How to combine facebooksdk and socialframework? - facebook-sdk-3.1

For example, currently I am using socialframework.
Now I want to add a feature. Everytime user click the recommend button I want the user to post stuffs on his wall. I don't think it can be done with social.framework without displaying the message first.
So I want to use facebook sdk for that.
But how does the facebook sdk "know" that I already login to facebook with social framework, for example.

Related

Microsoft teams user detection

I am showing a wordpress website in iframe inside Microsoft teams Tabs. is there any way to detect the loggedIn user in my website?
If you are able to wrap your website inside a Teams app (which you can do for example very easily using App Studio, then you could surface your website as a "Tab" app. Doing this means you can reference the Teams JS library in your code, which will enable you to get a context object. You can get a lot of user information from that.
Be aware though that this context is not really 'trusted' data (it's just inserted via Javascript), so it could be spoofed into your page by a malicious actor. If that's a problem, you should look to implement Tab SSO in your app, which will give you a proper JWT token that you can validate.

Overly broad permission ask for google youtube API

I'm using the YouTube API to create a webpage that allows users to view a specific set of YouTube videos, and then LIKE those videos, using YouTube like/dislike rating system, and It's working fine, but when the user triggers the process, after logging into their google account, they are presented with a permission dialog that basically says
"Hey, this site wants complete and total control over your YouTube account!".
I DO NOT want that, I only want the user to be able to rate the videos.
I'm using the PHP Client library to pull the list of videos into the page and display them, and this requires no permissions or interaction from the user. I am also using the JS library to handle the "like" functionality, and it's basically the javascript example from https://developers.google.com/youtube/v3/docs/videos/rate?apix=true, but with my credentials.
Can I change this somewhere, or does YouTube just lump all of it's permissions under one giant "I can do anything" permission group?
I figured it out. It's about the OAuth 2 scopes, which the example lets you change for the DEMO, but it doesn't actually change the code in the sample.
For reference, the list of scopes is here: https://developers.google.com/identity/protocols/googlescopes#youtubev3

How can I build a webapp which uses google calendar api without having to become verified?

What I want to build:
I want to build a website where users can connect their google calendars (this will use Google Calendar API's)
and view their calendar events, as well as edit them, and create new ones.
My problem:
In order to do so, google says my app needs to be verified, which can take weeks, and I also need to set up terms of services pages, privacy policy pages
I also need to supply authorised javascript origins which MUST start with https, which of course is a problem during development, since my origin is http://localhost
I also need to set up support emails and homepage link
Question
I just want to start building my application without having to set up a whole production-ready website eco system.
Is there anyway I can use these Google Calendar APIs for editing/creating calendar events locally, without having to set up everything mentioned above first?
Unverified apps can still be used by the developer who created the project on google developer console.
Unverified app screen
The app or script might display an "unverified app" screen before it displays the consent screen. This is based on the specific scopes that your app includes in the request.
You can still work on your app while you are going though the verification process. However that being said i would start that process asap it can take a long time to get verified.
Yes, you can. As far as I am able to tell, all the verification step does is remove the "unverified app" screen. As long as you click Advanced > Go To ... (unsafe), you should be able to create and edit calendar events for that user in your application.
In order to be able to create and edit calendar events, you need to use the most sensitive scope, which is https://www.googleapis.com/auth/calendar. I couldn't figure out how to edit and create calendar events in my web app until I changed my scope from calendar.events to calendar.
Creating Events: https://developers.google.com/calendar/create-events

Is this really the process for authenticating users with the Google platform using Xamarin?

I am following the tutorial located here: https://developer.xamarin.com/guides/xamarin-forms/cloud-services/authentication/oauth/
I got to the step titled: Presenting the Sign-In User Interface.
It says that, "When the Login method is invoked, the sign-in user interface is presented to the user in a tab from the device's web browser."
Now is this really the process when using Xamarin?
Because the other apps I've downloaded and played with don't open the browser and then open a new tab to give me a choice of which account to choose. Those apps pop up a small page on top of the app and allows me to select an account.
If this Xamarin process is different I am not going to use it when developing my app. Please clear this up for me thanks.
There is no such thing as as "Xamarin's way of oAuth".
oAuth is about authenticating users through 3rd parties like Google, Facebook, Twitter etc. There are different oAuth flows which are mostly used: the implicit grant and the authorisation code grant. For mobile apps the implicit flow is common because auth code flow involves the app keeping a secret which a mobile cannot really guarantee. For a great overview of these flows I can recommend this lecture from Xamarin.University.
These flows are the same no matter which underlying development stack you are using.
The documentation you are referring to is using a library to help using these flows: Xamarin.Auth. As a matter of fact you don't have to use this library at all. This library helps with storing tokens, sending requests that include the required tokens, detect endpoint redirects etc. Part of using this library is presenting the UI where the 3rd party vendors login form is shown.
This is what you do when calling:
var presenter = new Xamarin.Auth.Presenters.OAuthLoginPresenter();
presenter.Login(authenticator);
The actual implementation of presenting the UI is platform specific. On iOS the UI os shown modally if that's how you are coding it. If you change this code to show the UI as a small popup floating on top of existing content, you can of course do this. This is true for any given platform.

Cannot find "Realtime Updates setting page under Facebook Apps Setting"

I am trying to get real time posts from a facebook page and the article http://trocolate.wordpress.com/2012/12/13/realtime-update-in-asp-net-mvc-facebook-template/ talks about a way to implement it in asp .net mvc with a facebook template. It has the below section
Subscribe to changes
There are two ways to subscribe to a class of objects: you can do manually from App Settings or you can do programmatically by codes. Here let’s pick the easy one. Go to the Realtime Updates setting page under Facebook Apps Setting. I cannot seem to find this page.
When I go to the Apps – Settings, I get Basic, Advanced and Migrations tabs. Please let me know if I have missed something.
thanks
I believe that article is outdated and now Facebook doesn't let you do that from Settings.
If you read the current documentation, it says "Real Time updates are subscribed to by using the /{app-id}/subscriptions Graph API edge." It doesn't mention any other way of making subscriptions.
Maybe you should do it programmatically.

Resources