I am writing a python desktop app that will access a user's facebook photos. The app currently supports flickr, which uses a similar oauth authentication process, but I am struggling to figure out how to authenticate the app for facebook. For flickr, the basic steps are:
App opens a browser on the authentication page
user gives the app permission to access the account
App receives a token as a http response that can then be used with flickr's api
I am hoping that there is something similar for facebook, but I haven't been able to figure it out.
There are a variety of facebook API libraries for python, such as Pyfb, which provides a simple way of accessing graph data, but none of them provide an obvious way to do the authentication steps above and retrieve a token that can be used. Here's the example from Pyfb, which presumes that the user token will be manually entered by the user, which is totally ridiculous for a desktop app...
from pyfb import Pyfb
#Your APP ID. You Need to register the application on facebook
#http://developers.facebook.com/
FACEBOOK_APP_ID = 'YOUR_APP_ID'
pyfb = Pyfb(FACEBOOK_APP_ID)
#Opens a new browser tab instance and authenticates with the facebook API
#It redirects to an url like http://www.facebook.com/connect/login_success.html#access_token=[access_token]&expires_in=0
pyfb.authenticate()
#Copy the [access_token] and enter it below
token = raw_input("Enter the access_token\n")
#Sets the authentication token
pyfb.set_access_token(token)
#Gets info about myself
me = pyfb.get_myself()
Here's a shot at answering my own question.
First, the reason the code fragment above doesn't work. The call to pyfb.authenticate opens the authentication link in the default browser. After the user logs in and allows the app access, facebook is supposed to redirect the URL in the browser to something like
https://www.facebook.com/connect/login_success.html#access_token=ACCESS_TOKEN&
expires_in=SOMETIME
In the pyfb code sample, the user is supposed to copy the access token from the URL bar and all should be well. But... presumably because of some security concerns, facebook will perform some Javascript shenanigans which will instead leave you with:
https://www.facebook.com/connect/blank.html#_=_
(It turns out that you can work around this by digging through the browser history on some browsers -- see https://bugs.kde.org/show_bug.cgi?id=319252)
The solution to this for a desktop app is to open a web view within the app. The Javascript code apparently will correctly detect you are authenticating within an app and spit out the full URL with token. So here's an example using Python gtk and webkit:
import gtk
import webkit
view = webkit.WebView()
sw = gtk.ScrolledWindow()
sw.add(view)
win = gtk.Window(gtk.WINDOW_TOPLEVEL)
win.add(sw)
win.show_all()
win.connect("destroy", lambda *args:gtk.main_quit())
client_id = 'XXXXXXXXXXXXX' #your unique app id
auth_url = 'https://www.facebook.com/dialog/oauth?response_type=token&client_id=%s&redirect_uri=https://www.facebook.com/connect/login_success.html'%(client_id,)
view.open(auth_url)
def load_finished(view,frame):
#function will print the url with token second time
print frame.get_uri()
view.connect("document-load-finished",load_finished)
gtk.main()
Related
I made a script that works perfectly when it runs locally but isn't able to authenticate in my Azure Functions app. At first, I thought it was because it couldn't read the .cache file.
After looking at the logs it's because it can't open a browser window to create the authentication token. I'm fairly new to Azure functions so I'm not sure how I can enable opening a browser if that's even possible.
I looked into the oauth2.py file in spotipy and found it's optional to open the browser but instead, the console asks for the redirected URL. Is there a way for me to get the redirected URL and enter it into the console instead?
Here's my code:
def create_playlist(cred):
"""Creates the playlist for Discover weekly to be copied to"""
# Gain authorization to create playlist
logging.info('Authenticating spotify secrets to create new playlist...')
# spotipy.CacheFileHandler(cache_path='')
sp = spotipy.Spotify(auth_manager=SpotifyOAuth(client_id=cred[0],
client_secret=cred[1],
redirect_uri=cred[2],
scope='playlist-modify-private',
open_browser=False,
))
# Get returned list from get_playlist_info function
logging.info('Determining playlist descriptors...')
info = get_playlist_info()
# New playlist for Discover Weekly
logging.info('Creating new playlist...')
new_playlist = sp.user_playlist_create(user=cred[4],
name=info[0],
public=False,
collaborative=False,
description=info[1])
logging.info('Returning new playlist.')
return new_playlist
In Redirect URIs you enters one or more addresses which you want to whitelist with Spotify. And this URI enables the Spotify authentication service to automatically re-launch your app every time the user logs in.
