I'm trying to get friends count via my account using Facebook API. Its working well.
But if i get friends count using one of my friendId, i'm getting the following exception
Tests in error: friendsCount(com.company.facebook.test.FbClientTest):
Received Facebook error response of type OAuthException: (#604) Can't
lookup all friends of 649390517. Can only lookup for the logged in
user or the logged in user's friends that are users of your app.
That error message seems pretty clear, you can't access friends-of-friends via the API unless the other friend also uses your app.
You can however check for mutual friends between your app's user and any arbitrary user ID.
To do that, make an API call to
/USER_ID/mutualfriends/OTHER_USER_ID
Where USER_ID is the user who's authorised your app, and OTHER_USER_ID is the user you want to check for mutual friends with.
Related
I have a program to extract transaction logs from my Bank website for the ERP system. Since my Bank doesn't provide any Web Service for this kind of data, I have to scrape it. This program is not intending to bypass captcha. Users have to input the captcha/bank account for the login part. It had worked until my Bank changed to Google Invisible reCaptcha. Since then I couldn't get the correct reCaptcha-token.
These are the steps my program process using HTTP Request: (Java, HtmlUnit)
Get login page
Get Captcha Image and show it to the user to resolve it.
Get reCaptcha-token from this link: https://www.google.com/recaptcha/api2/anchor?ar=1&k= ...
Post (bankaccount id, bankaccount pw, resolved captcha image, reCaptcha-token....)
So how to get the correct reCaptcha-token based on sitekey and siteurl?
We are trying to implement Oauth2 on our app, in our App we are login using Sign In with Google, and this returns a lot of stuff like : UID, ACCESS_TOKEN, REFRESH_TOKEN, etc.. we are thinking to send from APP to server-side the UID and store it to DB linked with user like if it was its password.
From server side we want to on each call for instance : get_products, we are thinking to use an access_token but we don't know if it's the UID from user itself or we have to create another access_token with its refres_token with expiration time. So we have one UID from user and another access_token and refresh_token from oauth.
I'm not sure about the value you refer by UID. May be it's something that I haven't come across before.
But if it stands for USER IDENTIFIER, then you should not use it to identify the end user and maintain a session. UID could be a public identifier so anyone who knows will be able to communicate to your server. Also, think about user login through multiple devices. Your server won't be able to identify the correct session.
User access_token to initiate a session. In your server, use user-information endpoint to obtain validity details and end user information. Alternatively you may choose OpenID Connect.
Im creating an application to login in Google+ and get friends emails.
Im authenticating succesfully and get token back , but when i fetch friends list , the user class of any single friends has emails=null...
here is the code (After already signed in and get authenticator class):
// Generated libraries for Google APIs
using Google.Apis.Authentication.OAuth2;
using Google.Apis.Authentication.OAuth2.DotNetOpenAuth;
using Google.Apis.Services;
using Google.Apis.Util;
using Google.Apis.Plus.v1;
using Google.Apis.Plus.v1.Data;
// For OAuth2
using DotNetOpenAuth.Messaging;
using DotNetOpenAuth.OAuth2;
//....code for authentication skipped ....
//...callback from json (authentication success)
PlusService ps = new PlusService(new BaseClientService.Initializer()
{
Authenticator = authenticator
});
PeopleFeed peopleFeed = ps.People.List("me", PeopleResource.CollectionEnum.Visible).Fetch();
//After that when i inspect peopleFeed[0].Emails <--- this is null..
any help?
The Google+ API only returns public information. So even if you are permitted to see a person's email address, it does not necessarily mean that the information is public and that it will be returned.
Furthermore, the documentation at https://developers.google.com/+/api/latest/people/list only guarantees that the list of people returned will contain the person's
id
displayName
image
url
and that to get other information about the person, you will need to do a people.get against that ID. But, again, note that you may still not get their email if that information isn't public.
You could also use the Contacts v3 API to get friend's email addresses. You can cross map this to Google+ contacts by looking at the gContact:website element for the contact that comes back in the XML response:
<gContact:website href='http://www.google.com/profiles/1234567890' rel='profile'/>
In that element's href attribute, 1234567890 is the person identifier that would match the id field of the relevant person resource from people.list of the Google+ API.
Note that the profile link is not guaranteed to come back for a contact entry. This occurs when the contact has not been linked to a Google+ profile.
My first guess would be that it's a rights management issue. I remember when I asked for my Google API key, I had to mention what information I want to get.
Could you check your API key settings in the Google Developer network and see if you need to enable it there?
I have an webapp which has a facebook log in and once a user logs in I store the user's access token in my db. I also have subscribed for user feed using realtime api. So when ever user adds a status or comments I would get callback from fb. This would just tell me that there is a change(I don't get the id of the comment or status). So I have to query the graph api with the stored access token to get the feed and see what are the things that are updated. So if I see that there is a new comment after the last query I had made, I would process it.
Is there any way to get the id of the comment or status that was made
by the user?
And I the access token that I get expires in an hour. So I can't query for data when there is a user update callback after an hour. I also can't ask the user to go to my app again and re authorize, since he won't use that app after log in(I just need him to log in to my webapp so that I can get his access token).
Is there any way to get the access token without the user having to
go through the authorization phase again(This is because user won't
come to my app again after he logs in, we just poll for his fb
activities)?
Thanks
I'm developing an app that uses OAuth to authenticate.
The problem is that when I try to get the access_token from facebook with passport.js (node.js) I get something different that when I try to get it with Scribe on Android. Is there any reason?
When I try with twitter the access token are the same and I can match users....
Thanks!
Unless I misinterpreted the question, you can use the "id" field in the response from FB to detect whether its the same user or not (regardless of which API/language you end up using). These IDs are unique per user and should allow you to detect whether the same user logged on via Android (Scribe) or passport.js (node). Hope it helps