I want to connect my users to signin in facebook through my app. I did some google and some people are saying use fbrocket where as some http://github.com/facebook/facebook-android-sdk.git. I want suggestions
1) which one is easy to implement?
2) what is the difference between them?
3) Why I need to install a jar. Can I achieve this using some Facebook Api?
Any suggestion is much appreciated.
Thanks rachana.
As Cristian said, fbrocket predates the official SDK and is more or less obsoleted by the official SDK, which is newer, shinier, and mostly based on newer longer-support-lived standards like OpenGraph and OAuth. FBRocket is supposedly being rewritten for these, but there's no release for that yet AFAIK. There's a few things the official SDK is still missing (photo uploading, for instance) but if you just want sign-in-via-facebook, it's definitely the way to go.
I'm not sure I understand your 3rd question though -- you need to include Facebook code, either by a jarfile, android library include, or copy-paste -- in order to actually call the Facebook APIs. The Facebook project is open source; if you're not comfortable including it wholesale, you can freely yank out the bits you need. For example, I've used it in projects that only needed authentication and not publishing, customizing the auth dialog handline and removing all the non-login-related code. You could roll your own implementation based on authenticating via OAuth2 and call all the endpoints yourself, but why bother when Facebook already did the work of giving you the code to do that from Android already?
I recommend to use http://github.com/facebook/facebook-android-sdk.git since it's official and it's updated regularly (it's also really easy to implement and it comes with a couple of nice examples). On the other hand FBRocket seems to be out of date, and the developers are still working on the support for Facebook Graph API.
This is facebook's developer info page, the link you gave seems to be the official Android API.
The jar is the actual library that speaks with facebook.
What action on Facebook are you trying to perform? If you are only trying to allow the user to post content from your application to their facebook page you do this
private static final String FACEBOOK_URL = "http://www.facebook.com/sharer.php?u=
try {
Uri uri = Uri.parse(FACEBOOK_URL + yourcontent + "&src=sp");
Intent intent = new Intent(Intent.ACTION_VIEW, uri);
startActivity(intent);
}
catch (Exception e)
{
e.printStackTrace();
}
}
Related
We were asked to make changes to our react native app when an updated version was submitted to Google Play Store. The issue highlighted was "Intent Redirection" vulnerability. It was legacy code, but nevertheless, better late than never.
One of the suggested methods in the Google help guide was this:
Option 2: Ensure that the extracted Intent is from a trustworthy source.
You can verify that the originating Activity can be trusted using methods like >getCallingActivity. For example:
// check if the originating Activity is from trusted package
if (getCallingActivity().getPackageName().equals(“known”)) {
Intent intent = getIntent();
// extract the nested Intent
Intent forward = (Intent) intent.getParcelableExtra(“key”);
// redirect the nested Intent
startActivity(forward);
}
On changing code as per this guidance, the build showed an error that getCallingActivity was not a known symbol. The code already uses getCurrentActivity and getApplicationContext.
What would be the best way for us to rectify in our React Native app, this vulnerability in our native Java code?
Will deeply appreciate your quick support here. Thanks!
RazorPay released a new version. Please follow below link for more info.
https://github.com/razorpay/react-native-razorpay/issues/291
We had to upgrade our react-native-share dependency. In the releases it mentions some security patches a little while back. Once we upgraded to 4.x, we stopped receiving emails from google regarding the security vulnerability.
Can you Try Reading this Document ?
https://static.googleusercontent.com/media/www.google.com/en//about/appsecurity/play-rewards/Android_app_vulnerability_classes.pdf
I'm using the new buildShortDynamicLink API of Firebase (And it's great).
And i see there are two methodes for the ShortDynamicLink result:
Uri shortLink = task.getResult().getShortLink();
Uri flowchartLink = task.getResult().getPreviewLink();
I tried to use both but still the link doesn't apear in the Firebase dashboard.
What is getPreviewLink used for anyway?
Thanks.
Only analytics for links created in the console will show up in the console.
You can still access the analytics for your short links created via the API by using the Firebase Dynamic Links Rest API as described here (https://firebase.google.com/docs/reference/dynamic-links/analytics).
The getPreview returns the url to a visual flowchart that helps illustrate clearly how the link will work in each context. You can use it to debug the link if you want and to visually see how it will behave in different contexts.
Full disclosure: I work for Firebase.
This is expected. Only links created through the dashboard will show up there.
