Facebook API Question posted in
The official documentation for the Facebook APIs can be found here.

How to code in app secrets and tokens for Facebook authentication in Google Scripts without having the credentials in the script? – Facebook api

I have a script that can obtain successfully from the Facebook oAuth API: 

function getToken() {
  var appId = "XXXXXX"; 
  var clientSecret = "XXXXXXXXXXXX";
  var url = "https://graph.facebook.com/oauth/access_token?client_id="+appId+"&client_secret="+clientSecret+"&grant_type=client_credentials";
  var response = UrlFetchApp.fetch(url);
  var queryResult = response.getContentText(); 
  var token = queryResult.slice(13);
  return(token);
}

The question is, that I prefer not to have my appId and clientSecret in the body of my script so is there a way where I can code this in without having my credentials in plain text?

Tags:

2

Answers


  1. 0

    For that you need to install latest facebook SDK which uses Namespace and protected methods to get facebook data using graph api. Below is an example I worked on :

    require_once ROOT . '/vendor/Facebook/autoload.php';
use FacebookFacebookSession;
use FacebookFacebookRedirectLoginHelper;
use FacebookFacebookRequest;
use FacebookFacebookResponse;
use FacebookFacebookSDKException;
use FacebookFacebookRequestException;
use FacebookFacebookAuthorizationException;
use FacebookGraphObject;
use FacebookEntitiesAccessToken;
use FacebookHttpClientsFacebookCurlHttpClient;
use FacebookHttpClientsFacebookHttpable;
class FacebookComponent extends Component
{
    public $app_id;
    public $app_secret;
    public $default_graph_version;

    public function __construct()
    {
    $this->app_id = "XXXXXXXXXXXXXXX";
    $this->app_secret = "XXXXXXXXXXXXXXXXXXXXX";
    $this->default_graph_version = "v2.5"; // For Offerz-develop app

    }
    public function getFacebookConn(){
    $app_id = $this->app_id;
    $app_secret = $this->app_secret;
    $fb = new FacebookFacebook([
        'app_id' => $app_id,
        'app_secret' => $app_secret,
        'default_graph_version' => 'v2.5',
    ]);
    return $fb;

    }
    }
    Login or Signup to reply.
  2. 0

    Manually enter the keys and secret into the script editor as a “Script Property” (File > Project properties > Script properties) and then access them in the code using the Properties Service.

    For example you could manually add:

    property:APP_ID, value:'XXXXXXXX'

    Then access it in the code with 

    var appId = PropertiesService.getScriptProperties().getProperty('APP_ID')

    This technique works if you wanted to share the script on somewhere like Github, or if you only gave out view-access to the script in which case the script properties aren’t visible (you should not be able to see the SPs in this script). If you give edit access to others they’ll be able to see the SPs, but then you could use User Properties.

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search