Alright, strange problem that I'm encountering:
Our website uses Facebook to log in. Currently I'm using HybridAuth to get the user's information - I'm storing the identifier ('app_scoped_user_id' as I've now learned), and using it to check when people try to sign up or login through Facebook.
A few weeks ago, we went through a total rebranding of the site, separate domain entirely. I ended up creating a second Facebook app through their developer console for the new domain, because it wouldn't let me add that domain in the settings of the original one. I wasn't aware that the identifier coming back was within scope of that particular app - hoping that this won't be a major hurdle to fix.
So a problem occurred where a user went to sign up with Facebook, and was logged in as an existing user who had signed up under the old domain - so the app_scoped_user_id for this new user matched the app_scoped_user_id for the old user and signed them in. Clearly an issue.
Now the weird part is that for old users who had signed in through the original app are signing in fine through the new app - definitely sending through the new keys, connecting to the new app, but apparently the app_scoped_user_id being returned is identical between the two apps.
SO... am I not understanding things properly? If the app_scoped_user_id is different between two Facebook apps, is it possible to bring over the used ids from one app to the other?
EDIT******
Problem solved... if anyone else ends up making the same silly mistake I made, this is how I solved it:
Since the info coming back from Facebook includes their e-mail... just checking their e-mail field to see if they already exist, and assigning the new token to that entry. Obviously there could be a few cases where either the user changed their email on Facebook, or changed their email within our app, but our user base isn't too large yet, so glad to set this right now.
Related
I've integrated Facebook's AccountKit as the login system for my app. It has some bugs but usually works fine.
My developer reported a fairly bad experience though recently. He had to restart his computer, thus clearing the sessions, and when he went to re-login to the app via AccountKit, he realized that the same email address he had been using returned a different user_id than the one it had been returning previously. This of course caused a problem in that our backend could not find any account relating to the new Accountkit id.
I've been unable to find much information about this. I'm wondering if this is a bug or a feature! Any further illumination on this subject is greatly appreciated!
Every login will return a different Access Token or Authorization Code as documented here: https://developers.facebook.com/docs/accountkit/accesstokens
If you get the Account ID from the Access Token, it should always be the same for a user entering the same email address. What you're describing sounds like a bug and if you can still reproduce it, you should submit a bug report and someone will look into it. https://developers.facebook.com/bugs/
I'm sure this is something blindingly obvious, but I can't work it out.
I've added an admin and a tester user to my app (and I mean they're real people as opposed to the generated random named user that FB offers) but after a couple of weeks they're still listed as '(pending)' and they're unable to login to the web page that I've written using their Facebook account. OAuth responds with an error:
Sorry, this feature isn't available right now: An error occurred while processing this request. Please try again later.
I appear to be able to login just fine and can test the [currently] limited functions.
Our web page is right at the beginning of development but it's now at the stage where I'd like real people to mess around on the page and give me feedback.
The two users haven't received any messages - I sort of expected they'd get something in their inbox asking to confirm their role with the app.
So how do I go about getting real people to be test users? Have I missed the point of the test user role?
As of this writing (things change), have the Facebook user go to https://developers.facebook.com/requests/
They will need to be logged in to Facebook.
There should be listed one or more pending requests that they will need to confirm. If the Confirm button(s) is disabled, they may need to register as a Facebook Developer before the Confirm buttons are enabled.
I have Facebook's SSO working properly in my iPhone app and most of my users have not been experiencing any issues. However, a small number of them have been reporting errors with Facebook Connect and not being able to create an account. After an email exchange with one, we determined that the app permission toggle under Settings->Facebook was somehow set to disallow my app from using Facebook.
I have since added an error message telling the user this might be the case but my question is how did this switch get toggled in the first place? It would seem that a user would have to manually toggle this switch, right? I also looked for an API method that might do this e.g. rejecting Facebook SSO the first time a user saw the dialog asking for permission; I could not find any such code.
Any ideas? I'm hoping this problem will solve itself with the error dialog I've put in but if possible, I'd like to remove this issue altogether.
As far as I know, using the native dialog with iOS6 and rejecting the permissions request (the first one, at least, not sure about requests which are asking an existing user for more permissions) will toggle that switch
If you need to debug, try uninstalling the app from your facebook profile (a HTTP DELETE request to /<USER ID>/permissions will do this, or you can do it in the facebook app settings), remove the iOS app, then install it and try to connect for 'the first time' again
We have a browser based game which uses Facebook Connect through an AppID that we used to run the same game in a canvas until Fb Credits were introduced and we were forced to shut it down. Now, we only use the App the same way as a product page with the FbConnect integration on our own site.
Today's mail states for our case:
If your Connect app is accessing user connections or asking for additional permissions beyond age, email, and our Publishing Permissions, please remove these requests.
(This refers to this policy change: https://developers.facebook.com/blog/post/2012/09/05/platform-updates--operation-developer-love/)
We are using oauth FbConnect with scope=email,user_birthday. This is exactly what was specified in an earlier mail so it should be ok.
Once the user is authenticated, we simply call
https://graph.facebook.com/me?access_token=...
and read what comes there.
Is it possible, that we are not allowed to call the GraphAPI's me anymore? It contains info like gender, location and locale...
The Oauth data contains the fbuid, first/lastname and the email, but it does not contain the age, what we are supposed to be allowed to ask?
Do I have to call https://graph.facebook.com/me?fields=birthday explicitly?
Did anyone actually succeed in getting an "desktop web game hosted primarily off Facebook" to comply with their new policy without creating a new AppID?
Note: There have been a couple of questions about the "Sep 5th policy change" like Facebook: Notice of Violation this one and many previous closed as duplicates, but none I found so far contains questions or answers on a technical level.
Maybe you could skip the "Website with Facebook Login" part in developer settings and only provide your game directly via canvas. (eg. apps.facebook.com/logogame). that's what "on facebook.com" is all about, I guess.
I'm using the official FBConnect library for iOS and trying to get it working in my iPad app. Here's what's strange: when my friend logs in using the call to authorize:permissions:delegate, everything works fine: the dialog asks for his authorization to connect to Facebook, the fbDidLogin delegate method gets called, all is well.
However, when I try to login, the dialog never changes. The keyboard is dismissed, the password field is cleared and it just sits there. The issue is the same in both the simulator and on the device.
Here are the things I've checked and triple checked:
My login name and password are correct. If I do put in the wrong password, an "invalid username/password" message appears, and that isn't happening.
The application is not in sandbox mode.
The Application ID is correct (my friend can login without problems).
Some additional information:
Original application was created by my friend.
I created a second FB app and put in the new Application ID
My friend can login with the new Application ID
I can log in to neither.
This appears to suggest that there is something different about my friend's account, rather than the app itself.
We've been banging our heads together on this for a couple of days now. What could be causing this behaviour? Why isn't an error being generated?
Edit: It seems there are a lot of people affected by this, so in the interest of trying to find an answer, I've added a bounty.
There appears to be a server-side problem with Facebook logins as noted here:
http://github.com/facebook/facebook-ios-sdk/issues#issue/95
People have said that if they change their password on Facebook they are subsequently able to log in using the Facebook-iOS-SDK downloaded from github. Obviously that is a poor long-term solution and would be unacceptable in an app released through the App Store. On the bright side, there seem to be reports of similar login problems logging in from apps on other platforms as well.
Update: Facebook has a bug filed on this subject that can be viewed here:
http://bugs.developers.facebook.net/show_bug.cgi?id=13199