Does facebook allow to use one person's access token to fetch post info of another person (post comments, likes)?
I am thinking of implementing a pool of tokens in my app, so if token is broken I can use other persons token. Wondering if it's allowed and whether facebook have some restrictions on such a use case.
Additionally, I am currently using FQL, is there a difference for Graph API in how tokens work?
Short answer: It is not possible. That would be an incredibly large privacy problem anyway.
Also, for user postings you need the "read_stream" permission and you probably will not get this one approved:
This permission is reserved for apps that replicate the Facebook
client on platforms that don’t have a native client.
(https://developers.facebook.com/docs/facebook-login/permissions/v2.0)
About FQL: There is no difference, although keep in mind that FQL is deprecated and will be removed when support for v2.0 runs out. See this link for more information: https://developers.facebook.com/docs/apps/versions#versioning
(thanx to Tobi for clarification)
Related
I was wondering if it's possible to utilize the Instagram API with Python in order to gather info on follower account status to seek trends/activity/etc. for my platform. Basically I want to see what brands, etc. users engage with by using the API to see where the accounts who are part of my network go, what they click like on, where they leave a comment/what type of feedback they give/interact across brands. The accounts will consent to this of course, but is this even possible with the API anyways? I have seen services offer this for a fee, so I assumed it's possible somehow.
I assume that when a user leaves a comment it is stored in some database that you can then use the API to see if it matches with some ID or such -- if not then maybe there is a way to do this indirectly, i.e., some kind of background service that can see if a comment/ID matches a username without having to use the API itself. Basically I'm interested if this is feasible/simple -- I'm not too savvy!
This is meant for business and non-business/personal accounts -- also just for the fun of it too.
I have peeked at the API but it does not mention this, and no amount of searching narrows it down.
I know Facebook made some changes with their graph API which basically makes this a dead end on their platform without some possible hackaround if that is even theoretically possible.
I’ve seen a couple examples of this ( Storing auth tokens in a cookie )already; but I’d like to understand the reason for doing this.I think this would create more problems because you have to specifically remember to delete the cookie after you’re finished. For my specific example ; I am dealing with Instagram via the API
Thank you for any and all help
I`m not sure exactly what you're asking for. You need to know how to store the token? However, then is no need to remember to delete a cookie, just set an expiration date.
Regarding the API, you will need a valid token everytime you do a request to API, so don`t delete it, otherwise you will need to re-authenticate everytime.
Note: For Instagram Business Accounts you need to use Facebook API.
https://developers.facebook.com/docs/instagram-api/v2.10
I started to write a project for Sina Weibo and got a problem from the start.
When I make a get request to API:
http://api.t.sina.com.cn/statuses/public_timeline.json?source=App_key&count=5
I get an error of authentication such as:
{"request":"/statuses/public_timeline.json","error_code":"403","error":"40070:Insufficient app permissions!"}
or another request and answer:
https://api.weibo.com/2/statuses/user_timeline.json?source=Appkey&trim_user=1&count=100&screen_name=michael
{"error":"applications over the unaudited use restrictions!","error_code":21321,"request":"/2/statuses/user_timeline.json"}
Can someone help me to make this request work?
I just don't het If I need to send token somehow or secret-key.. I am new at development and would be glad if someone answers.
Probably to late, but for future uses. Weibo requires all request to be OAuth2 authenticated. So before using that you need to give permissions and generate access tokens. It's common practice. Services like twitter provide smaller limits also for unauthenticated users, to ease developer live, however that's not the case with weibo :(
If you are working with weibo I highly recommend this article ->
https://www.cs.cmu.edu/~lingwang/weiboguide/
I'm doing some research, where I have a facebook app, that asks for some permissions on the users facebook to get some basic information.
I can see that my app has about 600 users, and I'd like to query them, to see some patterns in the users. i.e. how many friends do they have, how long messages do they post in updates etc.
My question is: Do I have to copy the data when the user first visits my app and grants access to his information, or can I query it as long as the user hasn't "removed" my app.
I hope the second option will be true, since I have a lot of considerations about "copying" user data, and storing it in a database - primarily ethical but also related to security issues, compliance, resources so on and so forth.
the programming language is not important, but if anyone needs to exemplify, lets say it's python.
NO. You don't have to copy the data.
You can query Facebook as long as you have a valid access token regardless of whether the user is online or offline.
However, the only thing you need to take care of is handling of expired access token, because in that case the user will need to re-authorize your application for you to get the access_token.
I want to let users use their google account to login to my website. Exactly the way SO lets me. Can anyone please point in the right direction? I'm assuming the oAuth library is to be used but what I'd really like is a snippet of code I can directly copy paste and get this to work.
It's not OAuth particularly that you need (OAuth is for authorising access for one website to specific private content held on another), but OpenID - which is meant for authentication rather than authorisation. (Some sites, like Twitter, do provide authentication services via OAuth, but that's not what it's primarily for.) I have used python-openid which is fairly straightforward to use, or you can look at django-openid - though it admits to being incomplete, you could get some idea of how to implement OpenID support.
The problem's a little too involved to admit a copy-and-paste solution, but it's not especially hard to do this.
Update: piquadrat's link (in he comment) is definitely worth following.
You may want to check out django-piston which is a mini-framework with oAuth built in. Here's a tutorial on how to set it up.
You might consider using Django-Socialauth, as it supports
Twitter
Gmail
Facebook
Yahoo (essentially openid)
OpenId