I am trying to make a very simple app with spring social, the app is not for public. What I am trying to achieve is to post to my wall or to the page that I administer.
Trying to ask facebook for access to manage_pages permission they denied because as they said "You do not need to request these permissions because your blog or CMS is integrated with an app that you admin. As an App admin, you can already access these permissions and post to your timeline or a page you admin. You can provide access to additional users by adding them as developers of your App."
Now in the code. I altered a bit spring social showcase example. And my case is as follows:
1) I login to facebook through my app
2) Trying to get the number of pages that I administer
3) Post to my wall.
For step two I am using this code:
if (facebook.pageOperations().getAccounts() != null) {
System.out.println("SIZE OF ACCCOUNTS IS: " + facebook.pageOperations().getAccounts().size());
}
The size of accounts is always 0. So this means that although I should be able to post to the pages that I am administrator I can not even see them. Am I correct?
For step three now:
facebook.feedOperations().updateStatus("I'm trying out Spring Social!");
facebook.feedOperations().post(new PostData("me").message("I'm trying out Spring Social!")
.link("http://www.springsource.org/spring-social", null, "Spring Social", "The Spring Social Project", "Spring Social is an extension to Spring to enable applications to connect with service providers."));
System.out.println("FEED POSTED");
both of those attempts fail with the following exception:
org.springframework.social.InsufficientPermissionException: Insufficient permission for this operation.
Could someone help please?
It seems like you have not asked/granted the permissions that you need during login. The first thing that you need to do is implement login and ensure sure that you include the correct scope i.e. permission (manage_pages) during login. Since your requirements also include publishing, include these permissions publish_pages and/or publish_actions depending on whether you want to publish as a page or yourself. e.g. if you are using the JS SDK, it would look something like this:
FB.login(function(response) {
// handle the response
}, {scope: 'manage_pages, publish_pages, publish_actions'});
Once you do this, on logging in, you will be prompted if you want to grant these permissions. On granting, your access token will contain these permissions and you will be able to make a call to /me/accounts which will give you a list of pages that you admin and their respective access tokens. It will look something like this:
"data": [
{
"access_token": "CAACEdEose0cBAAy...",
"category": "Food/Grocery",
"name": "Page Name",
"id": "1234567890",
"perms": [
"ADMINISTER",
"EDIT_PROFILE",
"BASIC_ADMIN"
]
},
...
]
If you want to publish as yourself, then you can continue using the current user access token. Else if you want to publish as a page, grab the page access token from the response above and use that to make the POST request against the page id.
And if you are creating an app for yourself and not for the public, then you do not need to submit these permissions for review provided you are an admin or have some role in the app.
You might be able to find some more context here.
Related
I've created a SpringBoot application which authenticates users against my company's Azure Active Directory server using OAuth 2.0
Now I'd like to display the User's profile picture.
The first way I went about this was to naively embed the graph API url to the user's profile picture in an IMG tag, assuming that the browser's cookies would implicitly provide authentication for the logged-in user:
<img src="https://graph.microsoft.com/v1.0/me/photos/48x48/$value"/>
but this results in a 401 error:
{
"error": {
"code": "InvalidAuthenticationToken",
"message": "Access token is empty.",
"innerError": {
"request-id": "71fe8fc9-e8d2-4f2e-950d-04e7d9fa64e6",
"date": "2018-09-24T07:08:50"
}
}
}
what's the best way to get the User's profile picture after AD/OAuth authentication - I'm happy to do this either by the client-side or server-side, and ideally I'd like to know both approaches
You could do it client-side, but you'd need to acquire an access token with ADAL.JS/MSAL.JS and then request for the file and set it as the content of the img element via JavaScript.
Server-side is probably easier to implement, point the img to an HTTP route in your back-end, acquire an access token, call the API, and return the bytes of the image as a result from the route.
I downloaded the example:
https://dev.office.com/Getting-Started/office365Apis?platform=option-android#register-app
clicking on send button throws this error:
RetrofitError: 404 Not Found
{
"error": {
"code": "InvalidAuthenticationToken",
"message": "Bearer access token is empty.",
"innerError": {
"request-id": "951626d4-0168-4b58-a78a-1fdd3bd322f2",
"date": "2016-04-29T18:34:05"
}
}
}
It looks like perhaps you did not register your app before downloading the sample. The readme instruction in the sample should walk you through registering and configuring an app, at which point the login should succeed and you will get a bearer token.
You are missing an access token. From https://msdn.microsoft.com/en-us/office/office365/api/discovery-service-rest-operations:
Discovery Service operations
Initial sign in
This brings the client to a web page where the user enters account information. It returns the endpoints needed to continue with Discovery Service. This is used the first time a user tries your application. It tells your application:
what cloud the user belongs to
where the app can send the user to log in
where to go to get a token
you can continue reading it on the official site.