You can set your Redirect URL by navigating to your Spotify developer dashboard and open the project you are working on. Then click "edit settings" and look for the redirect URIs field and put your redirect URI in the field and lastly save it.
The Authorization Code Flow needs you to add a redirect URI to your application at My Dashboard. The redirect_uri argument or SPOTIPY_REDIRECT_URI environment variable must match the redirect URI added to your application in your Dashboard.
Following are some examples that you can use as redirect URIs.
http://example.com, http://localhost or http://127.0.0.1:9090
The correct way in which you should authenticate yourself is shown in the code snippet below.
token = util.prompt_for_user_token(
username=USERNAME,
scope=SCOPE,
client_id=CLIENT_ID,
client_secret=CLIENT_SECRET,
redirect_uri=REDIRECT_URI)
You should also export your redirect_uri, client ID, and secret before running your script and trying to authenticate. If you don't pass the values directly to the util.prompt_for_user_token function, it will read them from the environment.
Try running these in your terminal before running your script.
export SPOTIPY_CLIENT_ID="YOUR CLIENT ID"
export SPOTIPY_CLIENT_SECRET="YOUR CLIENT SECRET"
export SPOTIPY_REDIRECT_URI='http://localhost/'
For more information you can read this Authorization Code Flow document for Spotipy.
Anyone know if this is possible?
I just want to automate dropping some documents into my onedrive for business account.
I tried
import onedrivesdk
from onedrivesdk.helpers import GetAuthCodeServer
from onedrivesdk.helpers.resource_discovery import ResourceDiscoveryRequest
redirect_uri = 'http://localhost:8080'
client_id = 'appid'
client_secret = 'mysecret'
discovery_uri = 'https://api.office.com/discovery/'
auth_server_url='https://login.live.com/oauth20_authorize.srf?scope=wl.skydrive_update'
#auth_server_url='https://login.microsoftonline.com/common/oauth2/authorize',
auth_token_url='https://login.microsoftonline.com/common/oauth2/token'
http = onedrivesdk.HttpProvider()
auth = onedrivesdk.AuthProvider(http,
client_id,
auth_server_url=auth_server_url,
auth_token_url=auth_token_url)
auth_url = auth.get_auth_url(redirect_uri)
code = GetAuthCodeServer.get_auth_code(auth_url, redirect_uri)
auth.authenticate(code, redirect_uri, client_secret, resource=resource)
# If you have access to more than one service, you'll need to decide
# which ServiceInfo to use instead of just using the first one, as below.
service_info = ResourceDiscoveryRequest().get_service_info(auth.access_token)[0]
auth.redeem_refresh_token(service_info.service_resource_id)
client = onedrivesdk.OneDriveClient(service_info.service_resource_id + '/_api/v2.0/', auth, http)
I registered an APP and got a secret and id. But when I ran this I got scope is invalid errors. Plus it tries to launch a webpage which isn't great for a command line kinda environment. I think this SDK might be outdated as well because originally this script had login.microsoftonline, but that wasn't reachable so I changed it to login.live.com.
I wrote this sample code you posted. You replaced the auth_server_URLwith the authentication URL for Microsoft Account authentication, which can only be used to access OneDrive (the consumer product). You need to continue using the login.microsoftonline.com URL to log into your OneDrive for Business account.
You are correct that this pops up a dialog. However, you can write a little supporting code so that only happens the first time you log into a particular app. Follow these steps (assuming you are using the default implementation of AuthProvider:
Use the sample code above up through the line auth.redeem_refresh_token()
The AuthProvider will now have a Session object, which caches the credentials of the current user and session. Use AuthProvider.save_session() to save the credentials for later.
Next time you start your app, use AuthProvider.load_session() and AuthProvider.refresh_token() to retrieve the previous session and refresh the auth token. This will all be headless.
Take note that the default implementation of SessionBase (found here) uses Pickle and is not safe for product use. Make sure to create a new implementation of Session if you intend to deploy this app to other users.
Onerive's website shows "Not Yet" on "OneDrive SDK for Python" to "OneDrive for Business"
https://dev.onedrive.com/SDKs.htm
The github sample codes did not work for me either, it tried to popup a window of authentication, but IE can not find the address:
http://('https//login.microsoftonline.com/common/oauth2/authorize',)?redirect_uri=http%3A%2F%2Flocalhost%3A8080&client_id=034xxxx9-9xx8-4xxf-bexx-1bc5xxxxbd0c&response_type=code
or removed all the "-" in client id
http://('https//login.microsoftonline.com/common/oauth2/authorize',)?redirect_uri=http%3A%2F%2Flocalhost%3A8080&client_id=034xxxx99xx84xxfbexx1bc5xxxxbd0c&response_type=code
Either way, I got the same result, IE did not show the popup with a line "This page can’t be displayed"
My program download some infos about user and post it to the label in app.