Think about it from this perspective: when your users are creating hundreds or even thousands of links per day, it will quickly make the dashboard completely useless if they all show up there.
At Branch.io (full disclosure: I'm on the Branch team), we take the same approach by default, though we do offer a manual flag you can change on programmatically-generated links to have them show up on the dashboard if desired.
I'm trying to use the YouTubeData API with OAuth 2.0 authentication on Android, and i'm kind of struggling with it.
I've searched a lot online, but there's not much help for the Android implementation.
First of all, it's not clear to me what's the best way to obtain an OAuth token. In the doc they suggest that for Android is better to obtain it using the Google Play services lib. Is that true? if yes, it should be pretty trivial following this guide: https://developers.google.com/android/guides/http-auth.
But at this point i will have the token in a String object .. how should I use it with the YouTubeData API? Should I place it somewhere in the YouTube.Builder ?
YouTube youtube = new YouTube.Builder(Auth.HTTP_TRANSPORT, Auth.JSON_FACTORY, new HttpRequestInitializer() {
public void initialize(HttpRequest request) throws IOException {
}
}).setApplicationName("AppName").build();
if yes, does anyone know where?
Searching on StackOverflow i've come across this question: What to do after getting Auth Token - Android Youtube API. Here Ibrahim Ulukaya says it's better to use GoogleAccountCredential. For what i've understood (Access to Google API - GoogleAccountCredential.usingOAuth2 vs GoogleAuthUtil.getToken()) the Android version of GoogleAccountCredential should use the GoogleAuthUtil provided from the Google Play services lib, so it could be pretty useful to simplify the process. I've looked at the sample project suggested from Ibrahim Ulukaya (https://github.com/youtube/yt-direct-lite-android) and i've implemented everything as he does. But it doesn't seem to work very well as i'm only obtaining this message in the logcat: "There was an IO error: com.google.android.gms.auth.UserRecoverableAuthException: NeedPermission : null".
(Note that I've enabled all the required APIs on the Google Console, and created the Client ID for my app)
At this point i'm kind of lost.
Should I use directly the GoogleAuthUtil from the Google Play services lib? in this case once obtained the token as a String how can i use it with the YouTubeData APIs?
Or should I use the GoogleAccountCredential ? in this case someone knows how can I solve the "NeedPersmission : null" error?
---- EDIT:
details on what my app is trying to do: being this my first experience with this kind of APIs I started from the easy stuff: retrieve video information and then play those videos, without any user authentication. I managed to do that pretty easily, but for my app's purpose i need to access the user data, in particular users must be able to like and comment videos.
So I started implementing OAuth2, trying to do the same exact queries I was doing before (retrieve video info).
Wow. The documentation on this is super confusing. Full disclosure, I'm not an Android developer but I am a Java developer who has worked with Google apps and OAuth2.
Google Play or not Google Play? First off, Google Play Services will only be available on Android devices with Google Play Services installed (so not OUYA, Amazon devices, etc.). Google state that "the Google Play library will give you the best possible performance and experience.".
There are numerous discussions (e.g. here, here) from actual Android developers that list the various merits of Google Play verses other techniques. I would imagine that once you are able to get your application working using one method, then it should be an easy enough to change if you so desire.
Much of the example code about uses the Android AccountManager (Tasks and Calendars being favourite examples) so that is what I will show.
Your example code looks like it might be for a simple search, I would guess that many of the YouTube API interactions do not require OAuth2, in other code I've seen this empty HttpRequestInitializer implementation referred to as a no-op function. (e.g. GeolocationSearch.java).
It sounds like you want access to YouTube API operations that need account credentials. You can do something similar to this Android Calendar example (CalendarSampleActivity.java) except with YouTube, like the example answer from here.
// Google Accounts
credential = GoogleAccountCredential.usingOAuth2(this, YouTubeScopes.YOUTUBE, YouTubeScopes.YOUTUBE_READONLY);
SharedPreferences settings = getPreferences(Context.MODE_PRIVATE);
credential.setSelectedAccountName(settings.getString(PREF_ACCOUNT_NAME, null));
// YouTube client
service =
new com.google.api.services.youtube.YouTube.Builder(transport, jsonFactory, credential)
.setApplicationName("Google-YouTubeAndroidSample/1.0").build();
I hope this helps.
In the initialize method of the HttpRequestInitializer you can set headers of the request. According to Googles documention for Oath2 for devices https://developers.google.com/identity/protocols/OAuth2ForDevices if you have an access token you should put it in the Authorization: Bearer HTTP header.
