aiaio / galleria-facebook

Display Facebook Photos on Your Website with Galleria
53 stars 25 forks source link

Unable to retrieve Facebook photos from album xxxxxxxxx #14

Closed xeraphone closed 9 years ago

xeraphone commented 9 years ago

This worked fine yesterday, suddenly this notification appeared, I fear facebook may have done something within their system which renders this plugin not working anymore.

randomdave commented 9 years ago

I have the same problem. I think Facebook has changed their API as Google Chrome debugger reports: Invalid App Id: Must be a number or numeric string representing the application id.

I'm not sure how to fix this, but I hope someone can.

A quick search revealed this, but it's an old post. I thought I'd set up an App ID for my site, but I'll try revisiting this when I get more time. http://developwithguru.com/solve-invalid-app-id-must-be-a-number-or-numeric-string-representing-the-application-id/

apumapho commented 9 years ago

It appears something has most definitely changed with the graph API at Facebook. Early investigation is that perhaps Facebook is requiring access tokens for public photo albums when it never did in the past. This could require a re-thinking of the mechanism we are using to grab a list of the photos in an album. Time-challenged over the coming weeks and would very much appreciate any community support to track this down.

From: randomdave Reply-To: aiaio/galleria-facebook Date: Thursday, June 18, 2015 at 1:10 PM To: aiaio/galleria-facebook Subject: Re: [galleria-facebook] Unable to retrieve Facebook photos from album xxxxxxxxx (#14)

I have the same problem. I think Facebook has changed the SDK as Google Chrome debugger reports:

Invalid App Id: Must be a number or numeric string representing the application id.

I'm not sure how to fix this, but I hope someone can.

— Reply to this email directly or view it on GitHubhttps://github.com/aiaio/galleria-facebook/issues/14#issuecomment-113223710.

norbertFeron commented 9 years ago

I fix this by: -creating an app at https://developers.facebook.com/

-getting an access-token from:

https://graph.facebook.com/oauth/access_token?client_id=YOURAPPID&client_secret=YOURSECRET&grant_type=client_credentials

-replace in galleria.facebook.js the line 90 by:

var url = 'https://graph.facebook.com/' + params['album_id'] + '?callback=?' + '&fields=photos.fields(images,source,picture,link,name)&access_token=ACCESSTOKEN';

Because they now require an accessToken with https connection and do not allow multiple photo.field so I remove the max value useless for my website.

xeraphone commented 9 years ago

Wow cool !! I just wonder if our script creator can come up with something without the need of creating an app on facebook (but if an access token is needed... what other options is there?)

apumapho commented 9 years ago

Feron, thanks for investigating and posting your solution! You wrote the token is needed for https. Are you implying that the token is not needed for http access?

I'm going to investigate further and try to post a patch ASAP.

Would also welcome a code diff from anyone who can get to this first--we would need to pass the token as a parameter in the galleria constructor.

jdctv commented 9 years ago

I can confirm that the solution norbert posted works. I updated that line 90 in the galleria.facebook.js to allow for configuration using the 'max' option using: var url = 'https://graph.facebook.com/' + params['album_id'] + '?callback=?' + '&fields=photos.limit('+this.options.max+').fields(images,source,picture,link,name)&access_token=ACCESSTOKEN';

adem82 commented 9 years ago

Thanks guys ( norbertFeron and jdctv) for the solutions. I totally copied the jdctv's solution to the js file and commented the old one. It worked finally.

miamiman commented 9 years ago

Sorry... but as newb... I ask for some direction. I can't get it to work.

a. Replace line 90 in galleria.facebook.js by:

var url = 'https://graph.facebook.com/' + params['album_id'] + '?callback=?' + '&fields=photos.fields(images,source,picture,link,name)&access_token=ACCESSTOKEN';

b. ACCESSTOKEN is the Facebook AppToken or UserToken?

https://developers.facebook.com/tools/accesstoken/

c. Does the token need to be somehow related to the domain of where the album is to be published?

Any help would be much appreciated.

apumapho commented 9 years ago

Miamiman: hoping to have an official fix and a howto posted in the coming week. The solutions presented in this thread largely work and I have finished the code to set the access token in the galleria constructor. Just need to get some howto docs on generating the correct access token written (any takers out there?) and I think we can call this fixed.

rafrules commented 9 years ago

First off, thanks for all the great work on this plugin. I read the FB docs on access tokens, but still can't figure this out:

  1. Is it safe to hardcode this access token into the script?
  2. Will this access token expire?
norbertFeron commented 9 years ago

It depend of what you want to display, if you want to display public album a token generate with a fresh new app will probably work fin but if you want to display private personal album of your visitor you will need to ask him to link his Facebook account and catch a special token to display private album.

This project need an update to accord to the new Facebook api ;)

fe-data commented 9 years ago

Just create your app in de FB developer console and goto https://developers.facebook.com/tools/accesstoken/ and copy the "app_token". As stated at the top of the page it will NOT expire.