I have a interaction/authorization problem with gui Facebook app in python. My app uses tkinter, facebook and fbconsole.
I autorized in this way.
import fbconsole as F
F.APP_ID="123"
F.AUTH_SCOPE=['publish_stream', 'publish_checkins', 'read_stream', 'offline_access']
F.ACCESS_TOKEN = "1234"
F.authenticate()
And something for show results
newsfeed = F.get('/me/home', {'fields':'from,name,description,message'})
newsfeedData = newsfeed["data"]
label.config(text=newsfeedData)
But when I run it, appear new facebook tab in browser announce: "Application configuration does not allow the use of the URL". How can I get rid of it?
Thanks!
I'd like to be able to post tweets from a Python script, that runs from a server cron. I've been following the Twython documentation (https://twython.readthedocs.org/en/latest/usage/starting_out.html#obtain-authorization-url) but i'm not sure if I require a callback_url.
Only pass callback_url to get_authentication_tokens if your application is a Web Application
Desktop and Mobile Applications do not require a callback_url
Does anyone know if I require one? I tried putting in "google.com" but returned a 401 error.
Here's my code currently:
app_name = "AppNameTestScript"
APP_KEY = "exAmPlE"
APP_SECRET = "exAmPlEexAmPlEexAmPlE"
twitter = Twython(APP_KEY, APP_SECRET)
auth = twitter.get_authentication_tokens(callback_url='http://google.com.au')
If you use application-level authorisaion, you should use Oath2 authorisation path
Oath1 authorisation is a bit trickier, your application is authorised to act on behalf of an end user, so the latter has to grant this authority to your application. End user opens auth['auth_url'] url and grants permissions to your app on twitter.com, then he is redirected back to the application, that is where callback is used for. By processing this redirect, a web-based application communicates for access token. Read oauth begguide for more details.
There is a pin-based authoriazation flow in case you can't implement redirect handling. For this, you don't need to provide callback_url, as user acceptance is handled differently. Your end user however still need somehow communicate to your application his pin code. See twython docs for steps starting from when you know pin implementation details
I've been working on using python to get access to Facebook insights information. I was able to get public information (e.g. 'likes' from cocacola's page) in addition to app insights for apps that I have developed.
Because I am the admin and developer for both pages and apps, when I go to facebook.com/insights I will see a section for pages and a section for apps. I want to be able to get insights for both from the graph api and store them on my personal database. Getting the app insights were not difficult. I obtained my app_id and app_secret when I created my app and then followed the process under App Login at this page http://developers.facebook.com/docs/authentication/. This gave me an app access_token which I could use to get app insights.
When attempting to do the same for pages, I have had more trouble. As many previous posts have mentioned, most of the facebook documentation has to do with a facebook app getting an access_token to manage or read insights from a page. I understand that this is useful for apps that interact with a user's page. However, my instinct says that I should be able to get an access token with read_insights for a page that I am the administrator of without having to go through an external app.
The only way that I've been able to read the insights for my page has been using the Graph Api Explorer. I used the Explorer to obtain an access_token (through the access_token button, allowing the Explorer to access my personal data and requested manage_pages and read_insight extended permision). Then I followed the instructions under Page Login at the /docs/authentication/ page that I posted above, to get an access_token for the facebook page I administer. Then I could finally run https://graph.facebook.com/PAGE_ID/insights?access_token=RETRIEVED_TOKEN. However, this is an incredibly cumbersome way of finding the access_token. Is there a way to get this token that is less cumbersome? Thanks for your help. I've been struggling with this for quite a while.
I've also included the code that I used to get the access token for my app.
def get_access_token():
args = dict(client_id=FACEBOOK_APP_ID, client_secret=FACEBOOK_APP_SECRET, grant_type="client_credentials" )
url = "https://graph.facebook.com/oauth/access_token?" + urllib.urlencode(args)
response = urlparse.parse_qs(urllib.urlopen(url).read())
access_token = response['access_token'][0]
return access_token
Why not using classic way:
Create an app and login to it using facebook (JS SDK for example), with the offline_access and read_insights permission.
The offline_access will give you a permanent access_token that you can use to access the insights anytime you want.
The JS SDK (method FB.login) will return an object, containing the access_token you need.