FaceBook status update failing with 403 Forbidden error

**sivaprasadreddy.k** · Jan 14th, 2011, 09:48 AM

Hi,
I tried to connect to FaceBook Account and I am able to connect and seeing my picture and details. But when i tried to update the status I am getting 403 forbidden error.

Can anyone help me to resolve this?

**habuma** · Jan 14th, 2011, 10:34 AM

What means are you using to get a Facebook access token? Using the <fb:login-button> or are you using the OAuth 2 web server profile?

In either event, when your application requests authorization from Facebook, have you requested "publish_stream" permissions in the scope parameter? If you're using the <fb:login-button>, you'll need to be sure to pass "publish_stream" in the perms attribute. If you're using the OAuth 2 web server profile, then be sure to pass it as the value of the scope parameter sent to the authorization URL.

If you've done that and still can't post, give more details on how you're obtaining the access token and I'll see if I can spot the problem.

**sivaprasadreddy.k** · Jan 14th, 2011, 10:56 AM

Hi,

I am using oAuth for getting access token.

Code:

String fb_oath_uri = "https://graph.facebook.com/oauth/";

public String fbLoginAuthenticate() {
        return "redirect:"+ fb_oath_uri +"authorize?" +
                "client_id=" + clientId +
                "&display=page&redirect_uri=" + redirectURI;
    }

 private String assembleAuthentication(String authCode) {
        return fb_oath_uri + "access_token?" +
                "client_id=" + clientId +
                "&redirect_uri=" + redirectURI +
                "&client_secret="+ secret +
                "&code="+authCode;
    }
 
    public String retrieveAccessToken(String code){
        String accessToken = null;
        if (null != code) {
            String authURL = assembleAuthentication(code);
            URL uri = null;
            try {
                uri = new URL(authURL);
                String result = crawlToURL(uri);
                String[] values = result.split("&");
                for (String value : values) {
                    String[] valuePair = value.split("=");
                    if (valuePair.length != 2) {
                        throw new RuntimeException("Unexpected auth response");
                    } else {
                        if (valuePair[0].equals("access_token")) {
                            accessToken = valuePair[1];
                        }
                    }
                }
            } catch (MalformedURLException e) {
                throw new RuntimeException(e);
            }
        }
        return accessToken;
    }
 
    private String crawlToURL(URL uri) {
        ByteArrayOutputStream byteOutputStream = null;
        InputStream inputStream = null;
        String stream = null;
        try {
            inputStream = uri.openStream();
            byteOutputStream = new ByteArrayOutputStream();
            int i;
            while ((i = inputStream.read()) != -1) {
                byteOutputStream.write(i);
            }
            stream = new String(byteOutputStream.toByteArray());
        } catch (IOException e) {
            throw new RuntimeException(e);
        }finally {
            if (null != byteOutputStream) {
                try {
                    byteOutputStream.close();
                } catch (IOException e) {
                    //do some logging here instead of printStackTrace()
                    e.printStackTrace();
                }
            }
 
            if (null != inputStream) {
                try {
                    inputStream.close();
                } catch (IOException e) {
                    //do some logging here instead of printStackTrace()
                    e.printStackTrace();
                }
            }
        }
 
        return stream;
 
    }

Where should i pass the "publish_stream" perms attribute?

**habuma** · Jan 14th, 2011, 11:17 AM

In your fbLoginAuthenticate() method, as a scope parameter to the authorization URL...something like this:

Code:

public String fbLoginAuthenticate() {
        return "redirect:"+ fb_oath_uri +"authorize?" +
                "client_id=" + clientId +
                "&display=page&redirect_uri=" + redirectURI +
                "&scope=publish_stream";
    }

Note that the scope parameter takes a comma-delimited list, so you can ask permission for a variety of different things. See http://developers.facebook.com/docs/...on/permissions for details on what kinds of permission you may ask for from Facebook.

**sivaprasadreddy.k** · Jan 14th, 2011, 07:53 PM

Wow..Its working now.
Thanks a lot :-)

**vossgeraldo** · Jan 19th, 2011, 12:17 PM

hi,

where are you getting this value "&code="+authCode?

Thanks,

Gerald

**vossgeraldo** · Jan 19th, 2011, 01:10 PM

Could you please share the code on how you made this working?

Thanks,

**vossgeraldo** · Jan 23rd, 2011, 02:27 PM

Originally Posted by sivaprasadreddy.k

Wow..Its working now.
Thanks a lot :-)

Hi sivapradreddy,

Can you share how you handle the oauth dance in spring?

**lukeypinit** · Feb 4th, 2011, 10:33 AM

please show how you did this, im very confused

**dpaily** · Feb 24th, 2011, 06:35 PM

http://www.adobocode.com/spring/acce...spring-social/

Thread: FaceBook status update failing with 403 Forbidden error

Thread Tools

Display

FaceBook status update failing with 403 Forbidden error

Help

Sample- OAuth example

Posting Permissions