We are working on an iPhone app that uses Facebook's realtime checkin data. We noticed that if we uninstall the app and reinstall the app, we see one of the two issues:
Facebook realtime updates stop working for some users. i,e, our servers receive no checkin notifications from Facebook when user checkis-in. It all works well before user uninstalls the app.
Facebook sends realtime updates, but when we try to retrieve checkin data, we get empty result set:
Query: (using the appropriate auth_token)
/me/checkins
Response:
{
"data": [
]
}
Data is empty when we test from debug tool as well.
More info:
We use a "Deauthorize Callback URL", which points to a specific URL on our server, and we do return a success back to Facebook upon invocation of that URL.
User is prompted for the appropriate permissions upon reinstalling the app. (Permissions used: publish_actions).
We did verify that the app is allowed to use Facebook (iPhone->Settings->Facebook).
When user logs into Facebook on a web browser and selects the app from "Your Apps" section, we do see proper permissions.
We did verify the permissions from Open graph debug took as well. They look alright.
Any idea what might be going on here?
Regarding #2, contrary to what Facebook says in https://developers.facebook.com/docs/reference/api/checkin/, the 'user_checkins' permission is needed. If you use the permission 'user_status' the checkin data array is empty.
This smells like a facebook bug.
Related
Last year I developed a chatbot with Microsoft Bot Framework that I integrated in the Facebook Messenger of a page. Everything worked fine until 16th of December (last successful log). The page is not used by a lot of people therefore the application might have worked also longer than that.
Today I tried to use the chatbot again and I did not get any response. In the Logs I just found the error message "Operation returned an invalid status code 'Forbidden`".
After a bit of Debugging I found out that the problem is sending messages back to the Facebook Messenger.
context.SendActivityAsync(...)
I did not change any configuration within my Azure Bot Channel registration recently. I am aware of the privacy changes within the Facebook API, but as I already struggle with sending a simple text response like "Hi" I assume that cannot be the problem. Also the permission scheme has changed for Facebook apps. I have the permission for "pages_messaging". Do I need another permission now? Or did I miss another change in the Facebook API?
Technical Details:
Facebook API Version v6 (tried also v9 but no change in behavior)
Chatbot based on .Net Core 2.1
Bot Builder SDK v 4.11
Any hints what I did wrong or where I can look for further information is much appreciated.
Edit: I tried to add a new page to my Facebook App and get following message:
There is a hint that a permission is missing, but I cannot find out which one I require. As I only send responses to FAQ's and if required handover to the customer service inbox I just requested the "pages_messaging" permission. Do I require any other permission now?
I found the problem. For everyone that might have the same problem:
In our case the administrator that added the Facebook pages to the application was removed from the admin permission list of the pages. After re-adding the admin permissions for the pages the bot started working again.
I'm facing a problem with react-native-fbsdk. I'd like to know whether the user has installed the app by coming through Facebook Ads or has he/she installed it organically from store (App Store, Play Store). Is this even possible with React Native?
The reason is, I need to log events for analytics restricted only on installations done via Facebook. There are pre-defined events, like App Installs and App Launches tracked, but my events are custom events.
I have assumption that either AccessToken.getCurrentAccessToken() or AppEventsLogger.getUserID() would return something when the installation is performed through FB. On dev environment, both returns null which is kind of expected. However these ideas could only be tested on production and this isn't an option.
So the actual question is: "How do I detect whether the user is coming through Facebook advertisement link?"
Our web app allows users to log in via Facebook. Technically, we are using Facebook OAuth2. We have implemented this login process two years ago. It worked fine until 13th November 2015 but since that day it does not. When our server sends the request
https://graph.facebook.com/oauth/access_token
with appropriate parameters (client_id, redirect_uri, client_secret, code), the response from Facebook has HTTP status 400. The response body is a HTML page saying "Sorry, something went wrong".
On 13th November, there was some problem on Facebook probably.
I have found the following message:
http://www.independent.co.uk/life-style/gadgets-and-tech/news/facebook-down-site-breaks-for-many-people-though-not-for-everyone-a6732906.html
However, our server still gets this error response after a week. We have an instance of the system deployed in the production environment and one more instance in the test environment (with different Facebook account, i.e. with different client_id and client_secret). Currently, Facebook login works fine in the test environment. I am not sure if it worked on 13th November.
