Facebook is ignoring our scope parameters that are being requested from our app. We're using Firebase authentication which provides an SDK that allows us to request a series of permission scopes from Facebook.
Here is an example of what this looks like:
import firebase from 'firebase/app';
// instantiate new Facebook provider
export const fbProviderRedirect = new firebase.auth.FacebookAuthProvider();
// add business_manager scope to access user's business manager data
fbProviderRedirect.addScope('business_management');
fbProviderRedirect.addScope('public_profile');
fbProviderRedirect.addScope('email');
fbProviderRedirect.addScope('ads_read');
fbProviderRedirect.addScope('ads_management');
fbProviderRedirect.setCustomParameters({ auth_type: 'reauthenticate' });
We then call our auth function and pass in the 'fbProviderRedirect instance as an arg
const linkToProvider = (provider) => {
return auth.currentUser.linkWithRedirect(provider);
};
Once a user selects our btn, they are redirected to the facebook dialog screen and are presented with a request to grant our app access. However, here is the part that we cannot figure out.
While testing, when we use our FB app admin account, when we select the btn two dialog screens appear. First screen contains permissions: public_profile and email, and the second dialog screen covers all of the remaining permissions.
When regular users attempt this, they only see the first screen, not the second. They are then given an access token which does NOT contain any of the explicitly set permissions from firebase.
Our app within facebook was reviewed and approved via advanced access for the following permissions:
pages_show_list, business_management, ads_read, pages_read_engagement, ads_management
Additionally, our app was also verified as a business. So we've been both approved and verified by facebook for our app and business.
We cannot figure out what we're missing or doing wrong. Any suggestions on how to proceed?
oAuth screen:
Review approved:
Business Verified:
You have to press 'Continue As _____' and the scopes that you are asking for will be shown in the next few dialogs.
Related
I have 5 different applications developed in react-native, I want give a better experience to my users, so if an application being logged I want the next one not to need to do login again if it is called from within the logged-in app.
How Can I do it?
There could be a lot of ways to do this, for me i use Redux for storing the Auth Token which i generate by Random string function, and i use 2 type of Stack 1) App Stack 2) Auth stack. So before that i wrap it inside a condition where it says { loginKey ?<AppStack/>:<AuthStack/> } where appStack is all the apps screens, AuthStack is login/signup screen and loginKey is redux state which stores the key one time (which we generate on successful login/signup).
Other way is as mentioned in above answer using user - login state and check if login state is true then show user your main apps screen else show user login screen.
I'm trying to create a sign up page and currently integrate signup with google with nextauth.
I have been able to integrate signIn with nextAuth and able to sign in (However not able to create an actual user on the database...)
with:
import { getProviders, signIn as SignIntoProvider } from 'next-auth/react';
where signIn exists in next-auth/react-- when searching for signUp or newUser, it doesn't exist... is there any other place where I should be looking for?
As there is supposed to be signIn, signUp, and signOut. I'm not able to access signUp for some reason...
The signUp function doesn't exists, but you can use NextAuth callbacks to save the user on your database.
When a user sign in, query the db to check if it already exists, and if it doesn't, you create it.
Here is the documentation reference of how to use the signIn callback:
NextAuth Callbacks documentation
I've one trouble with my teams custom app. I'm making a custom app that return sign-in action to unlogged user when he try to use a search message extension. Now, my problem is:
How can I resume the query after the user logged?
I return to the user an auth composeExtension type that point to one route of my spa. The user make authentication and correctly return the accesstoken, but then it doesn't continue the search. I've already try call :
microsoftTeams.authentication.notifySuccess({ accesToken: oResponse.accessToken })
but it only close the opened popUp.
Please, help me. Thanks.
Possibly the question is being solved somewhere, but I can't find the solution.
The problem is following:
There was created Facebook application for web-sites. Application ID: 838914722867595
All setting were set to "public" for the application. I.e. the status is "This app is public and available to all users"
When trying to get user info with not application owner account with "FB.api('/me', ... " I've got an error:
{ status="not_authorized", authResponse=undefined}
{ message="An active access token must be used to query information about the current user.", type="OAuthException", code=2500}
I need only Facebook user ID.
Calling of "FB.api('/me', ..." is wrapped into "FB.getLoginStatus( ..."
Doing the same with application owner account returns the expected user info results.
{ authResponse={...}, status="connected"}
{ id="1395024780825585", first_name="Evgeny", gender="male", more...}
The url with implemented Facebook JS: http://www.doc4net.com/download/2459616413282
Here is the screenshot of the app setting.
Please, advice
The issue is solved.
Facebook "Like" button DOES NOT provide application permissions on login. Even it is calling the login dialog.
So, first the one is need to be logged in with "Log in" button, which rises the login dialog with requesting to allow application permissions to read facebook user info.
Only after using "Log in" the "Like" button works properly.
I have implemented a Facebook, Twitter and Google plus login to my website. For Facebook and Twitter the user needs to give permission to the app one time, unless i make a change in the required information.
Google Plus however asks for permission for my app every single time. And I can not find anywhere to configure the app in only requesting this once.
You need to set the 'approvalprompt' to 'auto'
function render() {
gapi.signin.render('customBtn', {
//'callback': 'signinCallback',
'clientid': '841077041629.apps.googleusercontent.com',
'cookiepolicy': 'single_host_origin',
'requestvisibleactions': 'http://schemas.google.com/AddActivity',
'scope': 'https://www.googleapis.com/auth/plus.login'
'approvalprompt': 'auto'
});
}
Remove the approvalprompt parameter from your sign-in code. I assume you copied from one of the examples that uses this parameter to ensure that the example is always in a new state.