I'm fairly new to iOS development, and I'm starting work on an App that will include some simple Facebook integration. As a proof of concept, I made a bare-bones, view-based application that has a simple button to log a user in to Facebook, and then another button to post a status update.
This is all well and good, but in a real world scenario, a user shouldn't have to login to Facebook every time they want to use the Facebook-integrated features of my App. My question is this: how would I go about persisting a user's login to a file, or to a database for use in a later launch of my App?
Ideally this solution would use Facebook's iOS SDK, but I wouldn't be opposed to building my own authentication system using their Graph API. The advantage of using Facebook's official iOS SDK, though, is that it can use the login information already associated with the phone's Facebook application (if installed), or the login associated with facebook.com on mobile Safari.
I'm not providing my current source code, on the basis that this is a general enough question to not require the specifics of my Facebook SDK usage. However, if you think it would be helpful, I'd be more than happy to post my code.
Thanks!
you wouldn't do that. check out facebook SSO in their SDK ( see https://developers.facebook.com/docs/guides/mobile/ ). You request the facebook token everytime you use it or otherwise get an long-term (read: use access token offline_access) access token and persist this token to the NSUserDefaults for use in your app. ( see http://coffeeshopped.com/2011/01/saving-sessions-with-the-facebook-ios-sdk )
Related
I'm new to Facebook development and I'm running into trouble with what seems like it should be an easy task. I am building an iOS app for a client, and that client wants to display a number of their most recent status updates in the app, along with a link to their Facebook page. These statuses should be displayed to the user of the app even if they are not logged into Facebook or do not have a Facebook account saved on their device.
My research so far seems to indicate that I'll need to make a request to the Graph API using a user access token (which I can do successfully in the app using a token copied and pasted from the Graph API Explorer), but it seems that the only way to get a user access token from within the app is to log the user of the app into Facebook using their account credentials. This is not a good solution because I need to be able to display the client's statuses to the user whether they have are logged into a Facebook account or not. Is such a thing possible, and if so, how? I've been all over the docs and can't find a conclusive answer either way.
I know that we would approach it quite differently. We would have our own web service periodically pull what we needed off of google and store it on our own server, then we would use AFHTTPClient to pull this information down to our app. That way we wouldn't have to spoof anything with FaceBook or put any requirments on our users, such as logging into facebook. It would require that you have a service that your client maintains (or you could easily contract that for a cost).
Right now I'm using a Facebook SDK to share posts from my application. The problem is that this sdk pops up a webview inside my app and asks the user to log in. There has to be a better way.
Can I send the share information to the facebook app on the users device (If they have it installed)? Or at least leverage the facebook app to check credentials? If people have to sign in to share, they probably won't do it..
The latest Facebook SDK 3.5 includes a native share dialog. If you follow the authentication workflow according do the documentation and the phone is on iOS 6.0 you should not get a UIWebView during authentication, instead you will get a UIAlertView.
Facebook login process would use WebView only in a few cases. Some of them are:
1) You are asking it to do so explicitly, by using - (void)openWithBehavior:(FBSessionLoginBehavior)behavior completionHandler:(FBSessionStateHandler)handler; which, I think, is not your case.
2) If there is no Facebook app installed on the device, FB SDK falls back to using WebView login window.
3) Probably, this is your case. If you are requesting publish permissions on the first attempt to open FB session, FB SDK will also fall back to old login flow envolving WebView. In the new login flow, FB session is supposed to be open with read permissions first (in that case, FB will use fast app switching or native iOS FB login):
+ (BOOL)openActiveSessionWithReadPermissions:(NSArray*)readPermissions allowLoginUI:(BOOL)allowLoginUI completionHandler:(FBSessionStateHandler)handler;
Then, you should ask additional publish permissions from the user:
- (void)requestNewPublishPermissions:(NSArray*)writePermissions defaultAudience:(FBSessionDefaultAudience)defaultAudience completionHandler:(FBSessionRequestPermissionResultHandler)handler;
That way, user will not need to log in (if he is logged in FB app already), but there will be inconvenience of double switching from your app to FB (though it works rather fast lately).
I was looking for a cleaner way to get publish permissions with FB Single Sign On on the first call, but unfortunately didn't find anything working yet.
I'm currently working on an app (iOS 6) where the user will be signing in using their facebook account.
