ASP.NET 和Facebook Connect - 如何使用 Graph API 发布到用户的留言墙?
我已将我的网站与 Facebook Connect 集成,授权/单点登录一切正常。
现在我试图在用户墙上发布一些内容,但遇到了一些问题。
首先,我使用“旧”JavaScript API (FeatureLoader.js)。
这些是我使用的 Graph API URL:
private const string UserDetails_Url = @"https://graph.facebook.com/{0}?access_token={1}";
private const string Feed_Url = @"https://graph.facebook.com/{0}/feed?access_token={1}";
private const string TokenExchange_Url = @"https://graph.facebook.com/oauth/access_token?{0}";
我使用 TokenExchange_Url URL 来接收唯一的用户 OAuth 令牌以进行调用。
这工作正常,因为 a) 我收到了令牌,b) 我可以向 Graph API(即 UserDetails_Url)发出 HTTP Get 请求,并且工作正常。
但是,我无法使用 Feed_Url 发布到用户的留言墙上。
我很确定问题是我没有适当的用户权限来发布到墙上(即 Facebook 端设置)。
现在,我意识到我可以在客户端使用 fbPublish API 方法来执行此操作,但我想使用 Graph API 在服务器端执行此操作。
我不会费心展示尝试调用 Graph API 来发布到用户墙上的代码,因为它非常简单(HttpWebRequest、将方法设置为“POST”、设置内容类型/长度、将字节写入 Stream 等)
。我认为问题是我需要用户授予我的应用程序“publish_stream”扩展权限。
Facebook Graph API doco 说要在您的授权请求中执行此操作:
https://graph.facebook.com/oauth/authorize?
client_id=...&
redirect_uri=http://www.example.com/callback&
scope=user_photos,user_videos,publish_stream
这让我感到困惑,因为我使用以下 URL 来获取 OAuth 令牌:
https://graph.facebook.com/oauth/access_token?bunchofqsparams
我使用了错误的令牌交换 URL 吗?为什么有两个不同的 URL 看似获取相同的内容?信息?
是的 - 我已经阅读了 Facebook API doco(很多次),是的,我已经阅读了其他类似的 SO 问题,但它们都导致使用客户端 API 发布到墙上,我想在服务器端进行。
对于实际的“Facebook Connect”按钮,我使用标准 FBML:
<fb:login-button length="long" size="medium" autologoutlink="false" background="light" onlogin="facebookLogin('/login')" class=" fb_login_not_logged_in FB_login_button FB_ElementReady"><a id="RES_ID_fb_login" class="fbconnect_login_button"><img id="RES_ID_fb_login_image" src="http://static.ak.fbcdn.net/rsrc.php/zB6N8/hash/4li2k73z.gif" alt="Connect"></a></fb:login-button>
当我单击此按钮(并且未登录 Facebook)时,它会弹出一个用户可以登录的窗口。但它没有“请求扩展权限”对话框 - 不是吗?或者是我需要手动触发的另一个弹出窗口?
总而言之,这是我的问题:
- 如何授予发布到用户墙的扩展权限?
- 获取 OAuth 令牌的正确 URL 是什么?
- 是否有明确的来源来展示如何使用服务器端图形 API 调用发布到用户的墙?
I've integrated my website with Facebook Connect, authorization/single-sign on all working great.
Now im trying to post something to the user's wall, which im having some problems with.
First of all, im using the "old" JavaScript API (FeatureLoader.js).
These are the Graph API URL's im using:
private const string UserDetails_Url = @"https://graph.facebook.com/{0}?access_token={1}";
private const string Feed_Url = @"https://graph.facebook.com/{0}/feed?access_token={1}";
private const string TokenExchange_Url = @"https://graph.facebook.com/oauth/access_token?{0}";
I'm using the TokenExchange_Url URL to receive the unique user OAuth token to make calls with.
This is working fine, because a) i receive the token back, and b) i can issue HTTP Get Requests to the Graph API (i.e UserDetails_Url) and it works fine.
But, i cannot Post to the User's wall using the Feed_Url.
I'm pretty sure the issue is i haven't got the appropriate user permissions to post to a wall (i.e facebook-side setting).