Do you have any experience with recovery from such problem? Why does Facebook login work in test environment and does not work in the production environment in the same app? Why did the production instance break on a particular day and is still broken a week later?
Thanks for any help.
I had the same issue. I believe that the issue stems from passing in invalid scope in your authentication requests. Try removing the scopes in your authentication request to see if that works.
One more corner case I found in 2022:
In the App Dashboard, if you choose Facebook login for Business, same error happens. It will go away as soon as you select Facebook Login one.
Finally, the issue was resolved by restarting the servlet container (Tomcat 7). However, I have no idea why.
All of this is using exclusively the login button. Not the API serverside and not FB.login(). It would work for me sometimes and sometimes not and I couldn't figure out why. I would open a new window and it may work, or may not - but it seemed like once broken it was broken.
There appears to be an issue when using the Chrome 'Device simulator'.
Looking at the SDK Javascript (that's to say the SDK that the Facebook Login button uses) it checks to see if the device is a 'touch' device and if so it will use the m.facebook.com domain when requesting the oauth token.
This domain fails m.facebook.com:
However if the mobile device mode isn't activated when the page loads then it uses www.facebook.com and succeeds:
So for me the current workaround is:
Assuming you are developing with the console active.
When you need to reload your page press Ctrl + Shift + M to deactivate the mobile device mode.
Refresh the page
Once the button has initialized press Ctrl + Shift + M to reactivate it again.
If you see m.facebook.com then you didn't do it fast enough, or maybe you're using something like Angular with hot reload and you need to manually refresh.
I am using Facebook iOS SDK v3.5 for my app, I found that if I installed the facebook app and was not logged into the iOS device (Settings > facebook), then if I was logged into my app for the first time, it works fine: it will switch to the facebook app's login view and show some permissions with a "OK" and a "cancel" button. but after I was logged into my app and logged out and logged in again, the same permission screen in the facebook app will still be shown. I think the expected behavior is that when log in for the second time we should not see that permission screen since we have already granted these in the first time log in.
The same thing happens in the sample project "Scrumptious" in the FB SDK v3.5. Does someone know how to solve this problem? Thanks.
If I understand you correctly, the behavior is working as intended. Basically, the semantic here is that the user has logged out, so it is appropriate to ask them to confirm to log in again. Specifically the logout code in the sample (and in most apps) is to clear the token cache on the device, so the next time the app is asking for a new token.
You are right that once a user has granted permissions (and until they revoke them), the Facebook servers do know this. As a result there is a slightly nuanced flow in the login screen (you can see this by granting publish to scrumptious, and then the next time you request post it will be something akin to "you've already granted this permission").
So, you could technically not clear the token cache but then why bother with a log out option.
Hope that helps.
Hi all: I'm trying to test a hangout app, running from the API Console link/in the Sandbox.
Machines are
- Mac OS X,
- latest normal Chrome.
Both users are
- Google Apps users,
- added to API Team for hangout project,
- able to see the App Engine application for static files etc.
User one is API project owner, user two can view project.
As user one, I click the API Console/Sandbox link to start.
The plugin starts, and the app starts right away.
I click on the App icon at left to hide the app.
I click on the blue Invite People button to invite user two.
The app frame goes blank, no way to invite user two.
In user one's console, there's only one error, prior to app startup:
Failed to load resource: the server responded with a status of 404 (Not Found)
https://hangoutsapi.talkgadget.google.com/talkgadget/channel
Starting with user two, I get two errors--first the following, followed by the above error, followed by app startup:
Uncaught TypeError: Cannot call method 'isLoaded' of undefined
:87
The stacktrace of this error goes
0d.be :87
init: (program):1
onload :1
0d.load :1
Gg :120
window.jstiming.js :124
(anonymous function) :371
... no file names, just line numbers.
I have not gone through the OAuth client ID configuration yet. Is this needed for Sandbox work between two users (as opposed to individually)?
I need a way to get these two users into the same hangout. Eventually I can do this through server-sent URLs (I believe) but for yesterday I need a quick 'n' dirty method.
Many thanks for any insight.
Kirk.
Instead of trying to use Invite, you may want to send the URL of the sandboxed hangout to the other person.
You may also want to skip the sandbox altogether and just publish the code and work with the "public" version.