ansaurus

Question

How to specify Extended Permissions in the JS SDK Auth request

Answer 1

+1 A:

Not exactly sure what you are trying to accomplish here. If you want to get information about your user or take actions on their behalf on Facebook, you need the user to tell Facebook it's okay to do so (this only needs to happen once) which is why you need to you call FB.login as described here: http://developers.facebook.com/docs/reference/javascript/FB.login.

FB.login(function(response) {
  if (response.session) {
    if (response.perms) {
      // user is logged in and granted some permissions.
      // perms is a comma separated list of granted permissions
    } else {
      // user is logged in, but did not grant any permissions
    }
  } else {
    // user is not logged in
  }
}, {perms:'read_stream,publish_stream,offline_access'});

They need to enter in their password to prove it's really them to authorize your app. If you need extended permissions, the second parameter in FB.login allows you to do this.

If the user is already logged in to Facebook (for example in another tab) then there's no need to log in and the login screen should be skipped. If the user is both logged in an has already authorized your app then there's no need to call FB.login.

You check check the user's login status (and permissions) with FB.getLoginStatus: http://developers.facebook.com/docs/reference/javascript/FB.getLoginStatus before deciding whether or not to call FB.login.

jcmoney 2010-07-20 17:55:06

Answer 2

+2 A:

RTFM. Yes, I mean friendly.

Right below the Single Sign-on section is the Account Registration Data section and I've copy-pasted this from there.

<fb:login-button perms="email,user_birthday"></fb:login-button>

Anurag 2010-07-20 19:36:30

I've been reading the manual for days...it's hell confusing.

CoffeeAddict 2010-07-20 19:41:05

The problem is I am looking at the Java SDK, I figured that section you highlighted was not related. They are not clear about a damn thing when you are presented only snippets of information and yes, I do look at all the docs more than once, I read it several times.

CoffeeAddict 2010-07-20 19:42:12

The problem with Facebook is they scatter what really should be together all over the place in different sections. It's not just separation of content, it's "hey grab this over here but I'm not sure if it will work in your code you got over there from their site" kind of situation with them always. There are tons of complaints about their docs all over the place.

CoffeeAddict 2010-07-20 19:43:38

So it looks like this FB button and other mark-up are for non-web apps as in that section you posted it says "By using Facebook instead"

CoffeeAddict 2010-07-20 19:45:01

They also intermix desktop (facebook connect) info with really info (like FB.Login()) all over so you never know which way is up or down.

CoffeeAddict 2010-07-20 19:45:55

I will ignore your RTFM because I'm one of MANY who have these complaints about their docs, just browse through their forums. If it's obvious to you that's nice but I'm a newbie to FB alright? And when you're looking for website specific info they tend not to tell you much.

CoffeeAddict 2010-07-20 19:48:39

I can assure you that integrating with Facebook before the JavaScript SDK was announced this year was a real mess. You can only appreciate how many problems the JS SDK solves for web applications if you were familiar with the prior approach. And the downvote wasn't mine.

Anurag 2010-07-20 21:51:33

Yes, it's that simple: http://fbrell.com/xfbml/fb:login-button-perms. But only if you read the docs.

daaku 2010-07-20 21:52:47

I'm sorry but I am with OP on this one. Can someone show me where `fb:login` tag is mentioned in fbml reference? http://developers.facebook.com/docs/reference/fbml/ Yep, it's absent. Instead of that it is described "for housewives" on `Single Sign-on` page which doesn't mention all possible params, and to which I have no idea how to get to. And what the hell is fbrell.com, some third party site? How do I get there? Does it list all possible params? Does it list all possible tags? Is it official? Do they steal my info? Facebook docs are real mess. Wiki isn't best tool for the job.

serg 2010-07-21 00:03:22

Serg, a bit of advice after beating my brains out on all this. Don't use the fb controls like the fb:login. It's got bugs. Check this out: http://github.com/facebook/connect-js/issues#issue/88/comment/320453 and view the last comments. I'm gonna just roll with wiring up my own button and use straight api calls but still use the SDK...jsut not the fb button. That way I get the best of both worlds (SDK creating and managing the cookie) and me being able to bypass the stupid convoluted fb controls...I've always tried to stay away from them but they showed it so tried it..it sucks.

CoffeeAddict 2010-07-21 14:46:03

I'm going to be blogging about the solution I come up with so...hopefully that aids in their sh**ty docs.

CoffeeAddict 2010-07-21 14:46:52

I got none of this info from their useless forum. That's just about as useless as their docs. Nobody really replies with any meat to the conversation and this kind of stuff should be fourth coming.

CoffeeAddict 2010-07-21 14:50:55

CoffeeAddict 2010-07-21 14:53:01

@daaku thanks for the link...nice.

CoffeeAddict 2010-07-21 14:54:22

ansaurus

tags:

views:

answers:

How to specify Extended Permissions in the JS SDK Auth request

related questions