Django-Facebook (yet another thread)
Orazio
Last day I got the bright idea to start building a facebook app in
django. I was convinced that documentation would be good given that
django docs are very well written and facebook is a big project.
Instead....aaaaaaaaaaarrghhhh!!!!!!!!
On facebook side, there are old and messy docs full of stale options
and broken links (they changed something in their developer part of
site...)!
On django side, lot of small and sometimes unfinished project with no
docs, and not compatible with recent version of django or fb api. Just
to cite few:
http://github.com/facebook/python-sdk
https://github.com/ryanmark/django-facebookconnect/tree/master/facebookconnect
https://github.com/sciyoshi/pyfacebook/
https://github.com/tschellenbach/Django-facebook
https://github.com/dickeytk/django_facebook_oauth
http://github.com/flashingpumpkin/django-socialregistration
So my question is: which is the best way to realize TODAY a (not so)
simple hello world application that does some basic tasks such
- ask to fb user the right to publish things on wall and obtain
personal data like all the other fb app
- show my fb name
- publish something "hello world" on wall
- be able to comunicate with my server using post (like the example
for fbconnect should do)
Preventing questions, nowadays:
- pyfacebook seems not to be compatible to django 1.2.x and their
example don't work (at least for me)
- facebook apps are moving to Iframe so that FBML apps will be no
longer accepted from the next year (according to fb roadmap)
- python-sdk, to the best of my knowledge, are the only one supported
by facebook staff. This would be good because I would not like that my
app relies on a stale-in-6-month library. Unfortunately, I didn't
understand how to use it in django to do those tasks.
So, today which is the better choice to write an app that do those
basic tasks? And where can I find some updated documentation ?
Thanks for any clarification! :)
Lorenzo
Aljoša Mohorović
http://developers.facebook.com/docs/authentication/canvas
howto ask use to authorize your app?
you need to point user to proper url -
http://developers.facebook.com/docs/authentication/#authenticating-users-in-a-web-application
this code generates url to ask user for permissions in 'scope' arg:
===================================================
fb_auth_url = "https://graph.facebook.com/oauth/authorize"
args = {
'client_id': settings.FACEBOOK_API_KEY,
'redirect_uri': 'http://apps.facebook.com/%s/' % getattr(settings,
'FACEBOOK_APP_NAME', None),
'type': 'user_agent',
'display': 'page',
'scope': 'user_photos,user_videos,publish_stream,offline_access,user_birthday,...',
}
url = "%s?%s" % (fb_auth_url, urllib.urlencode(args))
===================================================
full list of permissions ('scope' arg) is available -
http://developers.facebook.com/docs/authentication/permissions
what's next after user authorizes app and ext. permissions?
when user authorizes your app and returns to your app you'll get
'signed_request' on first request.
you can extract data from 'signed_request' with this code:
===================================================
import json # or simplejson as json
import base64
import hashlib
import hmac
# code for facebook signed_request based on/copied from:
http://sunilarora.org/parsing-signedrequest-parameter-in-python-bas
# additional info:
http://stackoverflow.com/questions/3302946/how-to-base64-url-decode-in-python
def base64_url_decode(inp):
padding_factor = (4 - len(inp) % 4) % 4
inp += "="*padding_factor
return base64.b64decode(unicode(inp).translate(dict(zip(map(ord,
u'-_'), u'+/'))))
def parse_signed_request(signed_request, secret):
l = signed_request.split('.', 2)
encoded_sig = l[0]
payload = l[1]
sig = base64_url_decode(encoded_sig)
data = json.loads(base64_url_decode(payload))
if data.get('algorithm').upper() != 'HMAC-SHA256':
# log.error('Unknown algorithm')
return None
else:
expected_sig = hmac.new(secret, msg=payload,
digestmod=hashlib.sha256).digest()
if sig != expected_sig:
return None
else:
# log.debug('valid signed request received..')
return data
===================================================
ok, so what's in data from 'signed_request'?
data from 'signed_request':
===================================================
data = parse_signed_request(request.GET.get('signed_request'),
settings.FACEBOOK_SECRET_KEY)
# fb uid for user
uid = data.get('user_id')
# with access token you can access graph api and actually do something
# check http://developers.facebook.com/docs/api for more info
access_token = data.get('oauth_token')
===================================================
so how do i actually do something?
when you have access_token it's pretty simple to use graph api.
to publish something:
===================================================
h = httplib2.Http()
api_url = "http://graph.facebook.com/PROFILE_ID/feed"
args = {...} # provide arguments as described here -
http://developers.facebook.com/docs/reference/api/post#publishing
resp, content = h.request(api_url, "POST", urlencode(args))
===================================================
i've posted this from my head, maybe i forgot something, so post
additional questions if something doesn't work as expected.
official facebook python-sdk actually works but nobody is maintaining it.
also, if you ever used google apis or anything else that actually
worked prepare yourself for hell know as facebook platform.
Aljosa Mohorovic
Martey
Python SDK <https://github.com/facebook/python-sdk> and the official
JavaScript SDK <http://developers.facebook.com/docs/reference/
javascript/>. The JavaScript SDK takes care of authentication,
requesting permissions, and providing an access token, which I then
pass to the Python SDK in order to access information through the API.
There is, as far as I know, no official documentation involving Django
and the Python SDK, but one of the comments on a bug report asking for
a Django example suggested <https://github.com/anentropic/python-sdk/
tree/master/examples/newsfeed_django/>. I have not run that code, but
a cursory reading suggests that it would be helpful.
On Dec 14, 2:37 pm, Orazio <ziducai...@autistici.org> wrote:
> Hi all,
> Last day I got the bright idea to start building a facebook app in
> django. I was convinced that documentation would be good given that
> django docs are very well written and facebook is a big project.
> Instead....aaaaaaaaaaarrghhhh!!!!!!!!
> On facebook side, there are old and messy docs full of stale options
> and broken links (they changed something in their developer part of
> site...)!
> On django side, lot of small and sometimes unfinished project with no
> docs, and not compatible with recent version of django or fb api. Just
> to cite few:
>
da.in...@gmx.net
and is actually working:
https://github.com/iplatform/pyFaceGraph
The tricky thing is how to get the access_token (Aljosa mentioned the
proper documentation). The graphdevtools-example-application under
"test" is also helpful here to get the token inside your application.
On 14 Dez., 20:37, Orazio <ziducai...@autistici.org> wrote:
> Hi all,
> Last day I got the bright idea to start building a facebook app in
> django. I was convinced that documentation would be good given that
> django docs are very well written and facebook is a big project.
> Instead....aaaaaaaaaaarrghhhh!!!!!!!!
> On facebook side, there are old and messy docs full of stale options
> and broken links (they changed something in their developer part of
> site...)!
> On django side, lot of small and sometimes unfinished project with no
> docs, and not compatible with recent version of django or fb api. Just
> to cite few:
>
Justin Murphy
straightforward and you can pretty much use the same concepts in your
Django code. I would think that the signed request logic would work
best in middleware.
https://github.com/facebook/runwithfriends
-Justin