Click here to Skip to main content
14,984,032 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
Facebook oauth process prompts user to login using his username and password and prompt about permissions.
So my question is if there is way to do programmatic oauth login. Where we pass user's username and password programmatically and acquired user's permission (access token) without user’s manual intervention.
Posted

well, you havnt specified a language, so your question can only be answered in broad terms - 'Yes, its possible'

see here for oauth implementations that may help http://oauth.net/code/[^]

All that is very well, but a bigger question remains - how are you going to store the credentials [user name/password etc] to pass to an oauth client ? (and I suspect most people will fail on this bit, they'll dream up some harebrained scheme)

'g'
   
Comments
Member 10553642 28-Jan-14 15:33pm
   
Thanks Garth for reposnse.

We would like to do in Java Spring or Javascript for facebook, linkedin etc social networks.

as far as credentails (username/password) is concern we are ok to store in DB or we can pass as hard coded paramater to api on runtime it self. we just want avoid users manual intervention for getting access token to extract his public profile (user profile, friend list etc).

Thanks,
Shahnawaz
Garth J Lancaster 28-Jan-14 21:05pm
   
There is no issue with either the theory of storing the credentials in a DB, then reading them back from the DB - but the practical issue is, unless you're using a DB that can encrypt a column for you (Oracle ?10g and above), you run a big risk of exposing those credentials to anyone who gains access to them by fair means or foul - and that then points at your second point, 'hardcoding' in code is just as insecure - NO NO NO - what if someone gets a copy of your code, finds the credentials ? - they can then use them and cause havoc - you don't want this If you really have to store credentials, then, you should be looking at the equivalent of the DPAPI, and encrypting them based on a 'machine key' - there are Win32 API's for this, please don't go rolling your own version....
Member 10553642 29-Jan-14 1:59am
   
Thanks Garth for quick response!
our main issue is how to programmatically pass username and password to Facebook auth api and set scope/permission (i.e. publish_actions, user_friend etc). As facebook oauth api i.e.:
FB.login(function(response) {
}, {scope: 'publish_actions'});
just prompt facebook oauth dialog box and must require user intervention to enter username and password. Could you please guide in how to programmatically pass username and password and
set scope/permissions without any user intervention. We don’t want any user intervention not even first time as well.

Regards,
Shahnawaz
quineman 9-Jun-14 6:54am
   
Hello have you found any solution for your problem ? Do you finally use 60 days token ?
Do you want to automate final step in getting tokens?
If yes, you have to simulate browser request by analyzing web page source code.
   
Comments
Member 10553642 29-Jan-14 13:51pm
   
Thanks Hossein for response.
for getting access token facebook invoke oauth dialog box and user has to provide username and password manualy after that user say's ok to specific permissions manualy. then facebook generate access token. we want to avoid all these manual intervention and do it programtically. Could you provide more guidence is there is way to simulate this programtically or any example?
Hossein Ghiyasi Mehr 30-Jan-14 3:14am
   
You can do it programatically. You should read HTML codes and javascripts in all pages you go through them manually. Then find all requests your browser sends and simulate them in your program. I already did it for Facebook login. It was too hard.
Why do you need it? What's your occupation? Do you do data mining? Do you really live in US?
Member 10553642 30-Jan-14 14:37pm
   
yes the app does kind of Data mining. but we dont need login programtically we want oauth process to be done programatically

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)




CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900