I'm using the Facebook Graph Batch API to send one message / different messages to registered people's FB walls.
I'm defining an access_token for each user, and the obliged top-level access_token (used as fallback, according to the doc). For the latter I just use an access_token from the users listed in the batch.
The thing is that the only user recieving the message, is the one who's access_token I used as the top-level/fallback access_token.
The other users get the "(#210) User not visible" error message.
I'm using 3 test users setup at my app-roles.
Any idea what goes wrong here?
Here's my code (python) for generating one message to all registrants:
for soc_reg in self.registrants:
batch_item = {
"method" : "POST",
"relative_url" : FACEBOOK_URL_FEED % (soc_reg['uid']),
"body" : Helper.toURL(publishParams),
"access_token" : soc_reg['access_token'],
}
batch.append(batch_item)
params = {
"access_token" : self.registrants[0]['access_token'], # used as fallback
"batch" : Helper.toJSON(batch),
}
results in following value for "params":
{"access_token": "XYZ", "batch": "[{\"body\": \"caption=&message=is+not+a+test.%0D%0AWe%27re+just+rappin%27+to+the+beat%21&place=146270405429726&link=&description=\", \"access_token\": \"XYZ\", \"method\": \"POST\", \"relative_url\": \"/100003720771245/feed\"}, {\"body\": \"caption=&message=is+not+a+test.%0D%0AWe%27re+just+rappin%27+to+the+beat%21&place=146270405429726&link=&description=\", \"access_token\": \"ZYX\", \"method\": \"POST\", \"relative_url\": \"/100003671211957/feed\"}, {\"body\": \"caption=&message=is+not+a+test.%0D%0AWe%27re+just+rappin%27+to+the+beat%21&place=146270405429726&link=&description=\", \"access_token\": \"YZX\", \"method\": \"POST\", \"relative_url\": \"/100003683601909/feed\"}]"}
So the only user recieving the message is the one defined here: "access_token" : self.registrants[0]['access_token']
When I adjust the index, I can determine the one recieving the message ;)
OK, seems like the documentation and the API itself are not corresponding:
https://developers.facebook.com/bugs/212455918831996
Documentation says:
relative_url => 'alias', 'body' => '{"access_token" => "..."}'
But only this ways seems to work:
'relative_url' => 'alias?access_token=...'
FB seemed to have confirmed the bug and put it on the 'wishlist', so far the latter is the way to go, works for me at least :)
Related
I am a learner in postman and do not have much experience in programming/scripting.
Here the issue.
Used POST api request - For getting the access token;
Used POST api request - To create an account;
Used POST api request - To cancel an account with CancellationReason
Need to crosscheck the cancellation details (some fields like cancellationReason) in web application.
In order to avoid manually check, i have used GET request api like below
by passing all the mapped fields (as per web application) in the GET request end url
(i.e. by sending the details in fetch_xml query parameter in the end url) in order to get those required fields returned.
Now i got a successful response with status code.
After that i want to compare the fetched values (from the response body) ... VS.... to the data i passed while cancelling the account (i.e. in POST api request - To cancel the account) and make sure both are same.
After that under Test tab - I have updated query like below, however it throwing an Unexpected '#' error (as the below query contains '#' in middle of the field name)
tests["Verify the CancellationReason matches"] = pm.expect(data._usr_cancellationReason_value#OData.Community.Display.V1.FormattedValue).to.eql("CancellationReason");
Can someone please help me to understand whether i should remove this #symbol or should replace with something else ?
Here is the response body:
{
"#odata.context": "https://hfrdcompanies.integrationdev01.crm3.cs.com/api/data/v9.1/$metadata#hfrd_workorders(_usr_cancellationchannel_value,usr_CancellationChannel,_usr_workorderreason_value,usr_WorkOrderReason,hfrd_workorderid,usr_cancellationuser,_usr_cancellationsource_value,usr_CancellationSource,hfrd_name,usr_CancellationChannel(),usr_AccountReason(),usr_CancellationSource())",
"value": [
{
"#odata.etag": "W/\"2345234523\"",
"_usr_cancellationchannel_value#OData.Community.Display.V1.FormattedValue": "Mobile App",
"_usr_cancellationchannel_value": "acefsdflin89-f9jf07-e969f1-a245nk11-00jnfnafn9799fc2a",
"_usr_Accountreason_value#OData.Community.Display.V1.FormattedValue": "Customer Inactive",
"_usr_Accountreason_value": "bde1234522-d45662-e2711-a84561-0007354a2d5c2a",
"hfrd_Accountid": "89025sf3-c668f-e7811-a4331-00asdhh3ab9bd1c",
"usr_cancellationuser": "Testuser08 ABC",
"_usr_cancellationsource_value#OData.Community.Display.V1.FormattedValue": "MOBILE",
"_usr_cancellationsource_value": "6c23asdf-c562-e411-a841-00asdfa",
"hfrd_name": "FP-WK-1000000642"
}
]
}
I want to validate the bold row
I created a bot in AWS Lex and I am trying to integrate it with Slack. I created a Slack app and followed the documentation as mentioned in-
https://docs.aws.amazon.com/lex/latest/dg/slack-bot-association.html
However, while trying to integrate with the Lex Postback URL I get an error saying
Your URL didn't respond with the value of the challenge parameter.