Cheers

chetankhargone commented 8 years ago

Hi, I have replaced the line 90 in gallerial.facebook.js as below:- var url = 'https://graph.facebook.com/oauth/access_token?client_id=123&client_secret=secret&grant_type=client_credentials';

Plus, I am passing facebook_access_token in the constructor as:-

Galleria.loadTheme('js/galleria/themes/classic/galleria.classic.min.js'); Galleria.run('#galleria', { facebook: 'album:115295548593344', width: 745, height: 550, lightbox: true, facebook_access_token: 'Token' });

but still getting the same error? galleria

apumapho commented 8 years ago

Chetan – don’t replace lin 90. Leave the plugin code intact. Follow these directions to generate the token you’ll need:

Just create your app in de FB developer console and goto https://developers.facebook.com/tools/accesstoken/ and copy the "app_token". As stated at the top of the page it will NOT expire.

zacpowjt commented 8 years ago

I followed all the steps as advised.

  1. Updated the facebook.js, added my app_token to the code snippet but i'm still getting the error. my album is set to public too.

What have i got wrong ?

image

My code:

Galleria.loadTheme('/files/theme/galleria/galleria.classic.min.js'); !-- this is my path to the .js that's correct. Galleria.run('#galleria', { facebook: 'album:10151338957126809', width: 745, height: 550, lightbox: true, facebookOptions: { max: 30, // optional override for limit of 40 photos on an album facebook_access_token: '' } });

apumapho commented 8 years ago

Do you get valid results when you hit this url:

https://graph.facebook.com/10151338957126809/photos?access_token=TKTKTKT

Replacing TKTKTK with your token

zacpowjt commented 8 years ago

I got this:
"message": "Unsupported get request. Please read the Graph API documentation at https://developers.facebook.com/docs/graph-api", "type": "GraphMethodException", "code": 100

I generated the token as advised on https://smashballoon.com/custom-facebook-feed/access-token/ but that token doesn't work. Even though i lived the app, it still returns me the same results.

Only the token from https://developers.facebook.com/tools/explorer works but that's only valid for an hour. Can't use that.

suprememind commented 8 years ago

I can show the example album:303027476429477 (from http://www.gagacenter.com/nyc/gaga-photos/Kid%20Gaga/2/) but I cannot show my own album, despite it is totally public in facebook.

thomthom commented 8 years ago

Reading through the FB API docs: https://developers.facebook.com/docs/facebook-login/access-tokens#apptokens

This call will return an app access token which can be used in place of a user access token to make API calls as noted above. Again, for security, app access token should never be hard-coded into client-side code, doing so would give everyone who loaded your webpage or decompiled your app full access to your app secret, and therefore the ability to modify your app. This implies that most of the time, you will be using app access tokens only in server to server calls.

Note that because this request uses your app secret, it must never be made in client-side code or in an app binary that could be decompiled. It is important that your app secret is never shared with anyone. Therefore, this API call should only be made using server-side code.

It appear to me that in order to not expose your API key to the public there needs to be some server side handling here.

apumapho commented 8 years ago

Thomas, thanks for showing interest in this. The docs on tokens continue to get better and I think we should create a more detailed guide on how to create the proper token to use with the Galleria Facebook Plugin.

Would you be willing to take a shot at this and share back in this discussion thread?

I’ve seen mention to using the “client token” (found in Advanced Settings) or a long running (never expiring) page access token. There is also a setting to deny API updates to the settings of your app itself which can help to further lock things down.

thomthom commented 8 years ago

I'm afraid that I don't have a solution though. I only started to look for a way to embed FB galleries the other days. Came across this and had a quick tinker - but got stomped on that stern warning about not exposing the tokens. Been looking around and it keep getting back to the tokens being meant for server to server communications... not sure how to proceed with that. Galleria is a pure client side script, right?

coolwebs commented 7 years ago

So with you @thomthom. I have managed to get a 'never-expiring' page token for the FB app that I have created (http://stackoverflow.com/questions/12168452/long-lasting-fb-access-token-for-server-to-pull-fb-page-info/21927690#21927690). I am purely using the Facebook OG API and not FB Galleria though. I assume that FB Galleria makes use of the JS SDK provided by Facebook.

I've been told by many sources on SO that I have to do it server side (PHP was mentioned a few times). Perhaps the Facebook PHP SDK might be the way forward then? Unfortunately for me, I am using a CMS which does not let me script server side anyway (well besides using simple HTTP GET/POST requests). Wish Facebook did not make it this complicated. If someone can gain access to the FB app through an exposed token, what is the real risk? Can the FB app be made so that it only has the ability to read and never to POST/WRITE data?

kunjesh commented 7 years ago

@norbertFeron thank you for saving my time. Your suggestion is correct. Now I can fetch photos of particular album with different sizes of particular photo.