public class FacebookClient extends BaseOAuth20StateClient<FacebookProfile>
This class is the OAuth client to authenticate users in Facebook.
By default, the following scope is requested to Facebook : user_likes, user_about_me, user_birthday, user_education_history, email, user_hometown, user_relationship_details, user_location, user_religion_politics, user_relationships, user_website and user_work_history.
The scope can be defined to require permissions from the user and retrieve fields from Facebook, by using the
setScope(String)
method.
By default, the following fields are requested to Facebook : id, name, first_name, middle_name, last_name, gender, locale, languages, link, third_party_id, timezone, updated_time, verified, bio, birthday, education, email, hometown, interested_in, location, political, favorite_athletes, favorite_teams, quotes, relationship_status, religion, significant_other, website and work.
The fields can be defined and requested to Facebook, by using the setFields(String)
method.
The number of results can be limited by using the setLimit(int)
method.
An extended access token can be requested by setting true
on the setRequiresExtendedToken(boolean)
method.
It returns a FacebookProfile
.
More information at http://developers.facebook.com/docs/reference/api/user/
More information at https://developers.facebook.com/docs/howtos/login/extending-tokens/
Modifier and Type | Field and Description |
---|---|
protected static String |
BASE_URL |
static String |
DEFAULT_FIELDS |
static int |
DEFAULT_LIMIT |
static String |
DEFAULT_SCOPE |
protected String |
fields |
protected int |
limit |
protected boolean |
requiresExtendedToken |
protected String |
scope |
protected boolean |
useAppsecretProof |
logger, OAUTH_CODE
service
ATTEMPTED_AUTHENTICATION_SUFFIX, callbackUrl, callbackUrlResolver
Constructor and Description |
---|
FacebookClient() |
FacebookClient(String key,
String secret) |
Modifier and Type | Method and Description |
---|---|
protected String |
addExchangeToken(String url,
com.github.scribejava.core.model.OAuth2AccessToken accessToken)
Adds the token to the URL in question.
|
protected String |
computeAppSecretProof(String url,
com.github.scribejava.core.model.OAuth2AccessToken token)
The code in this method is based on this blog post: https://www.sammyk.me/the-single-most-important-way-to-make-your-facebook-app-more-secure
and this answer: https://stackoverflow.com/questions/7124735/hmac-sha256-algorithm-for-signature-calculation
|
protected void |
extractData(FacebookProfile profile,
com.fasterxml.jackson.databind.JsonNode json,
String name) |
protected FacebookProfile |
extractUserProfile(String body)
Extract the user profile from the response (JSON, XML...) of the profile url.
|
protected com.github.scribejava.core.builder.api.BaseApi<com.github.scribejava.core.oauth.OAuth20Service> |
getApi()
Define the OAuth API for this client.
|
String |
getFields() |
int |
getLimit() |
protected String |
getOAuthScope()
Define the OAuth scope for this client.
|
protected String |
getProfileUrl(com.github.scribejava.core.model.OAuth2AccessToken accessToken)
Retrieve the url of the profile of the authenticated user for the provider.
|
String |
getScope() |
boolean |
getUseAppSecretProof() |
protected boolean |
hasBeenCancelled(WebContext context)
Return if the authentication has been cancelled.
|
protected void |
internalInit(WebContext context)
Internal initialization of the object.
|
boolean |
isRequiresExtendedToken() |
protected FacebookProfile |
retrieveUserProfileFromToken(com.github.scribejava.core.model.OAuth2AccessToken accessToken)
Retrieve the user profile from the access token.