Our Request:
POST
"body": {
"type": "url_verification",
"token": "VbODUleNdk2hieCvDwlScrQF",
"challenge": "HRUXnK6YYLpx5U1s9AiADZgA0BAhWuTzfjAAzLEJIw1zz4GfuMAb"
}
Your Response:
"code": 200
"error": "challenge_failed"
"body": {
}
Per my knowledge, Lex by default should provide the response. Am I doing something wrong here? Any leads will help.
Thanks in advance.
I encountered this this morning and I thought I'd add my own experience. Slack appears to be pushing a 'Verification Token' as a replacement for the 'Signing Key', and claims they're interchangeable but that the token is more secure. I wasn't able to get the challenge response when using the token, but it worked fine when using the key.
Came across the same issue. The POST request that Slack was sending my endpoint was not what my function was designed for. I followed the tutorial at https://api.slack.com/tutorials/events-api-using-aws-lambda and had to add a line:
exports.handler = (data, context, callback) => {
data = JSON.parse(data.body); // added this line
switch (data.type) {
case "url_verification": verify(data, callback); break;
case "event_callback": process(data.event, callback); break;
default: callback(null);
}
};
I am trying to develop one-click-integration support for my bot, which will include FB messenger.
For the FB messenger I did the following:
Followed the "quick-start" guide and created a Facebook App.
Followed the "facebook-login" tutorial and deployed a facebook login process which works with permissions for:
- public_profile
- email
- manage_pages
- pages_show_list
- pages_messaging_subscriptions
- pages_messaging
I then used the graph-api of '/me/accounts' to get list of pages name , page ids, and access_token under a "test user" I created in facebook.
Now, I picked a page under this "test user" (with all the permissions), and tried to run this JS code -
FB.api(
`/${page.id}/subscribed_apps?access_token=${page.access_token}`,
function (response) {
console.log(`response = {$JSON.stringify(response)}`);
if (response && !response.error) {
/* handle the result */
}
}
);
The problem: I get response = {"data":[]} , which might be OK, but when I look at the page->settings->Messenger Platform->Subscribed Apps , I don't see any app subscribed there.
By the way, When I run this without the proper access_token , I do get an error #210 ("needs access_token") which is as expected...
Any idea how to subscribe the app properly to the page?
Must say I also tried it with the graph api explorer tool and got the same result...
Thanks in advance :-).
#CBroe got it correct and there were 2 issues:
1. I should have used the POST() instead of GET() method.
2. When you use the graph-api-explorer tool, you will see it works, then role down and get the JS code... problem is the code is a bit confusing since what you get is this:
FB.api(
`/${my_page_id}/subscribed_apps`,
'POST',
{},
function(response) {
// Insert your code here
}
);
but, it should actually be like this:
FB.api(
`/${my_page_id}/subscribed_apps`,
'POST',
{"access_token": `${page_access_token}`},
function(response) {
// Insert your code here
}
);
remeber to take the access_token from the /me/accounts api as I described in my question.
Thanks again to #CBroe for showing me how to solve this :-)
In my javascript I have a click event that triggers an ajax call to the php page where I send my notification from. I chose to do it this way because the documentation advises against using your app secret in any client side code, and the notifications parameters requires an access token that you can only get using the app secret.
The problem I'm having is that even though I'm logged in, $facebook->getUser() is returning 0 in php, so the api call I make afterwards to send the notification wont work. My user is already logged in via the client side code, so how do I get the message to the php that they're logged in so the notification can be sent.