YouTube youtube = new YouTube.Builder(Auth.HTTP_TRANSPORT, Auth.JSON_FACTORY, new HttpRequestInitializer() {
public void initialize(HttpRequest request) throws IOException {
request.put("Authorization", "Bearer " + yourAccessTokenString);
}
}).setApplicationName("AppName").build();
Remember the space after the Bearer in the authorization header value
I am trying for a facebook integration on my android application.
My requirement is to read each news feed as and when it comes, and to display it using a toast.
All the sample application I see on net are based on the web GUI.
Can anyone help me with a sample code or hint to read the updates into a variable/string in my application?
Regards,
Dhanesh
using this after login in facebook dialog..
Facebook fb = new Facebook(APP_ID);
String newsfeed=fb.request("me/home");
System.out.println(newsfeed);
for get user news feed....
I'm guessing it's easiest done using Facebook Android SDK (you need permission for your application to access someone's news feed);
http://developers.facebook.com/docs/guides/mobile/#android
And Graph API documentation is a good read too;
http://developers.facebook.com/docs/reference/api/
Maybe there's some better examples but I found those documents rather complete while I was dealing with Facebook accessing.
Check out the Facebook API at http://developers.facebook.com/
Have you looked at facebook's owns api. Mobile Apps. If they don't have a solution on getting new news, then theres probably no clean api to get news an you have to turn to a scrape api or write your own scrape functions.
I would like to integrate Twitter into my Android application so that I can post messages to Twitter.
It really depends on how you want the interaction to work. You can:
Use their API (helped by a library such as twitter4j, as suggested by Heiko Rupp), or
Find a way to integrate with the Twitter app, although there is no published protocol for this as far as I know. This is also not a good idea because many people use other apps such as Twidroyd, TweetDeck and so on, but it would definitely be cool, or
If you don't expect the user to do this very often, you can just open up http://twitter.com/?status=<what-to-tweet> using a simple intent.
Method 3 can be easily described here:
Intent i = new Intent(Intent.ACTION_VIEW);
i.setData(Uri.parse("http://twitter.com/?status=" + Uri.encode(message)));
startActivity(i);
You can also combine 2 and 3. You can try a few known apps (official Twitter, TweetDeck, ...) and if all of them fail (because they're not present or because they have been updated and broke the protocol) you resort to opening up the browser.
Also note that it might be possible for method 3 to actually launch an app instead of the browser (or at least give the user a choice between the two), if the app handles the correct intents.
Another thing worth mentioning is that it's very possible that you will not be able to integrate with any Twitter apps. What I've said here is purely hypothetical, I have no idea whether these apps support such integrations. You should consult each app and see if they expose some intents that you could use. If they don't, you can still hack around a little and you might find them, but that will be unreliable because they will most probably break after a couple of updates.
You could use the twitter4j library to talk to twitter. Since Twitter has changed over to oAuth, the initial authentication is not trivial.
Basically you need to register your app with Twitter (go to your profile and then to the developer page to register your app - you will then get consumer token+secret). Then follow this example to authenticate with Twitter.
You may have a look at Zwitscher (rev 0.65, code of oAuth has not been updated for the nw internal changes after 0.65), which is an open source Twitter client for a larger example.
You may have a look at one of my examples of how to get Sign-in with twitter working on android.
It uses twitter4j, and with slight modification, you can make it post tweets too!
find it here.
UPDATE: there's one question specific to this issue: twitter,update status
I use twitter4j and oauth-signpost to create facebook like oauth authorization (webview dialog). Checkout this post
You can send the appropriate Intent to start the default twitter application
You can do this without Twitter4j, thus avoiding the massive headache of implementing the OAuth flow.
String tweetText = "We be tweetin!";
String url = "twitter://post?message=";
try {
Intent i = new Intent(Intent.ACTION_VIEW);
i.setData(Uri.parse(url + Uri.encode(text)));
startActivity(i);
} catch (android.content.ActivityNotFoundException e) {
Toast.makeText(this, "Can't send tweet!", 2).show();
}
Other supported twitter:// urls are listed here.
If the user has the Twitter App installed on their device it'll open it directly to a share view. When cancelled or shared it'll return direct to your App. Super simple. Similar to how iOS handles sharing now (with Facebook and Twitter integration).
This doesn't handle cases where the user uses another App as their primary Twitter client.