When a user clicks on the login with Facebook button on our website, we call:
https://www.facebook.com/dialog/oauth?client_id=xxxxxxx&
redirect_uri=http://xxxxx.com/Account/FBLogin&scope=email,publish_stream
Inside of our FBLogin (string code) method we do two things. First we call:
"https://graph.facebook.com/oauth/access_token?client_id=xxxxxxxxx&
redirect_uri=http://xxxxxx.com/Account/FBLogin&client_secret=xxxxxxxxxxxxx&code=" + code;
Then, if the FaceBook login was successful, we login the user into our site.
What is the equivalent of this workflow in iOS? We basically want to authenticate the user on our servers as part of the Facebook authentication. So when the Facebook authentication returns successfully, our user is also logged into our system.
Many thanks!
If you're using the Facebook iOS SDK, the SSO (single sign on) workflow is more like the Javascript SDK's workflow because the user is presented with what's similar to the JS SDK's popup: either in the form of a UIWebView, Safari Browser, or Facebook app (depending on the user's setup).
One of the most compelling features of the iOS SDK is Single Sign-On
(SSO). SSO lets users sign into your app using their Facebook
identity. If they are already signed into the Facebook iOS app on
their device, they do not have to type a username and password.
Furthermore, you can get permission from users to access their
Facebook profile information and social graph.
SSO primarily works by redirecting users to the Facebook app on their
devices. Since users are already logged into Facebook, they will not
need to enter their username and password to identify themselves. They
will see the Auth Dialog with the permissions that your app has asked
for, and will be redirected to your mobile app with the appropriate
access_token.
Developers should be aware that Facebook SSO will behave slightly
differently depending on what is installed on a user's device. This is
what happens in certain iOS configurations:
If the app is running in a version of iOS that supports multitasking,
and if the device has the Facebook app of version 3.2.3 or greater
installed, the SDK attempts to open the Auth Dialog within the
Facebook app. After the user grants or declines, the Facebook app
redirects back to the calling app, passing the access token,
expiration, and any other parameters the Facebook OAuth server may
return.
If the app is running in a version of iOS that supports multitasking,
but the device doesn't have the Facebook app of version 3.2.3 or
greater installed, the SDK will open the Auth Dialog in the Safari
mobile browser. After the user grants or revokes the authorization,
Safari redirects back to the calling app. Similar to the Facebook app
based authorization, this allows multiple apps to share the same
Facebook user access_token through the Safari cookie.
If the app is running in a version of iOS that does not support
multitasking, the SDK uses the old mechanism of popping up an inline
UIWebView, prompting the user to log in to Facebook and grant access.
The FBSessionDelegate is a callback interface that your app should
implement: The delegate methods will be invoked when the app
successful logs in or logs out. Read the iOS SDK documentation for
more details on this delegate.
... when the user finishes either signing in or not signing in and returns to your app from the "popup", your app has to decide what to do based on whether or not the user logged in/authorized the app (and a valid access token received).
Please read this for more info:
https://developers.facebook.com/docs/mobile/ios/build/#implementsso
Related
I'm writing a hybrid app with Ionic and the workflow I imagine for a perfect facebook integration would be the following:
Scenario of a user logged in facebook with a native app:
Open my app
Touch login with facebook
Be prompted for facebook permissions and approve
Be directed to the desired screen of my hybrid app
Scenario of a user logged in facebook with his mobile browser:
Open my app
Touch login with facebook
Be prompted for facebook permissions and approve
Be directed to the desired screen of my hybrid app
Scenario of a user not logged in facebook (both in the native app and mobile browser):
Open my app
Touch login with facebook
Be prompted for facebook credentials
Be prompted for facebook permissions and approve
Be directed to the desired screen of my hybrid app
Is it possible to achieve as the mechanisms used to save session of a native app and a web app (facebook website) are way different?
How can I know if the native app is installed and once I know how can I use its session to prompt the user for permissions (as the android native apps do)?
Thanks in advance
How can I develop a kiosk mode app which will be used for many different facebook users. Each one could have logout by my app and not by the official facebook app cause they will not have access to the official facebook app.
In response, a facebook employ told me this: https://developers.facebook.com/bugs/696057353756212
any suggestion is welcome.
Basically, if you're building a kiosk app, you don't want to use SSO, since you cannot control who's logged into the Facebook app.