//JS
$.ajax({
url : "http://xxxxxo/bn/notification.php",
type : 'POST',
data: {notify: notify },
success : function (result) {
console.log(result);
},
error : function () {
alert("error sending notification");
}
});//closes ajax
//PHP
<?php
require_once(dirname(__FILE__).'/php-sdk/facebook.php') ;
$APPLICATION_ID = '1402xxxxx7';
$APPLICATION_SECRET = 'ce71d6bbxxxxx5f55a';
$fb_app_url = "http://apps.facebook.com/myAPP";
$config = array();
$config['appId'] = $APP_ID;
$config['secret'] = $APP_SECRET;
$config['cookie'] = true;
$facebook = new Facebook($config) or die('Error is here!');
$facebook = new Facebook(array(
'appId' => $APP_ID,
'secret' => $APP_SECRET,
'fileUpload' => true
));
$notify = $_REQUEST['notify'];
$userid = $facebook->getUser();
/*IF WE HAVE A LOGGED IN USER AND THE 'NOTIFY' REQUEST VALUE, THEN SEND THE NOTIFICATION.
BUT MY USER ID IS 0. HOW DO I GET PHP TO RECOGNIZE ME AS LOGGED IN WITHOUT HAVING TO FORCE MY USER TO LOG IN VIA PHP AFTER THEY'VE ALREADY LOGGED IN CLIENT SIDE?*/
if($userid && $notify){
$token_url ="https://graph.facebook.com/oauth/access_token?" .
"client_id=" . $APP_ID .
"&client_secret=" . $APP_SECRET .
"&grant_type=client_credentials";
$app_token = file_get_contents($token_url);
$app_token = str_replace("access_token=", "", $app_token);
$data = array(
'href'=> 'https://apps.facebook.com/thebringernetwork/',
'access_token'=> $app_token,
'template'=> 'test'
);
$sendnotification = $facebook->api('/1622649653/notifications', 'post', $data);
}else{
//handle error
}
?>
The first thing I noticed is that you define your app id as $APPLICATION_ID but use it as $APP_ID (and the same goes for your app secret). But since you didn't mention any errors and $facebook->getUser(); executes I'm guessing this is just a bad copy-paste.
Now for the sake of answering this question I'm going to presume that you are using the latest versions of both JS and PHP SDKs. These use oauth 2.0 and change the way you pass the login information from JS to PHP.
According to Facebook Developer Blog removing $config['cookie'] = true; and setting oauth to true in your JS configuration should work. Just make sure to refresh the site after the login.
The solution I've found in my own project is to disable cookies altogether and simply pass the access token to my PHP script.
In your JS call your PHP script like this (make sure to call this after the JS login!):
$.ajax({
url : "http://xxxxxo/bn/notification.php",
type : 'POST',
data: {
notify: notify,
token: FB.getAuthResponse()['accessToken'] // add your access token
},
success : function (result) {
console.log(result);
},
error : function () {
alert("error sending notification");
}
});
And in your PHP script add this after creating the FB object.
$facebook->setAccessToken($_POST['token']); // set the users access token
Doing things this way will also get rid of any need to refresh the website after the login.
Yes, this is a common problem when using the PHP SDK in combination with AJAX:
When you make an AJAX request, the PHP SDK deletes the cookies where the authorization information are stored, and then the next call to getUser will just return 0, because this method tries to find the current user id in those cookies – apparently there is something in the OAuth 2.0 spec that demands this behavior to prevent some sort of click-jacking attack.
But the info will still be stored in the session, so you can read the user id (and the user access token, should you need it) from there:
$user_id = $_SESSION['fb_YourAppIdHere_user_id'];
$user_access_token = $_SESSION['fb_YourAppIdHere_access_token'];
Replace YourAppIdHere with your app id (so it becomes fb_1234567890_user_id resp. fb_1234567890_access_token) to get the correct names of those session keys.
I have a php/javascript API on my website for posting messages on the user wall depending on actions on my website.
I use on one side the javascript API for logging the user to the App and the PHP sdk on the other side for posting on the user wall some link.
The thing is that when I launch the PHP graph API method, Facebook respond me with the given error :
error :
array(1) {
'error' =>
array(3) {
'message' =>
string(46) "(#1) An error occured while creating the share"
'type' =>
string(14) "OAuthException"
'code' => int(1)
}
}
The php call is like this :
$facebook->api( '/me/feed/', 'post' ,$data );
And the data with the $data array are just the message and the link
But if I do the exact same code in javascript( using the FB.api('/me/feed' ) method), the message is well posted on my wall.
Is there something I have missed ?