I have a valid consumer_key and consumer_secret for my app to access resources on a certain website.
I create the consumer like this:
private void createConsumer(){
mConsumer = new CommonsHttpOAuthConsumer(CONSUMER_KEY, CONSUMER_SECRET);
}
I create the provider like this:
private void createProvider(){
mProvider = new CommonsHttpOAuthProvider(REQUEST_TOKEN_URL, ACCESS_TOKEN_URL,
AUTHORIZE_URL);
}
I then use an AsyncTask to retrieve what I assume is a valid AccessToken from the server.
mAccessTokenUrl = mProvider.retrieveRequestToeken(mConsumer, CALL_BACK_URL);
with this call I get something similar to this:
``http://www.mygarden.org/oauth/authorize?/oauth_token=XXXXXXXXXXXXXXhs343sjd&oauth_callback=http%3A%2F%2Flocalhost
I'm assuming the token is correct because if I test this with the incorrect credentials I don't get anything back.
Question 1:
Is this callback url corrent, because on the site it does not specify a callback url, just the app's website; and how should I use it on the android app?
Question 2:
How do I now use the Access Token to consume certain services on the website, for example to get all the plants I should use this link: http://api.mygarden.org/activities/all which should return certain data in xml/json format
Extra information is that all calls to the API should use the http GET method unless specified otherwise. I do not want the user to first register on the site, I just want to consume the services they provide using my app's access credentials. If user credentials are necessary, could I embed them within the URL and grant the user access automatically?
The website is: http://www.mygarden.org
Thanks for your help.
To get a list of all the plants you don't need to authenticate a user. This is only necessary for user related actions, like posting status updates or adding plants to your garden.
So you only have to send a call to oauth/request_token and then oauth/access_token, after that you're ready to get some data from the API
Answer for Question 1:
If your developing an android application you don't need the callback url, this is needed when you want to authenticate a user trough a website. Make sure you select Client in the app settings on mygarden.org
Answer for Question 2:
To get all the plants you need plants/all. If you're using a standard oauth library, all the required oauth parameters are automatically added to your query
I'm a developer at mygarden.org, you can always contact our support ;)
I thought it is easy thing to do, but seems that it is not. I have an Android app. User logs in into this App, using Facebook. I also have a Facebook page (besides Facebook app). So, I want to create an event on behalf of my page from my android app. Here is what I do:
Bundle params = new Bundle();
params.putString("name", "name");
params.putString("description", "descr");
params.putString("location", "loc");
params.putString("start_time", "properly_formatted_time");
new Request(
Session.getActiveSession(),
"/" + PAGE_ID + "/events?access_token=" + PAGE_ACCESS_TOKEN,
params,
HttpMethod.POST,
new Request.Callback() {
public void onCompleted(Response response) {
}
).executeAsync();
I have generated long living token with all required permissions as described here: Long-lasting FB access-token for server to pull FB page info
If I try to create event, being logged in as myself (admin of a FB page and application), it works fine.
When I am using someone's account, who is not an admin, I am receiving following error:
{HttpStatus: 500, errorCode: 1373019, errorType: Exception,
errorMessage: You must be an admin of the specified page to perform
the requested action.}
So, how it is possible to fix this. I've googled around and found some similar questions, like How to post to a Facebook Page (how to get page access token + user access token), but those either have no correct answer, or are using "me/account" and then get access_token, which is not something I want to do.
Any help would be greatly appreciated.
There's no other way in my opinion than to get the Page Access Token via the /me/accounts (being logged in as admin of that page), and then store this Token in the app itself.
What I'm not really understanding is that (all) the users can then create an Event for your Page. Is that really what you want?
I want to get users' access_token by using Google Drive SDK in JAVA.
I completed to get access_token when user log-in first time. But, I really want to direct-login. I know access_token be expired, so 'refreshToken' can be my solution. But refreshToken is always 'null'. How can I perform direct-login? Many advices welcome.
You need to separate "login" from "access drive". Once your application has an access token for a given user/scope, it can access Drive on behalf of the user. There are two (main) ways your application can obtain an access token.
It can request access which will involve the user being logged in to grant access.
In step 1, it can request "offline" access, in which case it will be given an access token and a refresh token. It can subsequently use the refresh token to request more access tokens without the user being present.
I suspect that you want to do option 2. This is described quite well at https://developers.google.com/accounts/docs/OAuth2WebServer#offline
If you have tried this and you having problems, please paste your code and the http trace so we can look at the problem with you.