I am trying to get user status updates using the graph API.
These are my steps
The user grants me user_status,read_stream permission
then my app does the following.
https://graph.facebook.com/oauth/access_token?grant_type=client_credentials&client_id=".$FBappID."&client_secret=".$FBappSecret
and get the $AccessToken
next i goto https://graph.facebook.com/the-username/permissions?access_token=$AccessToken
i make sure read_stream and user_status = 1
then i try https://graph.facebook.com/the-username/statuses?access_token=$AccessToken
when i do this i get the error " failed to open stream: HTTP request failed! HTTP/1.0 400 Bad Request"
First to get the token from facebook, the url must set like
https://graph.facebook.com/oauth/authorize?client_id=[App_id]&redirect_uri=http://[you app uri]/url/where_you_recive_the_token_from facebook
This will redirect something like:
http://you_app_uri/url/?code=[Code Generated By Facebook String(196)]
Then you can used
https://graph.facebook.com/the-username/statuses?access_token=$_GET['code']
Related
I created the code which get the member's information by Google Workspace Directory API. This code is executed everyday, and sometime I fece the error which is "oauth2: cannot fetch token: 401 Unauthorized".
Bad thing is that this error is happend only 1-2 times per month, and I cannnot reproduce by myself. I mean, if I re-execute the code after facing this error, it works well.
I paste full error message below:
"failed to get the members by email, email ="***#***": Get "https://admin.googleapis.com/admin/directory/v1/groups/***": oauth2: cannot fetch token: 401 Unauthorized
Response: {
"error": "unauthorized_client",
"error_description": "Client is unauthorized to retrieve access tokens using this method, or client not authorized for any of the scopes requested."
}"
API is executed by using Service Account which has appropriate roles below:
https://www.googleapis.com/auth/admin.directory.user.readonly
https://www.googleapis.com/auth/admin.directory.group.member.readonly
https://www.googleapis.com/auth/admin.directory.group.readonly
Is it only better solution to use exponential back off?
Thank you in advance.
I'm trying to have users login to facebook with a desktop app and am following this guide and am on the "Generate a Code" step: https://developers.facebook.com/docs/facebook-login/for-devices#tech-step1
I am trying this request using the graph API explorer tool I select POST and apparently v8.0 is the only choice and then the request is device/login.
The parameters in JSON I'm using are:
{
"access_token": "<app_id>|<client_token>",
"scope": "user_status,user_posts",
"type": "device_code"
}
I get this error message: "(#190) This method must be called with a client access token."
I grab my app_id from the top of my facebook app dashboard and I grab the client_token from the Settings > Advanced section.
I've also tried passing in the App Access Token I get when I do an oauth/access_token call using my app_id and app_secret, but that has the same issue.
When I try this request in my C# code I'm using a code like the following:
string url = "https://graph.facebook.com/v2.6/device/login?access_token=1234|ABCDEFG&scope=user_status,user_posts";
WebRequest request = WebRequest.Create(url);
request.Method = "POST";
WebResponse response = request.GetResponse();
I've tried every combination of app_id, app_secret, client_token, and access_token I can think of instead of the "1234|ABCDEFG" portion here but I just get "The remote server returned an error: (400) Bad Request."
I'm sure it shouldn't be this hard to do a device login for facebook and I'm missing something.
maybe it's too late to answer to your question.
actually I faced with same issue when I trying on postman.
simply I sent (access_token) as params instead of headers and I got respond.
hope to usefull.
I am trying to access a REST API (Shopware to be specific), which is hosted externally.
When I log in to the frontend in the browser, I first need to enter a set of credentials in the browser authentication pop up. And then the application opens and I need to enter the application credentials.
I assumed the authentication for the API would also be similar.
This is how I see this set up: (sorry for the crude image) Set up pic
So first, I use HTTP Basic auth and pass my browser credentials to the server.
I get the following response:
{
"success": false,
"message": "Invalid or missing auth"
}
But in the Response header I get
Basic realm="<Realm B>", Digest realm="<Realm B>", domain="/", nonce="<nonce>", opaque="<opaque value>", algorithm="MD5", qop="auth"
Does this response mean that both Basic and Digest are supported for Realm B and the client can use any one of these?
I tried to authenticate again with Digest Auth chosen in postman,and using the realm B, nonce, opaque and qop values provided in the previous request.
But I still get a 401 Unauthorized error.
What am I missing? How does this two factor auth work via Postman?
Thanks in advance for your help.
I have Postman set up following this guide:
https://learn.microsoft.com/en-us/aspnet/core/security/authentication/azure-ad-b2c-webapi?view=aspnetcore-2.2#use-postman-to-get-a-token-and-test-the-api
When I attempt to get new Access Token, Postman prompts a window with my B2C Sign in page.
I then attempt to sign in, however receive the following error in Postman: Error invalid_request
There is no other additional details. I feel I've followed the guide exactly.
What am I missing here?
In the request, you need to make sure the callback url same with your app reply url and api id uri of the Scope same with your API in the B2C.
The request is:
And the result like this:
I'm using FB.ui({method: 'apprequests', ... }) to let users invite their friends to my java web app.
In the Facebook Requests Dialog documentation it says that I need to delete the request when the user has accepted the request:
When a user is directed to your application, by clicking a Request
from the application, the games dashboard, or from a Request
notification, you must delete the request after it has been accepted.
Requests are not automatically deleted once they have been clicked,
thus it is the developer’s responsibility to clear them once they have
been consumed.
http://developers.facebook.com/docs/reference/dialogs/requests/#deleting
When I try to do this with the RestFB Graph API Java client I get a permission error from facebook.
The code:
FacebookClient client = new DefaultFacebookClient(appAccessToken, new DefaultWebRequestor(), new DefaultJsonMapper());
client.deleteObject(String.format("%d_%d", requestId, facebookUserId));
The log says:
(com.restfb.DefaultWebRequestor) INFO: Executing a POST to
graph.facebook.com/XXX_XXX with parameters (sent in request body):
method=delete&access_token=XXX&format=json&locale=en_US
The error:
Facebook responded with HTTP status code 403 and response body:
{"error":{"message":"(#200) Permissions
error","type":"OAuthException"}}
I have tried both app access token and receiving user's access token, and I have scopes email and publish_actions. I read somewhere that I may need the publish_stream scope. I would rather not ask my users for that just to be able to delete requests, though? Or is it something else I'm doing wrong?
You don't need the publish_stream scope if you use the APP Token.
If you use the C# facebook SDK you can use this:
var fb = new FacebookClient(Config.FacebookAppId, Config.FacebookAppSecret);
var result = fb.Delete(string.Format(
"{0}_{1}?access_token={2}",
facebookRequestId,
facebookUserId,
fb.AccessToken
));
(See also: Facebook Deleting Requests)