In regards to this I have a few questions:
a) Since the app asks the user for permission to access cetain data (like: basic profile info, friend list, access to post to wall etc), I assume that the app based on it's app id will be somehow authenticated to access this information as long as the user doesn't restrict access through their facebook account.
b) will it be possible for example via a service application to authenticate with the same app id as the mobile app, and hence be able to collect data from the facebook users who authenticated with the app?
The purpose of my question is, that I would like do some analysis on the users using the iphone app, but I don't want the app to first download the information from facebook, and then pass it on to my service for analysis.
If the above is possible, could anyone please guide me in the direction of what it is that I need to do? Perhaps links to tutorials that describes this setup, og simply tell me the right facebook terminology that I'm looking for to achive this.
Thanks in advance!
It's a bit late and you may have already picked a service. I have been using Parse.com
(tutorial site). They're very good. They have SDKs and sample code for many platforms a RESTful service for others.
They have recently been acquired by FaceBook, and already have strong links to Facebook's SDK.
I've been using the Facebook iOS SDK for some app I've been working on -
My app only requires publishing of a photo, and I have no use of any read permissions or basic info.
When logging in using a browser (Simulator) or Fast-App switching (Device) it works fine with just openActiveSessionWithPublishPermissions:#[#"publish_stream"]...
But if I would try the same with an iOS6 device with the Native login, it would show the error describe in the title. Even though I have no need for any read access. This problem only occurs in the native login, and not in the Browser-based or Fast-App switching based logins for some reason.
Any ideas?
I reckon it has something to do with this:
Asking for Read & Write Permissions Separately
You are now required to request read and publish permission separately (and in that order). Most likely, you will request the read permissions for personalization when the app starts and the user first logs in. Later, if appropriate, your app can request publish permissions when it intends to post data to Facebook.
You cannot request read and publish permissions simultaneously using iOS6's Facebook support, and if you attempt to, the SDK will take the user through a less-optimal app-switching or web-based authentication flow.
It seems that they added this in SDK 3.1.
we are developing an iOS App using Adobe Flex/Air. The app uses a web service that needs user authentication via facebook login. At the moment, we use server side authentication: There's a login URL displayed in a WebView where the facebook login is done. This way, we get an access_token that can be used on the server side.
This works perfectly but it would really be much better if we could use Single Sign-on with the facebook ios app. As far as I have read, this should work on the client side but I haven't found a way to authenticate the user on the server side.
facebook's access_tokens are valid either for use on the server-side or for the client side so an access_token from the client-side login won't work for the server side.
Thanks in advance for your ideas,
Henk
As far as I can see, you're making this far more complicated than it's really intended to be. Leverage the Facebook iOS SDK, and all of the heavy lifting involved with authenticating the user within your app is handled by the Facebook SDK. There's no need to independently provide sign-in sheets and manage access token exchange between the app's local storage and Facebook's servers without the convenience of the entire Facebook SDK.
This link shows you how to implement SSO natively within your iOS app. It's real simple.
http://developers.facebook.com/docs/mobile/ios/build/#implementsso
Then, I understand that you're keeping authentication information or central user database information on an external server. The best way to synchronize the information between the FB client and your own servers is to simply check the login information returned by the FB SDK with your server after you receive it.
Here's a simple breakdown:
Log the user in using Facebook's standard SDK (see the link above).
In the -didLogin method (or whatever the equivalent is in your Adobe AIR environment), check the access token returned by FB with your server. Not sure what server architecture you're using, but it's safe to say that this will go on outside of the FB SDK. Also, save the access token in your app's user defaults so that the user won't have to login again next time. This whole process should (and inherently will) feel much quicker than it sounds.
If the check with the server returns successfully, notify the user of a successful login. If not, display an error view explaining the reason the user was rejected/not logged in.
Why do it this way? The reason is fairly simple. It's safe to assume that the reason you're having a user login to your app via Facebook is so that you can make requests for the user's Facebook information (i.e. feeds, photos, likes, comments, etc.). The easiest (and best) way to do this is through the FB SDK its self. The SDK takes care of a lot of stuff behind the scenes like access token validation over time, extension of token life, validity of token, and so on. This way, you won't have to worry nearly as much about syncronizing the server information and real-time client information when changes take place. Just authenticate via the FB iOS SDK, and do the rest of your own processing afterward.
Comment below if there's anything I should clarify or even if I missed the point of your question entirely--I tend to get on a roll and may stray from the point. :)
Cheers!
The Kraken