PostMaster (Part 2) Integrating Facebook in mobile apps
In my previous post I talked about how and why we built a library for posting content on various social media platforms without opening their respective preinstalled apps. So here’s the part 2 which shows the Facebook integration and posting in depth.
Prerequisite
- Facebook developer account
- Business details/documents. Yes, you heard it right. Documents like government approved documents or a document verifying the business address to link with the developer account
- Contract signing for the verified business
- An email id that is linked with the company domain
- Company’s website
- If you don’t have a business or a business account, you can also opt for individual verification after creating the app in developer profile .
- SHA1 and SSL key generated from android studio for the particular project you are working on
- App package name
- App id/App secret (generated after creating an app successfully in Facebook developer profile)
Steps to follow in order to post from your app
- Facebook Login
- Ask necessary permissions to post on user’s behalf
- Access Token obtained as a result of successful login
- A post composer that will enable user to compose text or text with image for posting
- Configuring APIs which will enable fetching all the necessary details such as id, access tokens etc, posting, and login.
Facebook Login
Facebook Login is a simple set of 11 steps which we need to follow in order to enable users to log into our app with Facebook. Below is the official link for the same with all the steps documented comprehensively-
Facebook Permissions
Facebook permissions are very important part for any app using its features because they take privacy very seriously and don’t want any developer using their platform to abuse the user data. In order to achieve such they have integrated Facebook permissions that are necessary for users to approve it & developers to integrate it in order for the app to perform as expected in real time mode.
Coming to development modes, in developer panel there are two modes,
- Live Mode
2. Development Mode
In development mode only the developers and testers that are assigned the roles by admin can use and test the app and it is not publicly available. In this mode the user can test and use all the available functionalities after integrating the applicable permissions. Also you can use as many permissions you want and use as many functionalities that you desire. In live mode your app is available for public use, but before going to live mode there’s some procedure that you’ve to follow in order for app to work exactly alike as it was in development mode and it is as follows,
If your app is using permissions other than email, pages_show_list, then it is compulsory for the app to go under App review.
In order for app to go for review you must have these
(perquisites -> point 2 to 6) configured.
In app review basically what happens is you have to upload the APK and a video showing how the permissions that you intend to use is working and how the data is organised. Also you have to provide the suitable test cases and valid login credentials for the people at Facebook to login and test your app, after a week or less you will get an acknowledgement from Facebook in developer profile regarding you App review and if the rejection occurs due to some reason, it’s explanation on why it was rejected and what needs to be done to avoid such will also be provided from their end (So nothing to worry about). Also while applying for App review ask for only those permissions that are relevant to your app, don’t ask for any unnecessary permissions, asking for excess of such will also cause the rejection in app review. Only after successful App review and having all the permissions granted you can switch to live mode.
Also Facebook goes through the periodic app reviews of the app which uses permissions to post on user’s behalf so make sure that your app complies with the privacy policy and terms of service of Facebook at all-time.
Furthermore, permissions are of two types
1.Read Permissions (Read user data)
2.Write Permissions (Writes data or perform write operations on behalf of users)
You can only seek for one class of permissions, that is either read or write at a time, in order to access both classes of permissions together you have to open sessions for them turn by turn.
Following code snippet demonstrates how to ask for permissions using Facebook login.
Fetching user details
Here in the above code snippet, async calls are made to Facebook’s API using Graph request’s methods that are available from Facebook SDK.
Fetching Access Token
Access Token can be regarded as a unique key or unique id that is different for all users that is used to perform all the API & SDK operations. An access token can only be generated after granting permissions and successful login of the user. Also the access token generated contains the list of permissions that a user has approved, so you can keep a track of the user approved permissions and prompt user to approve any crucial permissions which he hasn’t by making him logging into Facebook again. Following snippet shows how to generate access token for the user.
Also you can use Facebook’s default Graph API explorer to try Facebook permissions features as below. This can also serve as an alternative for Postman if you are building and testing out the APIs in it.
Posting
So finally here we are at the most anticipated portion of the blog, according to the latest developer documentations, posting can be done in two categories as,
- Posting in Groups
2. Posting on Pages
For posting on both the most necessary thing is that the user on behalf of who’s the posting is done must be the admin of group or the page, otherwise posting on behalf won’t work. Another important thing is you must have group id and page id for posting on the same. User’s general access token will work while posting on group, but when posting to page, the particular page’s access token will be required else the posting won’t work.
For posting in group, Groups API will be used whereas posting on Page requires Graph API
Fetching Groups & Pages that user is admin of
In above code there are two end points used with Facebook’s general API and they are
- /groups : which will be used for fetching the list of groups that user is admin of
- /accounts : which will be used for fetching the list of pages that user is admin of
Composing the post and posting it on user’s behalf Posting is divided into two segments as
- Making text posts
2. Making image post with text
Text post
In this section of code we have used Okhttp client in order to make post request to Facebook for posting on user’s behalf.
Image with text post
In this section of code we’ve used dependency named RestFB https://restfb.com/,
This dependency is used to make OAuth api calls to the Facebook in order to post image with text on Group/Page, here FacebookClient and FacebookType are the classes from RestFB which are used in the posting, image should be converted to byte array before hitting the API as it is compulsory in OAuth’s 3 legged mechanism to have the image in binary/byte form while sending it to server for posting.
Conclusion
It took us a lot of patience, app testing, rejected app reviews, blocked Facebook account and staying up to date with never ending updates in policies to finally build a common solution/platform for posting on user’s behalf on multiple social media platforms out of which posting on Facebook turned out to be quite of a challenge but its always the team work that wins at the end. Stay tuned for the next part of the blog where we’ll go in depth of posting on user’s behalf on other platforms such as LinkedIn, Twitter and Instagram.
Don’t forget to give claps if you find this useful.
Happy Coding.