Now, i realise i can use the fbPublish API method client-side to do this, but i want to do it server-side with the Graph API.
I wont bother showing my code which attempts the call to the Graph API to post to the user's wall, as its pretty straightforward (HttpWebRequest, set method to "POST', set content type/length, write bytes to Stream, etc).
I think the problem is i need the user to grant my aplpication "publish_stream" extended permissions.
The Facebook Graph API doco says to do this in your authorization request:
https://graph.facebook.com/oauth/authorize?
client_id=...&
redirect_uri=http://www.example.com/callback&
scope=user_photos,user_videos,publish_stream
Which confuses me because im using the following URL to get the OAuth token:
https://graph.facebook.com/oauth/access_token?bunchofqsparams
Am i using the wrong Token Exchange URL? Why is there two different URL's to seemingly get the same piece of information?
Yes - i have read the Facebook API doco (numerous times), and yes i have read other similar SO questions, but they all result in using the client-side API to publish to wall, i want to do it server side.
For the actual "Facebook Connect" button, i'm using the standard FBML:
<fb:login-button length="long" size="medium" autologoutlink="false" background="light" onlogin="facebookLogin('/login')" class=" fb_login_not_logged_in FB_login_button FB_ElementReady"><a id="RES_ID_fb_login" class="fbconnect_login_button"><img id="RES_ID_fb_login_image" src="http://static.ak.fbcdn.net/rsrc.php/zB6N8/hash/4li2k73z.gif" alt="Connect"></a></fb:login-button>
When i click this (and not logged into Facebook), it pops up a window which the user can login. But it doesnt have the "Request Extended Permissions" dialog - shouldnt it? Or is that another popup i need to manually trigger?
So to sum up, here are my questions:
- How do i grant extended permissions to publish to the user's wall?
- What is the correct URL for obtaining an OAuth token?
- Is there a definitive source for showing how to post to a user's wall using server-side Graph API calls?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
正如我所推测的,我错过了对客户端 API 的调用来请求扩展权限。 (即publish_stream)。
我有一个简单的 JavaScript 函数,它作为 FBML 登录控件的“onlogin”属性的一部分执行。
以前,我只是进行重定向(然后在服务器端代码中进行单点登录)。
现在,我正在这样做:
翻译成英语:
现在服务器端图形 API 调用一切正常。
因此,回答我自己最初的三个问题:
答案:使用客户端 JavaScript API 函数“FB.Connect.showPermissionDialog”来显示弹出窗口,并使用“FB.Facebook.apliClient.users_hasAppPermission”来检查他们是否具有权限。
答案:我仍然相信它是“https://graph.facebook.com /oauth/access_token?{0}”,但是”https://graph .facebook.com/oauth/authorize?{0}" 或许能够用于服务器端身份验证/授权过程。
答案:如果有,我就不必问这个问题 - 所以简而言之,答案是否定的。 =)
对任何开始 Facebook Connect 工作的人的建议是,尽量避免使用“旧的 JavaScript API”。尽可能多地在服务器端(Graph API)进行操作,并且仅使用客户端 JavaScript API 进行初始握手(跨域接收器)。
As i presumed, i was missing a call to the client-side API to request extended permissions. (ie publish_stream).
I had a simple JavaScript function which was executed as part of the "onlogin" attribute of the FBML Login control.
Previously, i was simply doing a redirect (which would then do a single-sign-on in the server-side code).
Now, im doing this:
Translated to english:
Now the server-side Graph API calls all work fine.
So to answer my own original three questions:
Answer: make use of the client-side JavaScript API function 'FB.Connect.showPermissionDialog' to show the popup, and 'FB.Facebook.apliClient.users_hasAppPermission' to check if they have the permission.
Answer: I still believe it is "https://graph.facebook.com/oauth/access_token?{0}", but "https://graph.facebook.com/oauth/authorize?{0}" might be able to be used for a server-side authentication/authorization process.
Answer: If there was, i wouldnt have to had asked this question - so the answer in short, is no. =)
Advice to anyone starting Facebook Connect work, try to avoid the "Old JavaScript API". Do as much as you can server-side (Graph API), and only use the client-side JavaScript API for the initial handshake (cross domain receiver).