Documentation for publish_stream reads: "Enables your app to post content, comments, and likes to a user's stream and to the streams of the user's friends. With this permission, you can publish content to a user's feed at any time, without requiring offline_access."
So the workflow is thus:
FB.login() with publish_stream scope like so:
FB.login(function (response) { if (response.authResponse) { FB.api('/me/permissions', function (permissions) { if (permissions.data[0].publish_stream == 1) { //user has now granted publish_stream to this application } }); } }, { scope: 'publish_stream' });
Use the C# Facebook SDK to post to this user's friend's wall using the application's access token.
var client = new FacebookClient(FacebookAppId, FacebookAppSecret); // Build the wall post dynamic parameters = new ExpandoObject(); parameters.message = facebookDeliveryQueueItem.MessageBody; // user message // Post to the wall client.Post(facebookRecipientId + "/feed", parameters);
This returns:
{"error":{"message":"(#200) The user hasn't authorized the application to perform this action","type":"OAuthException"}}
However! If I attempt to use this code to post to MY OWN wall, it works just fine.
If a user grants publish_stream to my application, I can then use the the APPLICATION access token (you get this by issuing a GET to https://graph.facebook.com/oauth/access_token?grant_type=client_credentials&client_id=APP_ID_HERE&client_secret=APP_SECRET_HERE ) to post on that user's wall -- but NOT to that user's friend's wall.
So is the "and to the streams of the user's friends" part of the Facebook documentation a lie or am I doing it wrong? There is a ton of misinformation out there.
You should explicitly specify
access_token
before issuing request, if you omit it
access_token
of current user is used.
Add this before call to
client.Post
parameters.access_token = FacebookAppId+"|"+FacebookAppSecret;
The documentation is correct (in this case). You can post on user's and his friends wall once user granted you publish_stream
permission using application access_token
( without need to ask for offline_access
!) with respect of wall owner preferences. Some users set privacy settings to deny specific users/application or even anyone other to post content.
Ensure you can post on that specific friend (one you have issue with) wall using http://facebook.com and using Graph API Explorer tool (providing application access_token
for sure).
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.