App: Bypass authentication for Open Graph facebook requests - ruby-on-rails-3

I have a Facebook app that can't be used before a user log in via Facebook (OAuth). Some pages (e.g. example.com/books/2) should be accessible for Open Graph requests (when they have been liked). Currently, Facebook isn't able to retrieve those pages since authentication is required (redirect). How can I determine if an incoming request is coming from Facebook or not? Or should I take another approch?
Thank you!

Just add an exception so that Facebook's crawler can reach the page, The user agent is currently facebookexternalhit/1.1 (+http://www.facebook.com/externalhit_uatext.php)
(but the version number may increment someday)

Related

Objective C: How to get access token from web browser to cocoa app?

Please let me elaborate what I am trying to do.
What I want to do?
I am creating a cocoa application that uploads an user files to user's Onedrive and in order to do that I am requesting for an Access token by launching the access token URL in Safari.
https://login.live.com/oauth20_authorize.srf?client_id={APPLICATIONID}&scope=wl.signin+wl.offline_access+onedrive.readwrite&response_type=token&redirect_uri=https://login.live.com/oauth20_desktop.srf
Problem
Now the problem is how will I retrieve the access token from safari to my cocoa app?
In short: How to get one drive access token in Cocoa Application?
Please help. Many thanks
In order get access token on Local application you will need to follow given below steps:
Login to dev.onedrive.com and check YES on Mobile or desktop client app option
Take a browser control in you application and load the access token verify page
Add a URL change event for browser control
Whenever you get a url starting with https://login.live.com/oauth20_desktop.srf that has a # and access_token variable than it means you application has received the access from a user.
In case user clicks on NO(not providing access) then you will get a url starting with https://login.live.com/oauth20_desktop.srf?lc=1033#error=access_denied
Note: The idea is very simple. You will need to monitor URL changes and do the task accordingly.
P.S: Keep in mind that the redirect URL for local apps will be https://login.live.com/oauth20_desktop.srf

What is callback url in instagram api and how to can I implement it

Hi I'm beginner programmer
I'm trying to use instagram's realtime Photo Updates api
My purpose is use this API CONSOLE's subscription method
https://apigee.com/console/instagram
But I can't understand and handle callback url
What is the callback url's function?
And How can I implement the callback url?
The "callback url" (also referred to as redirect_url), is the URL Instagram will send users to after they have logged into Instagram, and authorized your application to read their data.
This is part of the OAuth 2 Spec, which Instagram (and many others) use to control access to their API.
The short version of the OAuth 2 "flow" is this:
You send a user to Instagram's page with your application ID, and a redirect URL.
The user logs into Instagram on their page and authorizes your application.
Instagram will then send the user back to your application (using the redirect URL value), along with a token that you can use to access their data.
GitHub has an excellent guide to how OAuth works on their server, which you will find very similar to Instagram's.
So the "callback url" should be set to the URL of your application server. For example, http://myapp.com/auth. Or, if you are working locally, you would use http://localhost:3000/auth.
Note: With Instagram (as well as most other APIs), the callback URL is permanently set when you register your client. So you'll often have to create separate clients for your live server, and your local one.

Google Plus login with Javascript and Authenticating with PHP

While implementing the Facebook Connect to a web application , its possible to show Facebook Sign up page in a pop up and once logging in and Granting permissions are complete, its possible to Authenticate Again in PHP and to get the necessary details of the user, - id, email etc.
I believe, thats secure because, the User Insertion is not based on the Ajax Request Parameters.
Is it possible to do the same with Google Plus Login also ?
Means - Logging in to Google - Using Javascript SDK, asking permissions, Authenticating all done in a Pop Up Window. and then, Creating a new user with the Help of google-api-php-client ??
Yes, what you're trying to do is outlined with https://developers.google.com/+/web/signin/server-side-flow which includes some PHP code samples to help you do this. In general, the steps at authentication time are:
User clicks the "Sign in with Google" button which may pop-up a new window at Google prompting them to log in and authorize your webapp.
After they do so, a one-time code is sent to a JavaScript callback you specify.
Your Javascript method sends this code to your PHP server.
Your PHP server uses the client library to contact Google's server and exchange this one-time code for an access token and refresh token, which you keep and use to perform actions on the user's behalf.

Retrieving Page from HTTPS Website

I am registered user of a website that provides stock quotes values and I want to create a desktop application where in I will display the stock updates of a specific quotes.
For that, I need to parse a web page which is visible only when I login to the website. If I try to access that page, without logging in, it redirects me to the login page.
The Website does not provide any API for developing such a client application. Is there any way I can login to the website using the desktop client and thus access the required web page?
Regards,
TheLameProgrammer
You'll need to first do a HTTP POST to the login page, store the cookies that come back, then pass these along with any furture request you make.
Same as the browser does.
Hopefully this question is in earnest and not spam but the answer is no

Redirect to own site when user logs in via Facebook app

I am building an app with the functionality to publish
messages to users walls while specific actions runs on
my website.
What I have done is (briefly):
Registered my own app on Facebook
Added a login button on my website with permission
to publish:
Log in on Facebook
Downloaded facebook-php-sdk library
It is now I start having problems. I do not know how
to do what I want to do now.
What I want to do:
When a user logs on to facebook via my website. I want
a file on my site to be called, where I can update the
user's data in my own database as well.
Because that is not what the canvas url is meant to do? How it
is no, seems no file at all is called on my site when
I click on Login.
Since you are using the Facebook PHP-SDK you noticed that there are two options for the users to login:
Using the XFBML button, which will:
Open a login dialog (pop-up) asking for permissions..etc
When a successful authentication/authorization is complete the dialog will close, the auth.login event will be triggered and based on that the page will get reloaded window.location.reload();
The PHP in the top of the page will get into business and $session = $facebook->getSession(); will actually retrieve a session! $user = $facebook->getUser(); will retrieve the current user
Using the Login URL generated by the Library $loginUrl = $facebook->getLoginUrl(); this URL will get you through the same flow and if you noticed there's a next redirect_uri parameter which will redirect you back after a successful process to that URL (mainly the same URL you are at), where you can change that parameter if you like.
The canvas URL is the URL Facebook uses when it displays your application from within Facebook. You would use this functionality if you expect users to use your application while in Facebook itself.
When authenticating using Facebook's API (assuming graph API usage here), you provide a redirect_uri as part of the authentication URL. Once Facebook has authorized your application, it will redirect the user's web browser to the URI you specified. This URI can be any link you desire on your site. You should use the link as the determination of when the user is logged in successfully, e.g., https://mywebsite/facebook/loggedin.