|
void |
setFields(String fields) |
void |
setLimit(int limit) |
void |
setRequiresExtendedToken(boolean requiresExtendedToken) |
void |
setScope(String scope) |
void |
setUseAppSecretProof(boolean useSecret) |
buildOAuthConfig, getOAuthCredentials, getStateData, getStateParameter, retrieveAuthorizationUrl, setStateData
addAccessTokenToProfile, getAccessToken, signRequest
createOAuthRequest, getConnectTimeout, getKey, getReadTimeout, getResponseType, getSecret, hasOAuthGrantType, isTokenAsHeader, retrieveCredentials, retrieveRedirectAction, retrieveUserProfile, sendRequestForData, setConnectTimeout, setKey, setReadTimeout, setResponseType, setSecret, setTokenAsHeader
computeFinalCallbackUrl, getAjaxRequestResolver, getCallbackUrl, getCallbackUrlResolver, getCredentials, getRedirectAction, isIncludeClientNameInCallbackUrl, redirect, setAjaxRequestResolver, setCallbackUrl, setCallbackUrlResolver, setIncludeClientNameInCallbackUrl
addAuthorizationGenerator, getAuthorizationGenerators, getName, getUserProfile, setAuthorizationGenerator, setAuthorizationGenerators, setAuthorizationGenerators, setName, toString
init, reinit
public static final String DEFAULT_FIELDS
protected String fields
protected static final String BASE_URL
public static final String DEFAULT_SCOPE
protected String scope
public static final int DEFAULT_LIMIT
protected int limit
protected boolean requiresExtendedToken
protected boolean useAppsecretProof
protected void internalInit(WebContext context)
InitializableWebObject
internalInit
in class BaseOAuthClient<FacebookProfile,com.github.scribejava.core.oauth.OAuth20Service,com.github.scribejava.core.model.OAuth2AccessToken>
context
- the web contextprotected com.github.scribejava.core.builder.api.BaseApi<com.github.scribejava.core.oauth.OAuth20Service> getApi()
BaseOAuthClient
getApi
in class BaseOAuthClient<FacebookProfile,com.github.scribejava.core.oauth.OAuth20Service,com.github.scribejava.core.model.OAuth2AccessToken>
protected String getOAuthScope()
BaseOAuthClient
getOAuthScope
in class BaseOAuthClient<FacebookProfile,com.github.scribejava.core.oauth.OAuth20Service,com.github.scribejava.core.model.OAuth2AccessToken>
protected String getProfileUrl(com.github.scribejava.core.model.OAuth2AccessToken accessToken)
BaseOAuthClient
getProfileUrl
in class BaseOAuthClient<FacebookProfile,com.github.scribejava.core.oauth.OAuth20Service,com.github.scribejava.core.model.OAuth2AccessToken>
accessToken
- only used when constructing dynamic urls from data in the tokenprotected FacebookProfile retrieveUserProfileFromToken(com.github.scribejava.core.model.OAuth2AccessToken accessToken) throws HttpAction
BaseOAuthClient
retrieveUserProfileFromToken
in class BaseOAuthClient<FacebookProfile,com.github.scribejava.core.oauth.OAuth20Service,com.github.scribejava.core.model.OAuth2AccessToken>
accessToken
- the access tokenHttpAction
- whether an additional HTTP action is requiredprotected FacebookProfile extractUserProfile(String body) throws HttpAction
BaseOAuthClient
extractUserProfile
in class BaseOAuthClient<FacebookProfile,com.github.scribejava.core.oauth.OAuth20Service,com.github.scribejava.core.model.OAuth2AccessToken>
body
- the response bodyHttpAction
- whether an additional HTTP action is requiredprotected void extractData(FacebookProfile profile, com.fasterxml.jackson.databind.JsonNode json, String name)
protected boolean hasBeenCancelled(WebContext context)
BaseOAuthClient
hasBeenCancelled
in class BaseOAuthClient<FacebookProfile,com.github.scribejava.core.oauth.OAuth20Service,com.github.scribejava.core.model.OAuth2AccessToken>
context
- the web context.public void setUseAppSecretProof(boolean useSecret)
public boolean getUseAppSecretProof()
protected String computeAppSecretProof(String url, com.github.scribejava.core.model.OAuth2AccessToken token)
url
- the URL to which we're adding the prooftoken
- the application token we pass back and forthprotected String addExchangeToken(String url, com.github.scribejava.core.model.OAuth2AccessToken accessToken)
url
- the URL to modifyaccessToken
- the token we're passing back and forthpublic String getScope()
public void setScope(String scope)
public String getFields()
public void setFields(String fields)
public int getLimit()
public void setLimit(int limit)
public boolean isRequiresExtendedToken()
public void setRequiresExtendedToken(boolean requiresExtendedToken)
Copyright © 2016. All rights reserved.