Date post: | 10-May-2015 |
Category: |
Documents |
Upload: | fagner-moura |
View: | 8,640 times |
Download: | 6 times |
graph api
fagner moura - @seufagner
old REST(?) apihttps://api.facebook.com/method/[name]
• users.hasAppPermission• users.isAppUser• users.getLoggedInUser• stream.publish ...
old REST(?) apihttps://api.facebook.com/method/[name]
• users.hasAppPermission• users.isAppUser• users.getLoggedInUser• stream.publish ...
session_key
old REST(?) apihttps://api.facebook.com/method/[name]
• users.hasAppPermission• users.isAppUser• users.getLoggedInUser• stream.publish ...
session_key
old REST(?) apihttps://api.facebook.com/method/[name]
• users.hasAppPermission• users.isAppUser• users.getLoggedInUser• stream.publish ...
deprecatedsession_key
old REST apihttps://api.facebook.com/method/[name]
• users.hasAppPermission• users.isAppUser• users.getLoggedInUser• stream.publish ...
deprecatedsession_key
old REST apihttps://api.facebook.com/method/[name]
• users.hasAppPermission• users.isAppUser• users.getLoggedInUser• stream.publish ...
deprecatedsession_key
REST ?• easy SOA• resources• only HTTP• stateless
• lightweight• simple• readable
now, only json response
objects
objects
userpagemessagestatus messagephotovideo ...
objects
https://graph.facebook.com/ID
userpagemessagestatus messagephotovideo ...
objects
https://graph.facebook.com/19292868552
userpagemessagestatus messagephotovideo ...
objects
https://graph.facebook.com/plataform
userpagemessagestatus messagephotovideo ...
userpagemessagestatus messagephotovideo ... objects
+connections
user@connections
homefeedpostsfriendspicturephotos ... user@connections
homefeedpostsfriendspicturephotos ...
(public data)
user@connections
https://graph.facebook.com/me/friends
https://graph.facebook.com/me/picture
homefeedpostsfriendspicturephotos ...
(read_stream permission)
user@connections
https://graph.facebook.com/me/home
https://graph.facebook.com/me/feed
homefeedpostsfriendspicturephotos ...
(read_stream permission)
user@connections
session_token?
homefeedpostsfriendspicturephotos ...
(read_stream permission)
user@connections
access_token
homefeedpostsfriendspicturephotos ...
(user_photos permission)
user@connections
access_token
grantpermissions
• oauth 2.0• server side• client side
• open protocol• authentication• widely used
• open protocol• authentication• widely used
• oauth 2.0• server side• client side
grantpermissions
• oauth server• user• application
actors
server side flow
App try to accessFacebook
OAuth Dialog(App Authorization)
OAuth Dialog(User Authentication)
curl -F 'client_id=113391995351148' \-F 'redirect_uri=http://facebook-buraco-debug.jogatina.com.....' \https://www.facebook.com/dialog/oauth
server side flow
OAuth Dialog(App Authorization)
OAuth Dialog(User Authentication)
curl -F 'client_id=113391995351148' \-F 'redirect_uri=http://facebook-buraco-debug.jogatina.com.....' \-F 'scope=email, read_stream' \https://www.facebook.com/dialog/oauth
App try to accessFacebook
server side flow
OAuth Dialog(App Authorization)
OAuth Dialog(User Authentication)
Cookie not found, show OAuth Dialog (facebook layout)
App try to accessFacebook
server side flow
OAuth Dialog(App Authorization)
OAuth Dialog(User Authentication)
goes to App authorization directly
App try to accessFacebook
server side flow
access OAuth Dialog(App Authorization)
OAuth Dialog(User Authentication)
don´t allow !redirect with some params like: error_reason, error, etc.
HTTP 302(redirect_url param)
server side flow
access OAuth Dialog(App Authorization)
OAuth Dialog(User Authentication)
allow !
redirect with authorization code param
HTTP 302(redirect_url param)
server side flow
Authorization) http://mydomain...
curl -F 'client_id=113391995351148' \-F 'redirect_uri=http://facebook-buraco-debug.jogatina.com.....' \-F 'client_secret=f8138690fe947221d4d2c071aa945395' \
-F 'code=[authorization code here]' \
https://graph.facebook.com/oauth/access_token
OAuth Dialog(App Authorization)
server side flow
{ "error": {"type": "OAuthException", "message": "Error validating verification code." }
}
HTTP 400Authorization) http://mydomain...
server side flow
Sucessfull authenticated !
access_token in the body of the request
HTTP 302(redirect_url param)Authorization) http://mydomain...
• oauth 2.0• server side• client side
grantpermissions
client side flow
• desktop• mobile• javascript
HTTP requestOAuth Dialog(App Authorization)
client side flow
curl -F 'client_id=113391995351148' \-F 'redirect_uri=http://facebook-buraco-debug.jogatina.com.....' \-F ‘response_type=token' \https://www.facebook.com.br/dialog/oauth
HTTP request
client side flow
HTTP 302(redirect_url param)
Pass URI fragment with access_tokenhttp://jogatina.com....#access_token=gzZ666a..&expires_in=64090
{ "error": {"type": "OAuthException", "message": "Error validating verification code." }
}
HTTP request
client side flow
HTTP 400
services available
• reading• searching• publishing• ...
curl -F ‘fields=id,name,picture' \-F ‘access_token=...' \https://graph.facebook.com/fagner.moura
services available
• reading• searching• publishing• ...
curl -F ‘q=futebol' \-F ‘type=user' \https://graph.facebook.com/search
services available
• reading• searching• publishing• ...
curl -F ‘message=Jogue no Jogatina hoje' \-F ‘access_token=...’ \https://graph.facebook.com/fagner.moura/feed
services available
• reading• searching• publishing• ...
paginginsights
deleting
real time update
:-)
fagner moura - @seufagner