CODEWITHSUNDEEP
iosfacebookauthentication
Praveen Sharma
Praveen Sharma

Reputation: 181

Authenticate iOS App with Internal Application Credentials NOT User Credentials

Is it possible for me to authenticate an iOS App without user interaction to the level where it can make Facebook requests for Page data?

For example, in an app for a musician, I would like to be able to make facebook requests for the musician's artist page including wall posts. I could then get the raw data for their page and style it however I please. This wouldn't require a user to log in and session authentication would be done asynchronously by the app itself, using embedded credentials.

I'd like to use the SDK but am thinking this would require manual OAuth Access Token requests and posts.

Thanks for the help!

UPDATE:

To clarify, I am curious about the possibility of the following:

1) App loads and makes a request for an OAuth Access Token using credentials baked into the App 2) App can then make requests to facebook for feed data from a predetermined page feed 3) None of this requires any user interaction or bounces the application to mobile safari, etc.

Upvotes: 1

Views: 672

Answers (2)

Praveen Sharma
Praveen Sharma

Reputation: 181

Ok - I figured this out. Feel pretty silly that I didn't know you could do this.

You can request an access token for an app id & secret. This will allow you to make public data requests that require an access token.

TO REQUEST ACCESS TOKEN: https://graph.facebook.com/oauth/access_token?grant_type=client_credentials&client_id=11111111&client_secret=9999999999

Then, simply use the returned Access Token in your Feed Request:

https://graph.facebook.com/musicpage/feed?access_token=ACCESS_TOKEN

If this is against TOS or deprecated - please let me know. For now this seems like the solution!

Upvotes: 1

Balazs Nemeth
Balazs Nemeth

Reputation: 2332

I dont really understand what you want, but it is possible to authenticate without user interaction:

If the request requires authentication in order to make the connection, valid credentials must already be available in the NSURLCredentialStorage, or must be provided as part of the requested URL. If the credentials are not available or fail to authenticate, the URL loading system responds by sending the NSURLProtocol subclass handling the connection a continueWithoutCredentialForAuthenticationChallenge: message.

https://developer.apple.com/library/mac/documentation/Cocoa/Conceptual/URLLoadingSystem/Articles/AuthenticationChallenges.html#//apple_ref/doc/uid/TP40009507-SW1

There is a way for authentication:

- (BOOL)connection:(NSURLConnection *)connection canAuthenticateAgainstProtectionSpace:(NSURLProtectionSpace *)protectionSpace {
   return [protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust];
}

- (void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge {
     if ([challenge.protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust])
         [challenge.sender useCredential:[NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust] forAuthenticationChallenge:challenge];
     [challenge.sender continueWithoutCredentialForAuthenticationChallenge:challenge];
}

Upvotes: 1

Related Questions