If you're using the LoginButton, it's as easy as doing something like:
loginButton.setLoginBehavior(SessionLoginBehavior.SUPPRESS_SSO);
And when your app exits, just do a closeAndClearTokenInformation() as you've already alluded to.
What SUPPRESS_SSO does is it will only bring up a web dialog for users to log in, and will bypass the Facebook app altogether.
Is it possible to use the Facebook iOS SDK to authenticate within an app (not go to Safari), and also keep those authentication credentials for the next launch of the app?
I have usedFacebook SDK sample code SessionLoginSample to check . It opens the Facebook login account in the safari....I want it to open with-in the app ..
I am not using FBConnect as it is been expired ...How to use it for the Facebook SDK
of
https://github.com/facebook/facebook-ios-sdk ...its sample code
https://github.com/facebook/facebook-ios-sdk/tree/master/samples/SessionLoginSample
this sample code here~~
The Facebook iOS SDK will open within the app provided your user is on iOS 6 and has their Facebook account setup within the device. Otherwise, it will gracefully fallback to the Facebook App (if installed) and then only to Safari. From the SDK Docs:
The native Login Dialog is available after a user has logged into
Facebook on their device. If the device isn't connected to Facebook,
the native Login Dialog isn't available and permission requests will
be made via the fast-app-switch to the Facebook app (if installed) or
Safari. The Facebook SDK methods [...] will seamlessly fallback to
this fast-app-switch behavior.
If your user has neither Facebook configured on their iOS 6 device nor the Facebook app installed and you still want the login to happen within your app, your best alternative might be to pull up a UIWebView pointed to your own server somewhere that carries out a server-side login.
Bear in mind a big disadvantage of a UIWebView-based approach is that your UIWebView does not share cookies with Safari so even if the user is already logged in within Safari they'll still need to re-enter their username and password again in your app. I'd be a little hesitant to do so in a third party app since there's no way to know if they're spoofing the Facebook site and phishing for my credentials.
FBSDKLoginManager *login = [[FBSDKLoginManager alloc] init];
login.loginBehavior = FBSDKLoginBehaviorWeb;
I have integrated Facebook functionality into my applications. By using the link https://github.com/facebook/facebook-ios-sdk, I have integrated the Facebook. In this application, at the time of login, it's opening Safari and at the same time the application is going to the background and then after login again it's coming back to the application. My intention is that this flow can accept the application store or not.
This is the official Facebook iOS SDK and many apps in App Store already use it. So you can use it inside your app.
Also, the flow in your question is exactly what the documentation of the library describes and is, again, used by apps that are already in App Store:
If the device is running in a version of iOS that supports multitasking, but it doesn't have the Facebook app of version 3.2.3 or greater installed, the SDK will open the authorization dialog in Safari. After the user grants or revokes the authorization, Safari redirects back to the calling app. Similar to the Facebook app based authorization, this allows multiple apps to share the same Facebook user access_token through the Safari cookie.
So, yes, there is nothing wrong with this flow.
According to the GitHub,
If the app is running in a version of iOS that supports multitasking, and if the device has the Facebook app of version 3.2.3 or greater installed, the SDK attempts to open the authorization dialog withing the Facebook app. After the user grants or declines the authorization, the Facebook app redirects back to the calling app, passing the authorization token, expiration, and any other parameters the Facebook OAuth server may return.*
My application calls authorize: permissions: delegate: and my application is suspended and Facebook application is launched and authorization is asked. After the user allow or disallow, the Facebook applications stayed on NEWS FEED (not returning to my application).
Questions:
Is it possible to authorize or logged-in and returning to my application?
How can my application check whether the authorization and logged-in is done and no need to re-do again?
I found this.
During single sign-on, the Facebook application isn't redirecting back to my application after a user authorizes it. What's wrong?
Make sure you've edited your application's .plist file properly, so that your applicaition binds to the fb[appId]:// URL scheme (where "[appId]" is your Facebook application ID).
My Application can be switched :)
Thanks all
After struggling for long time finally got a solution for this problem, I dont its correct but its working like charm for my App:
go to developer.facebook.com
Select your app from list (App which app is your are using in URL scheme)
If your app is selected as native app then it will ask for bundle identifiers
provide him bundle identifier by using which you are building your app
if your using wildcard bundle identifier then provide like com.product.abc otherwise provide full bundle identifier.