Actually we created an app inside facebook and using the app id provided, the android application was able to post messages.
Recently we changed the facebook username and primary email address.
After this, our app stopped working on the facebook login. It doesnt event show us the facebook login screen in the webview.
We are getting the following exception
{
"error": {
"message": "Error validating application. Invalid application ID.",
"type": "OAuthException",
"code": 101
}
}
Will be happy is someone helps us out in this.
Thanks in advance.
Your app's code references an app ID, which is needed for the app to work with Facebook's API - If you cannot access that app ID via the API (a GET request to graph.facebook.com/<app ID here> will return an 'Unsupported GET request' error for an inaccessible app) it means that it's either in sandbox mode, and you can fix this from the app settings, or it's been deleted.
If the latter you'll need to create a new app and update your Android code to use that new App's app ID instead
Related
I have an Android application integrated with the deezer rest API, and I need to add a track to a playlist.
My application already has Oauth login flow, when I execute the following request:
http://api.deezer.com/user/me?access_token=AJSDH44H5R7SS7SDHDUHFSUDUSUSASDA766
Works fine!
Playlist actions, I trying send this request as:
POST
http://api.deezer.com/playlist/777006545/tracks?access_token=AJSDH44H5R7SS7SDHDUHFSUDUSUSASDA766&songs=2312333,12312
GET
http://api.deezer.com/playlist/777006545/tracks?access_token=AJSDH44H5R7SS7SDHDUHFSUDUSUSASDA766&songs=2312333,12312&request_method=post
Callback error:
{
"error": {
"type": "OAuthException",
"message": "An active access token must be used to query information about the current user",
"code": 200
}
}
But the token works for other requests. What's the right way to do this, anyone know?
Have you checked this page?
https://developers.deezer.com/api/playlist#actions ?
It seems you already have found this one:
https://developers.deezer.com/api/actions-post
Here is what I would test:
POST only.
Check that your access token has the manage_library permission.
Check that the owner of the playlist is the same that the user of the access_token.
It worked for me with:
http://api.deezer.com/playlist/<playlist_id>/tracks?access_token=<access_token>&request_method=post&songs=<track_id>
I currently have a login flow with facebook that is working 100% and I just added Google into the equation. I wrote the code so that my google provider tokens are formatted and cached in the same way as my facebook tokens. My code gets the facebook and google tokens and does the folling: (the following example is for the google login):
USER_GOOGLE_TOKEN = new JsonObject();
USER_GOOGLE_TOKEN.addProperty("access_token", accessToken);
cacheProviderToken(USER_GOOGLE_TOKEN.toString());
setCurrentProvider("google");
Then, in my authentication method in the activity, here is how I mobileserviceclient.login:
MobileServiceAuthenticationProvider provider = null;
if (getCurrentProvider().equals("facebook")){
provider = MobileServiceAuthenticationProvider.Facebook;
} else if (getCurrentProvider().equals("google")) {
provider = MobileServiceAuthenticationProvider.Google;
}
token.addProperty("access_token", googleToken);
ListenableFuture<MobileServiceUser> mLogin = mClient.login(MobileServiceAuthenticationProvider.Google, getProviderToken());
The problem is that Facebook works and Google produces a 401 unauthorized.
The specific error I get (before the future returns failed), is: W/DefaultRequestDirector: `Authentication error: Unable to respond to any of these challenges: {}. Azure logs show that it is a 401 unauthorized.
I am successfully printing the Google-Sign-In token and formatting it in the same way as my facebook tokens before trying to use them. Are my google keys wrong? I regenerated them once already and I tried setting origions to https, I tried different key combos, and I even got rid of my google-services.json(apparently its not needed). I did not use the client key that was generated on this google doc.
Another question here is how does the authentication settings of my Azure Mobile App come into play? I had originally configured my facebook before migrating from a MobileService to MobileApp, and now I do not need to use the "turnkey authentication" feature for it to work. I went ahead and entered my app key and secret for facebook, but it definitely works regardless of whether or not this is enabled. Is this a necessary feature for oauth?
Also, Depending on the token format on Login and the On/Off status of the AUthentication feature, the errror: W/DefaultRequestDirector: Authentication error: Unable to respond to any of these challenges: {}
, will have some text in the curly brackets about the azure endpoint.
Thank you so much if you can help. Such a picky issue here.
The App Service Authentication / Authorization is incompatible with a migrated Mobile Service and must remain off.
To update Authentication settings with a migrated Mobile Service, you set the app settings. For facebook, that's MS_FacebookAppID and MS_FacebookAppSecret. For Google, that's MS_GoogleClientID and MS_GoogleClientSecret.
