I am integrating the facebook SDK in my application for ios. When the user login via facebook I am getting the token, and using it to authenticate the user in my app. The token will also be used to get the user information and validate the user on the server.
My question is this:
If the user login using facebook with the same account but on another device.
1) A new token will be send for him?
2) if so, what happen to the old one? does it get expired?
I know I can test and see what happens but we are still in the planning phase and we can't afford to spend time on implementing tests. Searching on google about this issue didn't result in any clear answers. So I would appreciate if someone has info about it
Thanks a lot
To answer my own question in case someone is looking for it
1) A new token get sent
2) The old token still works
Related
I know, this might be a very naive question, but I'm having hard time imagining a complete picture of how Facebook SignUp and Facebook Login should be used in my application. I understand Facebook documentation, but it gives me scattered pieces which I can't figure out how to put together. I would appreciate any links for how-tos regarding this issue.
The problem I'm trying to solve, is simply to use Facebook SDK to register users in my application. But, what does this mean? Generally, if we take e-mail registration, this means getting e-mail address and a password, which will be used for later logins. For every login, my server will generate a session id, which will be used in API calls.
Now, I can obtain user's e-mail using Facebook SDK. But now what? What about the password? How should I generate a session id now on my server? Do I have to perform Facebook login call every time I start the app? Or should I send access token to my server and store it in users table and use it for generating session id? I don't need to perform Facebook Graph API calls in my app. All I need - is "single-click" signup/login functionality. What's the right way to do it?
I have a simple question about using Pushbullet's OAuth API and was not able to find the answer on PUshbullet's site. Specifically, if I register my client app to use Pushbullet's OAuth authentication and I send my users to give their approval to allow me to use their Pushbullet's credentials, what happens if the person is not already a Pushbullet user? Will they be allowed to register themselves with Pushbullet as a new user (I hope!) AND then be redirected back to my app, or will that kind of break the OAuth flow? I am trying to use Pushbullet as my notifications mechanism for my mobile hybrid app and it seems like it is a great fit, but I know many of my users will not know how to recover if they break out of being redirected back to my web app. TIA.
JLP
New users should be redirected to your app. You should test it yourself to make sure though.
I'm using omniauth-twitter for twitter log in to the website and it works perfectly well (go to /auth/twitter, user authenticates, and then redirect_to /auth/twitter/callback). Great.
However, on the iOS side, how can I implement sign in with twitter? Do I do it client side or server side? Could anybody go through the steps? (note: the only way to sign in to the app is through twitter)
We've tried:
using a UIWebView that goes to /auth/twitter, but on redirect, it goes back to the web version. Is there a way to get JSON data from the UIWebView?
doing sign in with twitter client side, and using a made up password to authenticate in sessions#create that matches a made up password on the db.
Is there another alternative for authentication? I know what we're doing has a lot of flaws but we couldn't find any other solutions even after asking in meetups and researching online for days. please help!
You could add an OAuth 2
implementation on your server. Your server authorizes the iOS app for an authenticated user / content owner. (You have completed the authentication part.) Once authorized, the iOS app accesses that particular user's content (via an api on your server) as if it is logged in as that user.
You will find one potential OAuth 2 provider implementation for RoR as
applicake/doorkeeper
You will find a sample iOS client application as
telegraphy-interactive/OAuthClientSetup
That is one suggestion, in any case. Not the whole answer, which would require a book chapter.
I'm new to Facebook development and I'm running into trouble with what seems like it should be an easy task. I am building an iOS app for a client, and that client wants to display a number of their most recent status updates in the app, along with a link to their Facebook page. These statuses should be displayed to the user of the app even if they are not logged into Facebook or do not have a Facebook account saved on their device.
My research so far seems to indicate that I'll need to make a request to the Graph API using a user access token (which I can do successfully in the app using a token copied and pasted from the Graph API Explorer), but it seems that the only way to get a user access token from within the app is to log the user of the app into Facebook using their account credentials. This is not a good solution because I need to be able to display the client's statuses to the user whether they have are logged into a Facebook account or not. Is such a thing possible, and if so, how? I've been all over the docs and can't find a conclusive answer either way.
I know that we would approach it quite differently. We would have our own web service periodically pull what we needed off of google and store it on our own server, then we would use AFHTTPClient to pull this information down to our app. That way we wouldn't have to spoof anything with FaceBook or put any requirments on our users, such as logging into facebook. It would require that you have a service that your client maintains (or you could easily contract that for a cost).
Edit: I found the solution here:
Using app access token in IOS
Hi,
I read in this thread:
Facebook API without client authentication for public content
that it is possible to make facebook api graph requests without the need to log in as a user.
I tried getting the app access token with a NSURLConnection request,
but from there I don't know what to do.
How do I get the NSData response into the right format for the token (which is what, a NSString?)?
And how do I send a facebook graph request with the aquired token?
Or is there a simpler way to receive public posts from a facebook wall without the need to login as a user?
Greetings
Michael
Hey i'm struggling a litle bit with the same problem.
Since a couple of days Facebook changed some things concerning having an access tokken. Now, if you only want to read a users posts you will need to have an access token (even if this info is public).
Luckily you can also use the app access token. I'm trying to figure out how to fix this, but here is some information about that: http://developers.facebook.com/docs/authentication/ (chech app login)