Using the new JS SDK from FB, I notice that there is no dialog telling the user they will be logged out from Facebook when logging out from my app.
What happens now is somewhat of a UI/UX problem: the user logs out from my app but also automatically logged out from Facebook without warning, which can be annoying.
Has anyone resolved this using FB SDK methods or some other function within FB.logout();?
Thanks for helping.
You will have to make your own UI dialog for this (or use the deprecated connect javascript sdk). You could either pop up a UI dialog warning that they will be logged out of both your app & out of facebook, or specify a callback method in the FB.logout function which tells them afterwards that they have been logged out of both.
Unfortunately this is as designed as noted here: http://developers.facebook.com/docs/reference/javascript/FB.logout/. As this is as designed in the Javascript SDK, I'm fairly confident in making an assumption that a server-side library will yield the same results.
I found a trick, that logs the user out of your application just client side, but leaves him logged in on facebook:
FB._authResponse = null;
FB._userStatus = null;
After that, calls to FB.api will return the proper error:
>>> FB.api('me', log)
{"error":{"message":"An active access token must be used to query information about the current user.","type":"OAuthException"}}
Also FB.getLoginStatus and FB.getAuthResponse are returning null or behave like the user is not logged in:
>>> FB.getLoginStatus(log)
{"status":null,"authResponse":null}
You can even log in the User again with FB.login()
But after a reload, the User will be logged in again automatically, if you have status : true in your FB.init config:
FB.init({
appId : 'yourappid',
status : false, // will not load the user automatically on pageload/refresh
cookie : true, // will leave the userid in FB._userID
oauth : true,
xfbml : true
});
Hope that helps a bit.
Related
i am currently building a website and my Wordpress theme already supports login to Facebook via the JS SDK. Below is my FB.init
window.fbAsyncInit = function(){
FB.init({
appId : 'xxxxxxxx'
, status : true
, cookie : true
, xfbml : true
, oauth : true
, version : 'v2.2'
});
};
Since i want to do some background checks before outputting stuff on HTML i'm also using the PHP SDK. ( I do not use the PHP for login purposes due to having more redirects while the JS one is straight forward (pop up and you're done).
To make the requests i am using the FacebookJavascriptLoginHelper with the below code to get the session i need for the request.
$helper = new FacebookJavaScriptLoginHelper();
try {
$session = $helper->getSession();
} catch(FacebookRequestException $ex) {
// When Facebook returns an error
} catch(\Exception $ex) {
// When validation fails or other local issues
}
All good so far. Each time i refresh the page i'm getting a new access token from the JS SDK and use it in the case i need to make a request.
Problem is on the logout part of all this.
If i use the FB.logout the user is logged out of the facebook, even in his browser and has to login again which is absolutely not acceptable.
I can by pass this "issue" by simply checking if there is a logged in user before going on and start asking for new Facebook sessions but is that the way i should go ?
When i loggout of the wordpress i can still receive access tokens and make requests to the server for some time. Close to 10-15 minutes i think. After that i do not receive anything and have to log in again.
EDIT: Also i noticed that even if i don't log out, if i don't refresh for a short period of time i get no session (access token). If i refresh once and then the second time i do get one
I have a facebook app that is going to be installed on a facebook page. When an end user visits this app, he'll be asked to authorize the app. I'm using FB.login in JS to authorize and I do get facebook dialog asking for permission. But the control does not come to callback of FB.login at all. What am I missing here?
FB.init({
appId: <app_id>
});
FB.login(function(response){
console.log(response); //control never comes here even after user authorizing the app
}, {scope:"email,userlikes"});
You are adding a wrong permission here.
Replace userlikes with user_likes
(I dont think even the permissions were asked with your code since the permission is incorrect)
Check this Demo. When you close the login dialog, check the console of the browser, you'll see the response.
I am developing a Facebook app. I have a server side OAuth flow which allows me to authenticate a user without requiring him to click on any button. I hence retrieve his accessToken as long as other information and use those ones on the server side before to generate the page.
In my application, I now need to use the Javascript API which could technically share the same Oauth token.
Is it possible to instantiate the FB javascript Object with a given Oauth token ?