For reference, check out https://azure.microsoft.com/en-us/documentation/articles/app-service-mobile-migrating-from-mobile-services/#authentication
I am developing an android app. I was using a HttpURLConnection to get profile pictures of facebook users. The URL looks like this:
http://graph.facebook.com/?ids=username1,username2,username3&fields=picture&type=square
But now, since v2.2 doesn't let me to get profile pictures of users who are not using my facebook app, it throws an error:
{ "error": {
"message": "(#803) Cannot query users by their username (username1)",
"type": "OAuthException",
"code": 803 } }
I am not interested in using "Facebook SDK for Android". Let's say I use a pop-up webview to authorize my facebook app. What url would let me do the same thing? Is there a simple solution like this:
graph.facebook.com/?app=APP-ID&ids=username1,username2&fields=picture
Since v2.0 of the API, you are not supposed to use usernames at all - and that´s why you can´t query users by their username anymore. The only way to get access to data of a user is by authorizing that user and using the /me endpoint.
Main rule: Forget about users who did not authorize your App, you are not supposed to get any data of those for privacy reason.
I'm trying to implement one-time code sign in flow in my system.
Application contains of two parts:
1)Android application which requests Google+ for one-time authorization code
2)Rails server that receives one-time code from android application in request header and tries to exchange code for access_token and id_token from Google+
The problem is that everything works well if I get one-time code using JavaScript sign-in button in browser, but doesn't work when one-time code is obtained by Android application and then sent to my server.
I'm getting always
"error" : "redirect_uri_mismatch"
My server settings are following:
{ "web":
{ "client_id": "MY_REGISTERED_WEB_APP_CLIENT_ID",
"client_secret": "MY_CLIENT_SECRET",
"redirect_uris": ["postmessage"],
"auth_uri": "https://accounts.google.com/o/oauth2/auth",
"token_uri": "https://accounts.google.com/o/oauth2/token"
}
}
Now, how I'm requesting one-time code from Android app:
I use the same MY_REGISTERED_WEB_APP_CLIENT_ID as on my server for requesting one-time code. I don't know, maybe I have to use on Android another client id, that corresponds to my Android application? But all found documentation and articles are pointing to registered
Web app client_id.
Or maybe my rails server should be configured not for web, but for installed type of registered in Google Console apps?
Now regarding redirect_uris.
I've tried to set several redirect_uris in Google Console:
empty field
http://localhost:5000
https://localhost:5000
http://my.deployment.url/auth2callback
Web origins in Google console are set to
- http://my.deployment.url
- http://localhost:5000
Can't figure out what I'm doing wrong.
Actually I don't understand why I need to set this redirect_uris values, since I don't want to have callbacks from Google, I just want to get access_token and use it for accessing Google+.
This is happening because the redirect_uri your android app is using to create the initial login flow is different from the redirect_uri the server is using when it tries to excange the code for an access_token. The redirect_uri the user returns to and the redirect_uri used in the token exchange must match.
The proper redirect_uri in this case is "urn:ietf:wg:oauth:2.0:oob"
The title pretty much sums it up, i am trying to test my Open Graph Actions in the Graph API Explorer but when i POST to /me/mynamespace:myaction, i get this error (Using the access token the Graph API Explorer generated for me, i asked for publish_actions only)
{
"error": {
"message": "(#15) This method must be called with an app access_token.",
"type": "OAuthException",
"code": 15
}
}
Ive done my homework and searched about it, to find a proper access-token to solve this problem goes by the APPID|APP_SECRET format but using that i get
{
"error": {
"message": "An active access token must be used to query information about the current user.",
"type": "OAuthException",
"code": 2500
}
}
Any ideas on how to solve this?
To give out more context the graph actions were created for an android facebook app.
You can't post to /me without a user access token from a user who's logged into your app, 'me' is a placeholder for 'current user'.
It sounds like two things have happened here:
You've configured the Open Graph action to require the App Access Token to post (which is a configuration option on the action
When you came across that error, you tried to use the App Access Token but didnt' change /me/mynamespace:myaction to /<USER ID>/mynamespace:myaction
Some notes:
Never put the app access token into your client code; it can be used to modify app settings. If you really need actions to only be postable via the app access token, you'll need to implement a server-side component to your app which makes the requests with the app access token
You probably need to change the open graph action settings for your action so it can be posted with a user access token
Your method of sending APP_ID|SECRET as an app access token is wrong. To get an app access token, you need to request it via this endpoint:
https://graph.facebook.com/oauth/access_token?client_id=YOUR_APP_ID
&client_secret=YOUR_APP_SECRET&grant_type=client_credentials
See here for more details