0

I'm working on a project where I need to implement signing in using Facebook authorization on android. I've implemented Facebook API but it provides access token, when I need code (which is used to get token). I found advises saying that I can't use/modify FB api to just get code, instead I have to program my own login flow. I know there is basic documentation on fb developer page but it doesn't say anything about implementing this function on android.

Any help would be much appreciated.

Kamajabu
  • 596
  • 1
  • 5
  • 19

2 Answers2

1

Everything you need is on the official Facebook page.

Manually building a login flow: https://developers.facebook.com/docs/facebook-login/manually-build-a-login-flow

Android SDK: https://developers.facebook.com/docs/android/

Android SDK source code: https://github.com/facebook/facebook-android-sdk

Code
  • 6,041
  • 4
  • 35
  • 75
  • I've written I've already implemented that API, but manual login flow doesn't use it (if I understand correctly). So you just gave me bunch of links I've already seen. My question is what do I have to use to implement this login flow. Retrofit with OAuth? Modify facebook API? Some okHttp? – Kamajabu Jun 24 '16 at 07:05
  • @Reiz3N You don't need to use any library (you can if you want). It's just GET requests. See http://stackoverflow.com/questions/3505930/make-an-http-request-with-android – Code Jun 24 '16 at 07:25
  • @Reiz3N And why not use the official SDK? – Code Jun 24 '16 at 07:25
  • Isn't "https://www.facebook.com/dialog/oauth? client_id={app-id} &redirect_uri={redirect-uri}" a POST methon with www-form-urlencoded? As I wrote, when using official SDK you get TOKEN not CODE. And as said here: http://stackoverflow.com/questions/34454489/android-facebook-login-get-code-not-access-token using official SDK method doesn't allow it. – Kamajabu Jun 24 '16 at 07:48
  • @Reiz3N No it's not. You (programmatically) open that URL in a browser. – Code Jun 24 '16 at 07:55
  • @CBroe because our server uses code instead of token when authorizing user logging using website. It's bothersome as hell but I can't do anything about it. – Kamajabu Jun 24 '16 at 07:55
  • @Code so I need to put it in header? Ok, I can do that, but question is what with response_url? This points to website which should be opened in another fragment?? – Kamajabu Jun 24 '16 at 07:58
  • @Reiz3N Redirect the browser back to your app after the user login. See http://stackoverflow.com/questions/5065982/android-custom-url-to-open-app-like-in-ios We are also going beyond the scope of this question. If you have more specific ones, post a new question. – Code Jun 24 '16 at 08:02
1

I've found an answer. As I thought, simplest way to do it is by using retrofit. -> Integrate OAuth in Your App.

Code snippet:

// you should either define client id and secret as constants or in string resources
private final String clientId = "xxxxxxxxxxxxxxxxx";
private final String responseType = "code";

/**
 * same as in manifest in intent filter
 */
private final String redirectUri = "http://www.example.com/gizmos";

@Override
protected void onCreate(Bundle savedInstanceState) {
    super.onCreate(savedInstanceState);
    setContentView(R.layout.activity_login);

    try {
        PackageInfo info = getPackageManager().getPackageInfo(
                "xxxxxxxxxxxxxxx",  // replace with your unique package name
                PackageManager.GET_SIGNATURES);
        for (Signature signature : info.signatures) {
            MessageDigest md = MessageDigest.getInstance("SHA");
            md.update(signature.toByteArray());
            Log.i("KeyHash:", Base64.encodeToString(md.digest(), Base64.DEFAULT));
        }
    } catch (PackageManager.NameNotFoundException e) {

    } catch (NoSuchAlgorithmException e) {

    }

    Button loginButton = (Button) findViewById(R.id.loginbutton);
    loginButton.setOnClickListener(new View.OnClickListener() {
        @Override
        public void onClick(View v) {
            Intent intent = new Intent(
                    Intent.ACTION_VIEW,
                    Uri.parse(ServiceGenerator.API_BASE_URL + "/dialog/oauth" +
                            "?client_id=" + clientId +
                            "&redirect_uri=" + redirectUri +
                            "&response_type=" + responseType));
            startActivity(intent);
        }
    });
}

@Override
protected void onResume() {
    super.onResume();

    // the intent filter defined in AndroidManifest will handle the return from ACTION_VIEW intent
    Uri uri = getIntent().getData();
    if (uri != null && uri.toString().startsWith(redirectUri)) {
        // use the parameter your API exposes for the code (mostly it's "code")
        String code = uri.getQueryParameter("code");
        if (code != null) {
            Log.i("code", code);
            // get access token
            // we'll do that in a minute
        } else if (uri.getQueryParameter("error") != null) {
            // show an error message here
        }
    }
}

}

Kamajabu
  • 596
  • 1
  • 5
  • 19
  • Hi, can you explain about redirect_uri? what do you mean by: same as in manifest in intent filter (this need to be a url?) Thanks. – Gal Koren Nov 14 '18 at 09:24