Connect to Facebook Graph API Michael Abramowitz Reasons To Use Facebook API • Social Design – – • Social Design is a way of thinking about product design that puts social experiences at the core. Create these social experiences with the features available on Facebook Platform. Build “inside out” or “outside in” According to Facebook: – – – – Utilize the existing robust Facebook community to define new conversations and let users continue to build their identities further Utilizing Community • Communities feel familiar, relevant and trusted by default. Surface users' interests and their friends in your app to create personalized user experiences Building Conversation. • Conversations are how people express their identities to communities and how they receive feedback from them. Build experiences that give people the power to connect and share. – Listening" : Displaying personalized content, social context and user activity – "Speaking" : Making it easy for users to talk, share, give feedback and engage Curating Identity • Users share and interact with others because self expression feels good and rewarding. Help them learn more about themselves and curate their identity. OAuth • • • • • • • • IETF RFC 5849, The OAuth Protocol, defines OAuth as12: – ...a method for clients to access server resources on behalf of a resource owner (such as a different client or an end-user). It also provides a process for end-users to authorize third-party access to their server resources without sharing their credentials (typically, a username and password pair), using user-agent redirections. Client: HTTP Server making OAuth-authenticated requests (YourAndroidApp) Server: HTTP Server receiving and responding to OAuth-authenticated requests (Facebook) Protected Resource: Access-restricted resource that can be obtained from the Server using Oauthauthenticated request (Facebook Graph Data) Resource-Owner: Entity capably of accessing and controlling protected resources by using credentials to authenticate with the server (YourAndroidApp User with Facebook Account) Client Credentials: used to identify and authenticate client (YourAndroidApp credentials at Facebook ; Facebook API Key and Secret Key) Temporary Credentials: credentials obtained using the authorization request of resource owner (intermediation credentials of YourAndroidApp @ Facebook) Token: unique identifier issued by the server and used by client to associate authentication requests with the resource owner whose authentication is requested or has been obtained (YourAndroidApp permission to use Facebook on behalf of User) Oauth Oauth on Facebook from Android http://developers.facebook.com/docs/mobile/androi d/build/ • Register App and get App ID and APP Secret • Include in creation of Facebook object • App id is included when creating the Facebook Object • Facebook fb = new Facebook(“YOUR_APP_ID”); • User is Redirected To Login Portal – User must provide authorizations – If Facebook is installed on device and user is logged in • Do not need to enter credentials SSO and Permissions • By default, the user is asked to authorize the app to access basic information that is available publicly or by default on Facebook. If your app needs more than this basic information to function, you must request specific permissions from the user. • Just list Permissioning Enumerations in String Array on Authorize call http://developers.facebook.com/docs/authentication/permissi ons/ • Grants Access to other Portions of Graph API Example: facebook.authorize(this, new String[] { "email", "publish_checkins" }, new DialogListener() { @Override public void onComplete(Bundle values) {} @Override public void onFacebookError(FacebookError error) {} @Override public void onError(DialogError e) {} @Override public void onCancel() {} } ); • SSO allosw SSO • Single Sign-On allows user to authorize your app without typing their facebook username and password. This is accomplished by sharing intent with the Facebook app. If the user has already installed and authorized the facebook app, your app can leverage the Facebook app authentication via Single Sign On. public class MyGreatActivity extends Activity { Facebook facebook = new Facebook("YOUR_APP_ID"); @Override public void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); setContentView(R.layout.main); facebook.authorize(this, new DialogListener() { @Override public void onComplete(Bundle values) {} @Override public void onFacebookError(FacebookError error) {} @Override public void onError(DialogError e) {} @Override public void onCancel() {} }); } @Override public void onActivityResult(int requestCode, int resultCode, Intent data) { super.onActivityResult(requestCode, resultCode, data); facebook.authorizeCallback(requestCode, resultCode, data); } } Store acces tokens in prefence bundles Android SDK Documentation AsyncFacebookRunner • http://developers.facebook.com/docs/reference/androidsdk/ • Use AsyncFacebookRunner – AsyncFacebookRunner(Facebook facebook); – request(String graphPath, Bundle parameters, RequestListener listener); • The Asynchronous API request methods which returns immediately without blocking the calling thread. These are defined in AsyncFacebookRunner.java. This is necessary when accessing the API in the UI thread, for instance. The request response is returned to the caller via the RequestListener interface, which the developer must implement. • The RequestListener Interface provides the callback methods for asynchronous request methods. These are defined in AsyncFacebookRunner.java. Make Calls with AsyncRunner and RequestListener • AsyncRunner – myAsyncRunner.request(“path”, parameters, new requestListener(){ @Override public void onComplete(String values) {} @Override public void onFacebookError(FacebookError error) {} @Override public void onError(DialogError e) {} @Override public void onCancel() {} }); } }