cannot get the street address.
http://docs.developer.amazonservices.com/en_US/off_amazon_payments/OffAmazonPayments_GetOrderReferenceDetails.html
This link indicates that I can retrieve the address consent token from the Button object after authentication, but it's not clear how that works; in the definition of the sign-in Button, there's an "onSignIn" callback which receives an orderReference object, but that object doesn't seem to contain any such token.
Please see the Amazon Payments documentation..specifically this page: https://payments.amazon.com/documentation/lpwa/201953150
As you can see in the following code snippet (taken from said page) you can retrieve the token from the "amazon.Login.authorize(...)" function.
Note: You first must include in the "scope" parameter "payments:shipping_address" as one of your scopes in order to get the "address consent token". Below I'm including other scopes so you can see how to list more than one.
The CAPS words/parameters would be replaced by your own desired parameters.
<script type="text/javascript">
var authRequest;
var addressConsentToken;
OffAmazonPayments.Button("AmazonPayButton", "YOUR_SELLER_ID", {
type: "ENTER_TYPE_PARAMETER",
color: "ENTER_COLOR_PARAMETER",
size: "ENTER_SIZE_PARAMETER",
language: "ENTER_LANGUAGE_PARAMETER",
authorization: function() {
loginOptions = {scope: "profile payments:widget payments:shipping_address",
popup: "ENTER_POPUP_PARAMETER"};
authRequest = amazon.Login.authorize (loginOptions,
function(response) {
addressConsentToken = response.access_token;
});
},
onSignIn: function (orderReference) {
var referenceId = orderReference.getAmazonOrderReferenceId();
if (!referenceId) {
errorHandler(new Error('referenceId missing'));
} else {
window.location = "YOUR_REDIRECT_URL" + '?referenceId=' +
orderReference.getAmazonOrderReferenceId() +
"&access_token=" + addressConsentToken;
}
},
onError:errorHandler || function(error) {
// your error handling code
}
});
</script>
Hi i created a plugin portlet. In the JSP i am accessing all countries list by using JSON API. It is working fine for Logged in users. But for the Guest users i am unable to access the web service. I am working on Liferay 6.0.6. The following is my code.
Liferay.Service.Portal.Country.getCountries(
{},
function(result) {
for(var count=0;count< result.length;count++){
alert(result[count].name);
var option = document.createElement("option");
}
}
);
Assuming that you are using Liferay 6.1, you can achieve it by adding a property to portal-ext.properties file
json.service.public.methods=getCountries
If you need to check the whole flow checkout
JSONServiceAction
I think you need to pass the serviceContext with permissions to the Service.
Can you try by setting the communityPermissions and guestPermissions as VIEW ?
Liferay.Service.Portal.Country.getCountries(
{
serviceContext: jQuery.toJSON(
{
communityPermissions: communityPermission,
guestPermissions: guestPermission,
scopeGroupId: themeDisplay.getScopeGroupId()
}
)
},
function(result) {
for(var count=0;count< result.length;count++){
alert(result[count].name);
var option = document.createElement("option");
}
}
);
I found a work around for the above problem. I am unable to access JSON API because Liferay is using A.io.request for AJAX Calls which is available for Logged in Users only. So I have prepared the following code.
jQuery.ajax({
type: "POST",
url: '<%=themeDisplay.getURLPortal() %>'+'/tunnel-web/json?serviceClassName=com.liferay.portal.service.CountryServiceUtil&serviceMethodName=getCountries',
dataType: 'json',
success: function(countriesList) {
alert(countriesList);
alert(countriesList[0].countryId);
}
}
});
I am not familiar with using Facebook Javascript SDK.
My story is when I access to the website It displays all my friends(pic and name) on a webpage.
I registered Facebook API and App ID
I put website URL as http://localhost:81/ because I am testing my own local machine.
Do you have any good example website or good examples?
Please share with me
Thank you.
First your app should use required permissions like,
user_birthday, friends_birthday, user_location , friends_location...
( for more permissions)
Get info about current user:
FB.api('/me', function(response) {
// Stuff here
});
Get info about current user's friends:
FB.api('/me/friends', function(response) {
// Stuff here
});
you will get the response like,
{data: [{id: "FRIEND1_ID", name: "FRIEND1_NAME"}, {id: "FRIEND2_ID", name: "FRIEND2_NAME"}]....}
If you want get some more properties of your friends, use FIELDS parameter, like
FB.api('/me/friends', {fields: 'name,id,location,birthday'}, function(response) {
// Stuff here
});
If want to get individual user's friend info:
FB.api('/FRIEND1_ID', function(response) {
// Stuff here
});
Try this Example Site
Direct Access Method:
Log into Facebook under your name. If you need an "Access Token", Click on the Extended Permissions and click the "read_friendlist" check box to get your Access Token and then
submit your query. You may need to "Allow" access, so just follow the prompts given.
Voila! You now have the usernames for everyone on your Friends List. The "username" parameter in the query will give you the contact email "message to that person" and you append #facebook.com and send them a message. Very simple.
http://developers.facebook.com/tools/explorer?fql=SELECT%20username%20FROM%20user%20WHERE%20uid%20IN%20%28SELECT%20uid2%20FROM%20friend%20WHERE%20uid1%20%3D%20me%28%29%29%20ORDER%20BY%20name
-SAB