Facebook app for website - web

Help me..
I'm implementing a web application in my local server and after i will publish my application to download and can use every one.So I need to give a social experience to user with my web application(user can update his fan pages through my web application). So i created a facebook application. But I'm still in problem what is site url in application. This is not for my own web site. This is for all download users. Then how can I create a facebook application to achieve this.

With a facebook Canvas App, site url is where the actual application is hosted.
So, if your web application was fully functional at http://example.com/facebook, that would be the site URL.
I created a facebook app last year and it's a web based application that is wholly contained within my webserver, the site url points to it's landing page.

I think you want to make this application downloadable like wordpress framework so that others can host the application on their server and use it.
So probably best way is to have a admin section like in wordpress, user who download and implement you application on his or her server can provide their own application access token.
Insted of hard-coding your own access code into your download application framework
In admin section create a tab to register your application with facebook, which will redirect user to the facebook.com/developer where he/she can register their application and after registration they can put their access token back in you application framework admin section. you can store this details in some table and fetch it where ever you need it for authentication.
hope this logic helps for you.

Related

UWP side loaded app distribution from AAD-protected web site

I've got a LOB UWP application which I want to distribute via the web using the web-based sideloading experience. This is fairly simple using the VS deployment tools which output an HTML file and the required resources. My goal is to publish the assets to an Azure web app and turn on Easy Auth so that only people from my org can reach the installer landing page.
This works fine for restricting access to the html page, but the links which point to the actual installer file fail. I'm guessing it's a mime type issue where the auth middleware doesn't know how to handle an Http request with auth information for a non-standard file type:
I'd appreciate any guidance or suggestions
Microsoft confirmed over on techcommunity.microsoft.com that this is not possible as of yet, but that a solution to support this scenario is on their backlog:
You're correct - the problem is that App Installer is making its own
auth request without the inherited web auth tokens. Sending
authenticated requests is currently not supported today but this is an
item in our backlog and we're working to address this issue.

Web App on Azure - Authentication with ADFS

I have developed a web application written in just pure HTML.
<html>
My code goes here
</html>
And I have deployed it to MS Azure. I'm now looking for a way to authenticate this web application with Active Directory so only my organisation's employees can access it.
I have done tons of research online and it seems like there are many ways to do this. However, I'm looking to do it by "adfs/ls/wia" (correct me if I'm wrong).
The reason why I would like to do it only in that way is because:
I'm going to embed this web application into a dashboard.
In order to view that dashboard, users (employees) need to go to a specific website:
https://<dashboard>.<myorganisation>.com
And then users will be redirected to a sign-in page with this address:
https://fs.<myorganisation>.com/adfs/ls/wia
After signing in (with users' active directory accounts), users will be redirected back to the dashboard's website. The URL is now looking like the following:
https://<dashboard>.<myorganisation>.com/#/site?:isFromSaml=y
And then users can freely browse the dashboards (without having to sign in again) until they close their browsers. So I guess some sort of tokens/sessions are being kept.
My question is:
I would like to authenticate my web application with the same way and since it's only accessed after users have signed in, how do I by-pass this authentication step? What do it need to put on top of my HTML code or is there a way to configure this in MS Azure already?
Thank you so much!
The easiest way is to have two Relying Party in ADFS - one for dashboard - one for web application.
Then you will get SSO across them.

Facebook Login completely server side

The goal is to build a Facebook USSD platform. Completely server side. Allowing the user to log in and then create a facebook post, see their feed, etc.
I know there are companies in the world that is doing this and its working fine (u2opia mobile being one of them). However how on earth to log a user into Facebook and get an access token for them without OAuth? I cannot seem to find any help online to log a user in completely on server side with NodeJS. Do these companies have a special arrangement with Facebook in order to log in users without OAuth and Internet?
Is it at all possible in 2018 to log in a User into Facebook completely server side? I am just finding a lot of old posts from 2012 and 2014.
Yes, it is possible to log a user in completely server side. You can build an implementation manually with browser redirects. Facebook has a tutorial on this. Their page states:
if you need to implement browser-based login for an app without using our SDKs, such as in a webview for a native desktop app (for example Windows 8), or a login flow using entirely server-side code, you can build a Login flow for yourself by using browser redirects.
Here is the tutorial: https://developers.facebook.com/docs/facebook-login/manually-build-a-login-flow/

Ability for Admin to Link Social Media to a User's Account

I'm faced with the current dilemma. My application flow is as follows:
Admin logs in
Has to select a list of clients
The selected Client data is then loaded in
Admin should now be able to Link Facebook, for example, to that
client's account with their credentials on a click of a button. Same
would apply for other social media accounts that the user has. The
reason that's important is the app then goes and fetches data from
their social media, such as Facebook Insights.
Is there a way I could achieve is ? I was thinking maybe Auth0 but I had a look on their documentation and it seems I could do it but only if Admin was the one linking his own social media account to his account. Can't really see a way where he could link other accounts to the Client's account currently selected.
I'm working with a React-Redux, Express and MongoDB app.
Even a push in the direct direction would be greatly appreciated.
This is certainly achievable using Auth0 - take a look at the Link Accounts API (User) - you want to use the second option using an API v2 token
See sample here that illustrates how this might work using Node.js.
You could possibly rework this to your technology stack pretty easily. Since you are using a Management Token you'd want that to remain server side (Express) and the react/redux app could make ajax calls via the Express Server side component - which in turn calls out to the Auth0 endpoint to perform the user search / linking actions.

ADFS and two Servers on two domains - iframe - prompted twice?

My employer has a local ADFS server. We are using o365/SharePoint Online with ADFS so when you attempt to access a SharePoint cloud site you are take to login page on our network.
I need to develop a simple ASP.NET C# website hosted locally on a server on a network.
At a high level what is entailed in using ADFS on asp.net/iis websites? And can it be set so that the same login page is used?
If I have a webpage on a local webserver authenticated by the same ADFS and Iframe that page inside a sharePoint web page authenticated by the same ADFS. Should the page with render without authenticating?
1) I'd recommend checking into Windows Identify Foundation (WIF). Although your app will need to run under TLS/SSL, you probably will just need to run the FedUtil.exe application to generate your application's metadata for ADFS to consume when creating an RP.
2) In theory this might work, but the Iframe'd page will still redirect to ADFS momentarily to get an authentication token. It is just that the login page won't be displayed.

Resources