Getting list of friends using the same Application after authentication with GitKit

248 views Asked by At

What is the intended way to get the list of friends (server side) when the same application is used to authentication with the Google Identity Toolkit?

With the Facebook graph API it is possible to get the list of friends: https://graph.facebook.com/v2.3/me/friends

  • An access token is needed
  • The permission user_friends is needed

Can I get the access token from the GitKit somehow?

  • Or a second login with the Facebook-Graph-Api is needed on the client side

The user_friends permission is not asked when logging in with GitKit

  • Is there a way to extend the permissions for login?

Probably similar questions will occur when I try to get the google+ friends using the same application.

A social Login without using any social "feature" does not really make sense for me and I hope there is a way to achieve that with the Gitkit.

2

There are 2 answers

5
dsalama On BEST ANSWER

To add extra permissions to the Identity Toolkit login on Android, add the identitytoolkit.extra_scopes metadata to the manifest. It would look something like:

<meta-data
    android:name="identitytoolkit.extra_scopes"
    android:value="Google: g_scope1; Facebook: f_scope1 f_scope2; Yahoo: y_scope1"/>

Once login is complete, the Facebook SDK will be initialized with the proper token, so you can retrieve the Access Token via AccessToken.getCurrentAccessToken(). Because Facebook tokens are portable, you can send the one retrieved from your application to the backend and use it with the graph API.

0
Hollerweger On

For a Javascipt solution I have now edited gitkit.js to support OAuth scope like in Gitkit v2: https://github.com/Hollerweger/Gitkit-Javascipt-Enhancements

Sample Config:

idpConfig: {
    facebook: {
        scopes: [
            "public_profile",
            "user_friends",
            "email"
        ]
    },
    google: {
        scopes: [
        "https://www.googleapis.com/auth/userinfo.email+https://www.googleapis.com/auth/plus.login"
        ]
    }
}

The Google+ scope isn't needed as it's the default one. Only tested with google+ and facebook login.

The name of the idpConfig childs must be in the first 45 chars of the IDPs authentication url to work.