I know it is possible to do the contrary meaning doing the Oauth process on the client side and share the Oauth key with the server side via the cookie but this has two many drawbacks in my opinion :
_ First, it implies to have this "login" button which is to me not a good user experience for a facebook app.
_ Also, I don't get how this Oauth process is supposed to behave if my application is composed of two different pages. Going from one page to another reloads entirely the javascript. Will this Oauth process (with the popup and so forth) be done on each page reloading ?
Thanks for your help !
I had a similar problem once, Facebook has an older method called FB.getLoginStatus which you can use to check if the user has given permission without a popup -
FB.init({appId: 'XXXXXXXXXXXXXX', xfbml: true, cookie: true, oauth: true});
FB.getLoginStatus(function(response) {
if (response.authResponse) {
token = response.authResponse.accessToken;
FB.api('/me', function(response) {
console.log(response);
// do something here they are logged in and have given you perms
});
} else {
// no user session available, someone you dont know
}
});
hope that helps!
Users have been able to log into my website using their Facebook account, but then it suddenly stopped working properly.
I use the following standard Facebook JavaScript SDK code:
window.fbAsyncInit = function() {
FB.init({
appId : '<MY_APP_ID>',
status : true, // check login status immediately
cookie : true, // enable cookies to allow the server to access the session
xfbml : false // because I don't use XFBML
});
FB.login(function(response) {
// code that deals with `response`, whether null or not
});
}
But if I cleared the browser cache, and triggered this code (after the Facebook library had loaded), the following would happen:
Facebook's login dialog would pop up.
After entering credentials of a user that has access to this Facebook app, a dialog would ask whether I want to register a new login location.
Regardless of the action taken in the previous step, the dialog box displays the following error message:
An error may have occurred as part of the login process. You can close this window and try returning to the application, though it may ask you to log in again. This is probably due to a bug in the application.
FB.login's response contains an error message. Inspecting the browser's state, I can see that login information is stored within a Facebook cookie. Triggering the above code again, without clearing the cache, now succeeds.
Why doesn't it work the first time around?
Due to Facebook's OAuth 2.0 and HTTPS Migration, not using OAuth 2.0 after October 1, 2011 within JavaScript SDK will not work (properly).
To make the above example work, make sure that:
your FB.init call sets oauth to true (see example usage):
in the code that deals with the response:
you are reading the authResponse (not session) field of the FB.login's response;
you are calling FB.getAuthResponse (not FB.getSession), and reading signedRequest from its response.
I am working on a Facebook application which is integrated with Facebook and am trying to get the user's FB session. As far as I understand, a common usage scenario is as follows.
call FB.init()
call FB.getLoginStatus giving it an appropriate callback.
I ran the following code (the application id).
<div id="fb-root"></div>
<script src="http://connect.facebook.net/en_US/all.js"></script>
<script type="text/javascript">
<!--
function init(){
FB.init({
appId : '9999999999999',
status : true, // check login status
cookie : true, // enable cookies to allow the server to access the session
xfbml : true, // parse XFBML
channelUrl : 'http://127.0.0.1:8888/channel.html', // custom channel
oauth : true // enable OAuth
});
alert('going to call FB.getLoginStatus ');
FB.getLoginStatus(function(response) {
alert('whoo hoo!!! getLoginStatus called the callback');
});
}
init();
//-->
</script>
If the user is already logged in to Facebook in the same browser session then everything works as expected - returning the populated _response.authResponse_. However, if the user is not logged in to Facebook the callback is not triggered at all. Checking the browsers network log, I see that Facebook returns the following response (request from http://www.facebook.com/dialog/oauth?).
Application Error: There was a problem getting data for the application you requested. The application may not be valid, or there may be a temporary glitch. Please try again later.
I checked this on Chrome and Firefox (Mac).
Update
I would like to thank everyone who responded.
Ben's comment had the answer.
Thanks Ben - you saved me lots of frustration.
The cause is a recent bug which only affects sandbox mode. I switched off sandbox mode, and it worked like a charm.
Try forcing loading the event:
FB.getLoginStatus(function(response) {
alert('whoo hoo!!! getLoginStatus called the callback');
}, true);
It is stated in FB.getLoginStatus.
The event might be not fired in some situations.