All geek questions in one place

Facebook API - types of authorization?

I am struggling with the new Facebook Graph API, maybe someone here can help.

Here's what I want to do: provide a "login w / FB button, throw to / authorize, get the code, drop it into / access _token, get access_token and hit https://graph.facebook.com/me for user information.

When I try to use type = client_cred in the / authorize call, I get an access_token that allows me to remove URLs with user IDs or names, but not / me. I get an error: I need a valid token.

If I can’t hit me, how can I find out who the current user is?

What exactly should be used in the type parameter if I want the website to access user data? I saw messages with type = web_server, etc., but I can’t find the right way to fire, which I think is pretty simple ...

Thanks in advance for any help provided ...

+4
source share
5 answers

When I try to use type = client_cred in the / authorize call, I get an access_token that allows me to remove URLs with user IDs or names, but not / me. I get an error: I need a valid token.

client_cred is for your application to check if this application is valid. It is used for things like subscribing to the Facebook real-time update API. It passes authentication no .

You need to follow the Facebook OAuth Instructions . It does not use the type parameter. You will:

This access token allows you to function as a user and access the URL me .

+5
source

I had the same problem and solved it.

First: Do not use & type = client_cred .

Second: use the same URL everywhere!

My example:

My first link:

 <a href="https://www.facebook.com/dialog/oauth?client_id=_MY_APP_ID_&state=_RANDOM_NUMBER_&redirect_uri=http://mysite.ru/ru/site_users.html?op=fbreg">FB login</a>

When I received the code:

 $nexturl = "https://graph.facebook.com/oauth/access_token?client_id=".$AppId."&redirect_uri=http://mysite.ru/ru/site_users.html?op=fbreg&client_secret=".$AppSec."&code=".$fbCode; $response = @file_get_contents($nexturl); $params = null; parse_str($response, $params); $graph_url = "https://graph.facebook.com/me?access_token=".$params['access_token']; $arrResponse = json_decode(@file_get_contents($graph_url));

In $ arrResponse, I got all the information about the current user.

The URL value must be the same everywhere . In code and in https://developers.facebook.com/apps/ .

In my case it is: http://mysite.ru/ru/site_users.html?op=fbreg

In my example, the following are incorrect.

  • http://mysite.ru/
  • http://mysite/
  • http://mysite/ru/site_users.html

That's all. Very stupid problem. I solved this in three days :(

+4
source

I think it should be something like this:

https://graph.facebook.com/oauth/authorize?client_id=...&redirect_uri=...&scope=user_photos,user_videos,publish_stream&display=page

The scope should indicate the permissions you need, listed here http://developers.facebook.com/docs/authentication/permissions

The displayed values ​​can be found here http://developers.facebook.com/docs/authentication/

+1
source

Do you solve it? I have the same error as you
I found a page that explains this problem http://benbiddington.wordpress.com/2010/04/23/facebook-graph-api-getting-access-tokens/

if use type = client_cred, you need to change "me" to the user ID, and the user ID can be found in the "code" parameter, just look at it :)

0
source

This answer should clarify the last comment

nevermind. figured out my problem. make 100% sure that redirect_uri is identical when calling authroize and access_token! - nategood Mar 24 at 0:54

I struggled with this problem for a long time. The Facebooks documentation is poor, and the answers on these sites seem to fall into one of two categories: use type = client_cred or not use type.

Do not use "type = client_cred". Follow the facebook documentation and just make sure that the redirect_uri you use in your code request is at:
http://www.facebook.com/dialog/oauth/?

matches the redirect_uri parameter that you use in your access_token request to: * Https:? // graph.facebook.com/oauth/access_token *

0
source

Source: https://habr.com/ru/post/1309831/

More articles:


All Articles