My application does not require "access to basic info" and I think this is strange since I read that Facebook should display to the user that my application is requiring access to the basic info.
All what I see is this:
Post to Facebook as you
XXXXXX may post status messages, notes, photos, and videos on your behalf
and I button ALLOW / DONT ALLOW
I am just request extended permissions to post on the user wall. Normally I should also see that I would like to request the access to the user Basic Info, isnt it?
This is the code I use for Auth.
$_SESSION['state'] = md5(uniqid(rand(), TRUE)); //CSRF protection
$dialog_url = "https://www.facebook.com/dialog/oauth?client_id=". $app_id . "&redirect_uri=" . urlencode($app_url) . "&state=" . $_SESSION['state'] ."&scope=publish_stream";
echo("<script> top.location.href='" . $dialog_url . "'</script>");
As soon as you ask for any permission (in your case, posting on a user's wall (stream_publish)), the Facebook API automatically requests the basic permisson on your behalf.
Related
I have read almost all the graph API and i don't get this thing at all .
I am some user, who needs to get some other public page photos . thats it,very simple.
So to do that, i can just :
https://graph.facebook.com/page id/photos/uploaded/
Which is works great. gives a json with the photos .
BUT ,Facebook is always talks about this tokens everywhere. you need a token to everything .
So after so much frustration i have got this token i created to some app i made.
Problem is, what i do with this token ?? i don't see any place in the API where i put this token in the http request .
Take this request i showed here for example, it works for any page without a token. so where goes the token? why do i need it ?
Why when talking about getting images of some page they always say you must be the admin of that page? NO I DONT want to be the admin of a page, i just want to get photos of other page, that i don't own, with a simple http request.
Everything is messed up for me .
You can apply an access_token to any Graph API request by appending ?access_token=xxx to the URL. In your example, the resulting URL would be:
https://graph.facebook.com/page id/photos?access_token=xxx
The access_token is typically used to access any data that isn't public. While its true that you don't need an access_token or be an Admin of a page to get Photos, you may still need an access_token to access pages with location or age restrictions.
For example, I can easily get public photos from the Coca Cola page:
https://graph.facebook.com/cocacola/photos
But not for this protected page (since you must be 18+ to access this page):
https://graph.facebook.com/Betfair/photos
I'm using the Facebook php sdk to try to get posts of a users wall.
When I use the following code I only get some reaction on events and some mentions, but but not the messages, photos's etc. I actually posted on my wall?
What can be the problem?
$result = $facebook->api('/me/feed/',array('access_token' => $facebook->access_token,'limit'=>100));
How are you authenticating and what permissions are you asking for in your access_token? If you aren't authenticating your user, you'll be limited to public posts only. You also need to make sure you request read_stream permission when you authenticate your user.
I am able to access checkins and locations by url, using the Graph API Explorer with my app.
So, the user tokens seem to be OK.
Now, when I try :
$ curl "https://graph.facebook.com/[my id]/locations?access_token=[my app token]
it states:
{"error":{"message":"A user access token is required to request this resource.","type":"OAuthException","code":102}}
In the Graph API Explorer, I've enabled every single permission for my app. I've tried checkins and locations, and neither works. I can see basic info, likes, friends, etc., but no location info.
App Settings
Enabled
August 2012 Breaking Changes:
Remove offline_access permission:
Disabled
Stream post URL security:
Forces use of login secret for auth.login:
September 2012 Breaking Changes:
October 2012 Breaking Changes:
I am reading through all of the stackoverflow topics on this, and I'm reading through the documentation, but I seem to be missing something.
Any idea what I am missing?
Thanks,
Eric
OK, so I wasn't clear on understanding how the user token came into play, even though there are other posts talking about it, as well as user1438003's comment.
I can grab the user token from the php-sdk facebook api, make sure it is long-lived via 60 days:
https://graph.facebook.com/oauth/access_token?client_id=[my app id]&client_secret=[my secret]&grant_type=fb_exchange_token&fb_exchange_token=[user token]
this returns a new user token.
https://graph.facebook.com/[user id]/checkins?access_token=[new user token]
this returns the info I expected.
I attempted to delete a wall post on a fan page using Graph. This appears to work fine for some posts, but for other posts, I get an Oath Exception (#200 Permissions Error). The posts I tested with were non-admins and the posts were made from facebook (not a 3rd part app). My app has publish_stream permissions. Any ideas? I am trying to build a page moderation tool for my client.
I have had success deleting posts on a fan page that were posted by non-admins using the page access token with manage_pages, publish_actions, and read_stream permissions. You may need to get an extended access token with setExtendedAccessToken() or server side request and use it to get the page_token.
To get a longer-lived Page access token, exchange the User access token for a long-lived one, as above, and then request the Page token. The resulting Page access token will not have an expiry time at all.
Extended page tokens.
I have found no documentation to support the code below, but it has been tested to work.
try {
$args = array(
'access_token' => $page_token
);
$deleted = $facebook->api('/'.$post_id, 'DELETE', $args);
} (catch FacebookApiException $e) {
echo $e->getType() . " " . $e->getMessage();
}
If you don't have the post_id you can query the posts:
$facebook->api('/'.$page_id.'/posts?fields=id');
In Facebook, an object posted by a user or those posted by others in an object owned by the user ( holder of the access token specified) can only be deleted. The same is the normal behaviour of Facebook.
Just make sure you are trying to delete those objects posted by the owner of the Facebook access token.
Eg. A user can delete content on his wall, events created by him, comments or posts by others in events created by him, or those comments or posts created by him in others walls or objects.
I have an app and I want to post to the users feed.
All the users have allowed publish_stream permission but I have no idea how to post to their feeds which I should be able to do even if the user is offline.
I want to use curl and the graph like this:
curl -F 'access_token=...' \
-F 'message=Hello, Arjun. I like this new API.' \
https://graph.facebook.com/arjun/feed
Do I simply use the access code I got when the users initially allowed me access, or do I have to get a new access code each time I want to post to their feed, if so, how do I do that?
Any help, much appreciated.
After the user authorized your application you get an access-token from facebook. You can use this token to post to the users-wall until he changes his password or removes your application from his application list.
I think you need to include your api-key in the request. Otherwise please provide the error message your getting!