5

I am working on an application where I need to integrate the social functionality of Facebook.

In my application there is a button that connects the user to his Facebook profile. When the user press this button I'm only open a webview with the Facebook site, with the user Facebook page. Now lets say that I know his email and password and I want to connect him automatically, that he not have to enter his email and password every time. I tried to solve it throw my next question, but as you can see with no success.

I tried also persisting cookies with CookieSyncManager, CookieManager and manually handling.

I think I can solve it by changing the url that I sends to the webView, but I don't know which url. (tried http://www.facebook.com/connect/connect_to_external_page_widget_loggedin.php and http://www.facebook.com/plugins/login.php and then concatenate the url of the user Facebook page, for example http://www.facebook.com/UserProfile)

I really appreciate any help!

Thanks.

Community
  • 1
  • 1
Ofir A.
  • 3,112
  • 11
  • 57
  • 83
  • Are you using the Android SDK? https://developers.facebook.com/docs/mobile/android/sso/ – Ahmed Nuaman Jun 21 '12 at 08:36
  • @Ahmed Nuaman Yes I'm using the Facebook SDK, and also tried to use single sign on. Take a look at my next [question](http://stackoverflow.com/questions/11117516/move-to-the-facebook-application-page-after-authenticate-through-single-sign-on) – Ofir A. Jun 21 '12 at 08:42

3 Answers3

4

You can not manually log in the user to facebook. That is the whole point of oAuth, the process should be transparent to your app and when the user is done with authentication your app will only get an AccessToken.

From that point on, an AccessToken can stay alive with you almost for ever.

It will be invalid when :

  1. Session expires

    This can be solved by adding a call to your onResume() assuming you are using the Facebook Android SDK for authentication/integration of facebook. When this call is successful, your token will be valid for 60 days.

    public void onResume() {    
    super.onResume();
    facebook.extendAccessTokenIfNeeded(this, null);
}

  2. User changes his password

  3. User de-authorizes your app

  4. User logs out of Facebook

    You can do nothing about these three cases! Your token will be invalidated and you will have to ask the user to re-authenticate using the normal flow.

Follow this tutorial to integrate Facebook inside your Android app

Community
  • 1
  • 1
Sherif elKhatib
  • 45,786
  • 16
  • 89
  • 106
  • Thanks for your answer. I did it exactly like in this tutorial and I get the access token. my question is if I can redirect the user to a Facebook page by my choice after he is already authenticate using the access token - valid token of course. – Ofir A. Jun 25 '12 at 08:44
  • Is it a possibility to disable SSO? This would be a solution. Otherwise, this is not doable because (if i recall correctly) the facebook app does not require a WebView for users to login. – Sherif elKhatib Jun 25 '12 at 09:45
  • and If I just want to open my Facebook page in other way, no in webView? lets say Facebook app or other way. Again for making it clear, I have the access token and he is valid. I want to open a Facebook page with the authentication of the user, that he can preform actions as a registered user and not need the entered his password and email again. – Ofir A. Jun 25 '12 at 09:55
  • If we disable Single Sign On, meaning we get the Token using Webview instead of Facebook app, we might be able to do what you want. However, as long as you're using SSO (Facebook app) this is not doable – Sherif elKhatib Jun 25 '12 at 12:06
  • I know that, it's the regular way. OK thanks, I will continue to look for other answers. – Ofir A. Jun 25 '12 at 12:22
  • yeah look, but it is not doable. – Sherif elKhatib Jun 25 '12 at 12:34
  • If you try to log in using the Facebook App, you will notice that there are no WebViews that open which implies that there are no cookies to get in order to be logged in. There might be a workaround if you have the user's username/password, but I guess it will be buggy coz you can not predict the behavior of facebook, and it is not a good thing to do (not so acceptable). – Sherif elKhatib Jun 25 '12 at 13:09
2

There's a way to use the SDK authentication instead of the SSO as discussed here: How to disable Facebook single sign on for android - Facebook-android-sdk.
But I think that it just results in a bad user experience since the user will need to enter his email/password which is not a fun task to do with most mobile devices.

If the user has the facebook application (katana) installed (which means the use of SSO), then you should be able to just open it with the user profile by using an intent.
I've never done it before, but from these two threads:
launch facebook app from other app
and
Open a facebook page from android app
it looks like you can do something like:

Intent intent = new Intent(Intent.ACTION_VIEW);
intent.setClassName("com.facebook.katana", "com.facebook.katana.ProfileTabHostActivity");
this.startActivity(intent);
Community
  • 1
  • 1
Nitzan Tomer
  • 155,636
  • 47
  • 315
  • 299
0

For connecting to facebook, you have learn Oauth first. Oauth is a one time verification to access facebook details. Password does not requires every time. Go through this documentation.

And this document also useful for you.

Akilan
  • 1,707
  • 1
  • 16
  • 30
  • I'm using single sign on, is that what you mean in Oauth? – Ofir A. Jun 21 '12 at 08:50
  • For tha first you have to learn OAuth fully. OAuth is a one time sign on process to get the facebook data from the particular user. – Akilan Jun 21 '12 at 11:22
  • I don't need any user data, I just need to open a browser with his facebook page. I'm already use single sign on, but the problem is that I can't redirect him to his profile page. – Ofir A. Jun 21 '12 at 11:25
  • person login to facebook page in a browser and return back to the app is basically not possible dude. And if you did like that, the next time when user login, password authentication is needed. so that you have to do OAuth. It is not only getting user data. – Akilan Jun 21 '12 at 11:29