-1

I need to build a scraper that takes as input​ the Facebook credentials of a user and than scrapes all the friends of the user to do some statistical computations. How can I go with this? I get to know that graph API don't allow to access friend list of a user. So do I need to signin the user and then scrape the friendlist ?

I want to find the date/time they became friends, for each of the user's friend.

andyrandy
  • 72,880
  • 8
  • 113
  • 130
tarun14110
  • 940
  • 5
  • 26
  • 57
  • 2
    _“I get to know that graph API don't allow to access friend list of a user. So do I need to signin the user and then scrape the friendlist ?”_ – no, what you need to do is accept the fact that Facebook does not want you to do this (otherwise they would have implemented it via API) - and then simply not do it. – CBroe Jan 11 '17 at 09:44

1 Answers1

3

takes as input​ the Facebook credentials of a user

Never ever ask a user for his credentials. Always use Facebook Login to authorize users: https://developers.facebook.com/docs/facebook-login

scrapes all the friends of the user

Scraping is not allowed on Facebook: https://www.facebook.com/apps/site_scraping_tos_terms.php

The only way to get access to the friends of a user is to authorize the user with the user_friends permission and use the /me/friends endpoint. You can only get a list of friends who authorized your App with that permission too. The date/time you became friends is not available though.

More information: Facebook Graph Api v2.0+ - /me/friends returns empty, or only friends who also use my app

Community
  • 1
  • 1
andyrandy
  • 72,880
  • 8
  • 113
  • 130
  • 1
    Allowed or not allowed if they provide a garbage API, people are gonna do it. They don't serve the users interest with this, otherwise invitable friends would not exist. – Daniel Sharp Aug 23 '18 at 01:05
  • 1
    invitable friends is deprecated. not sure what you mean with "garbage api", i think it´s great and the privacy changes were neccessary. apps i did not authorize have no business using any of my data, not even my name. – andyrandy Aug 23 '18 at 05:59
  • Then they realized the hypocrisy last time I checked they still had invitable friends avaliable to games using Facebook canvas, sorry for that. But let's face it they could return public data (not saying they should return only visible to friends data like Workplace/Home address depending on how you set your permissions up). Unless the very notion of friendship is a mutual permission, which is an interesting concept. – Daniel Sharp Aug 23 '18 at 14:07
  • yes, but invitable_friends only had the name of the user and an invite token, not even his id. either way, it´s their api, and their decision what to do with it. we can only work with what we have. – andyrandy Aug 23 '18 at 14:10
  • In my opinion not using for data mining or storage should also be in the legal area, as you are basically just providing a highly specialized "browser". My example would be a list of friends to ease the addition of pictures of your friends in a contact app, nothing gets stored unless the USER of you app allows it, it is a convenience but we cannot provide it through using the API. This is where web scraping should be legal. – Daniel Sharp Aug 23 '18 at 14:10
  • what should and shouldn´t be legal is their choice, not ours. of course people will just ignore the rules, but...let´s not be those kind of developers ;) – andyrandy Aug 23 '18 at 14:11
  • So what would be you solution to the above fetch pictures to help the user problem, ignore Facebook? – Daniel Sharp Aug 23 '18 at 14:12
  • the solution is not to do it, because it´s not allowed. it´s as simple as that. see comment of CBroe below the question too. – andyrandy Aug 23 '18 at 14:24
  • My opinion is taggable_friends should be renamed to browsable_friends or so. Applications should still make it through a manual review process, having it be restricted to tagging makes it next to useless, but there are a lot of use cases which are similar. – Daniel Sharp Aug 24 '18 at 15:50