I have written an application that is able to write posts from the command line, to a particular users account. This, with the required permissions, is successfully posting messages with location and places information.
My next step was to upload images to a user account, but the problem is, I'm getting the following error:
A user access token is required to request this resource.
Now the script that does the API post, does not run from a browser, but rather as a Linux service daemon implemented with PHP. This script contains a game loop, that posts messages, and uploads photos to participants accounts at certain times throughout the day, simulating a holiday their profiles are attending.
So when calling BaseFacebook::getUser from my application script, I get a result of 0, which means, that BaseFacebook::getAccessToken will return an application access token, rather than a user access token.
I checked also, and noticed that the protected method BaseFacebook::getUserAccessToken doesn't return a valid token, since the command line app has no session, and it has to post to separate different user accounts in succession, during the game loop.
As I mentioned, I am able to make posts, and even attach places to my posts, but is there a way to upload photos to different user accounts without requiring a user access token?
I understand that I can use offline_access, but this is being deprecated on 3 October 2012, which is the time when our clients application will already be running live.
The players/users of our app do however visit the application from time to time, so would it be possible to use a token from the browser, store it in our database, and just utilize that from the command line applciation?
The players/users of our app do however visit the application from time to time, so would it be possible to use a token from the browser, store it in our database, and just utilize that from the command line application?
That’s exactly the way to go.
And this document describes how to handle these token, how to get long-lived ones, etc. – https://developers.facebook.com/roadmap/offline-access-removal/
And https://developers.facebook.com/blog/post/2011/05/13/how-to--handle-expired-access-tokens/ is also something that one should have read.
Related
Ok, I hope I don't get too beat up here for this question as it is kind of complex. At least in my view, with what I know so far. So the details first:
I built a nice app with django that brings in event data for users, utilizes that data for many things (not relevant to this question) but one of the things is that it syncs these events to the users Google calendar. I made the google app within the developer console, and it uses the provided credentials.json file to allow users to authenticate the app, thus creating individual user token.json files per user, then I have another script (not within django, just a custom python file) that runs from a cron job to automatically sync/ update the calendar info from the database to the google calendars.
Now, the new problem is having this work without my help. IE: a new user logs in and creates a profile, then if they should choose to sync to their Google calendars I have to be there, running the authentication process from my personal server. So I did that, by moving the whole app to a hosted platform and brought it up to speed in production mode.
Users can create a profile, using django-allauth it works to make an initial user account where they can fill in the rest of the profile. It does populate the token string for their account, but here is where I'm stuck.
What process is there to make the token.json file OR use the existing token string (the one it saves now on the server version) to allow the system to sync the calendars? Once the token files are created, the rest of this works. I just can't get the right answers to how django-allauth will handshake with Google and do this?
Thanks for any help!
Update: ultimately wound up using a service account with google api, and directing my users to combine the service account email (adding it as a shared user to the specific calendar) and they copy/paste the shared calendar ID in their profile on my app. All the logic now just uses this share function to sync the calendars, and it works great.
Apps are no longer being reviewed, but I need a permanent access token for a current project.
Does anyone know how to extend the access token. The current "extend access token" button that extends the token by 60 days results in this error. As does any request with an "unverified" app id.
facebook.GraphAPIError: (#200) Access to this data is temporarily disabled for non-active apps or apps that have not recently accessed this data due to changes we are making to the Facebook Platform. https://developers.facebook.com/status/issues/205942813488872/
According to Facebook:
"Beginning April 4, 2018, all apps, including those formerly approved,
must undergo App Review in order to gain access to the Events API,
Groups API, and Pages API. Apps accessing the Events API and Groups
API will lose access and require review once App Review resumes. For
apps using Pages API, review will be required once App Review resumes
or access will be removed."
You can read more about it here:
https://developers.facebook.com/docs/apps/review
https://developers.facebook.com/docs/graph-api/changelog/breaking-changes/?translation&hc_location=ufi#groups-4-4
Regarding the error that you receive, I currently have two applications. One which I've been using regularly and one that I haven't used for the past 6 months.
If I send a request to extend my token for the latter one, I receive the same error (which makes sense according to the error message), but if I send a request with the first one, I am able to extend the access token and get the expected response.
Please update us, once the problem is getting solved, let me know how much time Facebook team is taking to review.
I've created a Glass app in Python. I began with the mirror quickstart for Python and have my app running fine except some users are getting multiple notifications. I only have one row per user in my Credentials table, however when I go and look at my own Authorized Access on my account I see that I have my Glass project listed 8 separate times.
Can anyone tell me how to check and see if the user has previously granted access to my app when they sign in and if so then skip creating a new token.
You can use the user's ID to prevent storing more than one credential for each user.
When you complete the OAuth flow, you'll receive an ID token along with the access and refresh tokens. If you decode this token, you'll see something like this:
{
"iss":"accounts.google.com",
"at_hash":"HK6E_P6Dh8Y93mRNtsDB1Q",
"email_verified":"true",
"sub":"10769150350006150715113082367",
"azp":"1234987819200.apps.googleusercontent.com",
"email":"jsmith#example.com",
"aud":"1234987819200.apps.googleusercontent.com",
"iat":1353601026,
"exp":1353604926
}
The sub key is the one you're interested in. Use this value to uniquely identify your user. If you see a user authenticate with a user ID that you already know, replace the old value.
If you update your question to include the code you're using for your OAuth flow, we can provide more specific advice. Or, you can learn more about this from Google's OAuth documentation.
Facts:
I'm running a FB contest where users are entered into a drawing simply by liking a specific post.
I can call $postid/likes in the Graph API Explorer while using the token generated by the Graph API Explorer and receive the proper information. It's a simple result with user id/name pair which is all I need to generate a random winner.
I'm running a daily cron that collects all new likes for the post and puts them in a database so that I can track the number of entrants and pull out a winner from the pool easily. The script works and I get the expected data if I copy out the token from the Graph API Explorer call above and plug it into the script.
Problem:
Since the script above works when I copy out the active temporary token from the Graph API Explorer, shouldn't I be able to do this programmatically? I can't figure out how I am supposed authenticate when my daily cron runs (no user interaction) in order to get a new, valid, non-expired token. Since this is a cron running from the server, I obviously can't authenticate through a user dialog.
You can create an app and then authenticate as that app. Access tokens granted to an app don't expire so you'll be able to code that into your cron job.
Tread carefully with this. It looks like your contest violates the Facebook promotions guidelines:
You must not condition registration or entry upon the user liking a Wall post.
I've been digging through all docs I can find, but I cannot seem to verify this..
When I'm doing app authorization I'm asking for publish_stream from my visitor.
From to FB docs (http://developers.facebook.com/docs/reference/api/permissions/):
Enables your app to post content, comments, and likes to a user's stream and to the streams of the user's friends. With this permission, you can publish content to a user's feed at any time, without requiring offline_access. However, please note that Facebook recommends a user- initiated sharing model.
It very explicitly states that I'm able to post at ANY time. But, a regular user access token expires after a certain time. So that won't be usable to post.
However, an APPLICATION access token can be retrieved at any time, without any user interaction. And when I've tested, I can successfully publish to a users feed (yes on their feed, not my applications feed) using the app access token.
I haven't waited 2+ hours for the initially obtained User token to expire though, but even if the user session was logged out, I was still able to post using the app token.
So, this is what I want, right? Yes!
But this is not documented anywhere, so my question is:
Is this an allowed/recommended approach? Will I run into any problems around this?
Thank you
this is the right way to do it, so you'll not run into any problems etc.
Just use the App access_token to publish on you app users walls.
Greetings,
Fredyy