feat: use AuthorizationType while setting the token into http header

[olimpias]

In some cases, we need to use OAuth rather than Bearer token in http headers. This PR addresses this issue.

Example OAuth case here while uploading a media using upload session.

[huandu]

I'm confused by the HTTP header. How should developers decide to choose Bearer or OAuth? I don't find any facebook document about it. Do you have any pointer? The API design in this package should following facebook guidance.

[olimpias]

Developers should decide based on which API they want to use in Facebook. There is no clear separation in facebook API documents but mostly bearer token is in use as far as I see.(and currently its the default behaviour). However we faced a case where we needed to use OAuth for Authorization header thats why I created this PR. I shared the OAuth usage in the PR description from the doc. Below the example request to facebook for uploading a file through resumable upload api

curl -X POST \
 "https://graph.facebook.com/v16.0/upload:MTphd..." \
 --header "Authorization: OAuth EAAIT..." \
 --header "file_offset: 0" \
 --data-binary @cats_are_jerks.png

[huandu]

I tried to follow the document and test this API in Graph API Explorer, but failed. No matter how I sent access_token to facebook, by query string or HTTP header, I always got an error saying "(#100) Tried accessing nonexisting field (uploads) on node type (Application)". Do you have any idea on this?

I'm trying to find out whether the OAuth in HTTP header can be replaced to Bearer and whether it's the only special case in Graph API. If OAuth is mandatory and only required (or even valid) in <app_id>/uploads edge, I prefer to design a new API for it, just like App secret proof feature.

[huandu]

I tried to follow the document and test this API in Graph API Explorer, but failed. No matter how I sent access_token to facebook, by query string or HTTP header, I always got an error saying "(#100) Tried accessing nonexisting field (uploads) on node type (Application)". Do you have any idea on this?

@olimpias Could you answer my question? As I cannot verify the code in this PR, I cannot do more on this PR.

[olimpias]

Hello @huandu , I will get back to you in this week about the PR.

[olimpias]

Hey,

First you need to call upload endpoint to get session-id like in the example.

POST https://graph.facebook.com/{api-version}/{app-id}/uploads
  &file_length={file-length}
  &file_type={file-type}
  &access_token={access-token}

response will have id, then you need to call the following API with the ID

curl -X POST \
 "https://graph.facebook.com/v16.0/{id}" \
 --header "Authorization: OAuth {access-token}" \
 --header "file_offset: 0" \
 --data-binary @cats_are_jerks.png

As far as I see, OAuth only required for this custom endpoint to continue the session uploads. Sure sounds good for me to use special API for OAuth

[huandu]

OK. I managed to upload file to Facebook with API finally. I found that OAuth is required for authorization.

I tried other Facebook Graph API. OAuth worked for all APIs while Bearer worked for all except the upload API. So I think we can use string OAuth to replace Bearer to make things simpler. It's a bit hard for developers to understand why there are two Use***AuthorizationHeader methods and which one should be used.

What's your thought?

[KOREANO88]

No sé cómo hacerlo sé que me responden pero soy nuevo y e tenido problemas en las redes alguien me roba las cueentas NO SÉ CÓMO EMPEZARLO