问题
I'm developing a library for mobile apps. The library is a wrapper to my web API (REST), and provide several objects in order to facilitate the implementation in code.
My API required social integration (Facebook, for example) - in my stand-alone app, the app is asking Facebook for permissions and send the token to the server using the API.
Assumptions:
The apps, that going to integrate my library is already require social integration from it's users.
The developers who going to use this library, knows that the library require social integration, and willing to add my library required permissions to their apps.
Questions:
(My question is partially architectural and partially about best/common practice)
Can I use the host apps token to interact with the social network? (for example, posting an image in behalf of user).
1.1. If the answer is "yes", is there any limitations? Can I later access this data from server (without the host app secret key)?
1.2. If the answer in "no", can my library ask for permission? (i.e. open Facebook permissions dialog in the host app)
And, is there any other/better solution for this problem?
Thanks!!!
回答1:
Yes you can use app generated token to interact with facebook. token depend on user, app, and permissions. so for same user but different app it will be different token. to upload images and post on walls you need to set permission on time of token generation and/or time of app generation on facebook.
last thing when you post make sure setup privacy and every token expires in 60days though you can generate long term tokens too.
来源:https://stackoverflow.com/questions/22448147/user-social-network-integration-in-external-mobile-library