I'm trying to add a friend request feature to one of my apps. I've done quite a bit of research, and I've found out that I can't do that via the graph api. I've also looked into dialogs, and that isn't supported in FBConnect.
So my only option now would be to pop up a UIWebView and do it and format the url like this: http://www.facebook.com/dialog/friends/?id=FRIEND_ID&app_id=APP_ID&redirect_uri=REDIRECT_URI. That's not a problem, but if the user isn't logged in with Facebook on mobile safari, they will have to log in and that can get quite annoying.
Have any others dealt with this problem? Any good work-arounds?
Friend requests always need to be authenticated from the request sender side, hence the user will have to log in when using the friend request dialog if they are not already logged in.
Related
I want to use instagram's API but it asks me for authentication. I have logged in instagram but still I cannot get the authentication. Going through the web I found that we need to Register a new client but I don't know what details I need to give there.
This is certainly not a comprehensive answer, but to get you started go to https://www.instagram.com/developer/register/ and look for the Manage Clients button in the upper right corner. You'll need to be logged in first. Then click Register Your Application. You will have to have your callback URL ready to go, what they call the redirect_uri.
I was wondering if the SnapChat API allows for auto accepting of friend requests. I know the API exists but I can't seem to find any docs on it anywhere, does anyone know where SnapChat releases these? I have like 6,000 friend requests and don't want to accept them all by hand lol!
There is not a public API available, but there is a few unofficial API's released. The most documented one is here, http://gibsonsec.org/snapchat/fulldisclosure/ , I am developing a few applications with the use of this that incorporate snapchat. TO auto accept friend requests, you would need to listen for them in the snapchat update that are pushed to the client, then as you parse it the tag for a friend request would be under MEDIA with the value 3. Then just send the accept back. If you want something like a macro to go through your current requests then get a macro application on android if you are running android, you need a root though for these. So i suggest downloading Bluestacks on the pc which is a android simulator where you can download any app and run it. Download snapchat for it and run a macro on your computer.
I've recently been doing a bit of web development so I've been thinking more about authentication and stuff. On Netflix I noticed there is an extra option on the Account page to de-authorize other devices. My girlfriend changed her password but I was still able to use it without re-entering the password till she logged out other devices.
So my question is how does authentication for Netflix work if it doesn't have to locally store your password?
Netflix uses a version of Open autentication to allow a device to access an account. Once the device has been authorized it will then have access to that account until its has been deautorized.
Chaning password doesnt matter becouse the device has autorization already probably in the form of a refresh token stored someplace. So its not storing a password its storing an autorization token of some kind.
Lets use facebook as an example: (response to comment below)
https://www.facebook.com/settings?tab=applications
This shows a list of all the crap I have loged in to using my facebook account. Now I have probably changed my facebook password sevral times it wont matter I will still have access. Some of these are mobil apps i have installed on my cellphone at one time or another. Even if i dont use them they still have access.
This doesn't technically answer the question, but is related and, I think, helpful:
You can forcefully invalidate the previously-validated tokens for other devices by going to https://www.netflix.com/ManageDevices - as soon as you go to the page it will ask if you want to sign out other devices.
(from "Someone is using my Netflix account without my permission" at https://help.netflix.com/en/node/18)
I want to be able to show a user which of their friends have signed up for the app as soon as they come to the site, before they are authorized, as long as they are logged into Facebook in the current browser.
Is this request possible? I have definitely seen this sort of thing, but I am not sure if this is universally available. I recall seeing some info on this topic on Stackoverflow, but cannot find it at the moment.
It's a Ruby on Rails app and I have been using Koala to make the authorized requests.
Thanks.
I am making a mobile application where users can connect their twitter accounts to the app. I am just kinda curious what's the best way to do it.
Right now, I would love to be able to make my own custom page (without having to use a UIWebView).
Is this possible? If how, so?
Thanks.
As I understand, you don't want the user to be redirected to Twitter's OAuth authorization web page. You can use xAuth instead, but you have to send Twitter an email why you want this, and they won't allow xAuth for your app until it is in a very late development state (when your app is almost complete). You can find the manual for xAuth in the Twitter development documentation.
Basically, what xAuth does is it allows desktop and mobile applications to skip the request_token and authorize steps and jump right to the access_token step. This way, you can provide the user with custom fields (e.g. UITextField objects) to fill their username and password in. Just make sure you don't save them anywhere, only the access token. Good luck. :)
A quick web search reveals MGTwitterEngine