Problem:
I run the sample iOS SDK code for facebook connect. When Facebook app is not installed, the sample app authenticates through Safari just fine and the sample app is able to post successfully.
When native Facebook app is installed, the sample app causes the Facebook app to be launched for authentication which shows a page that is requesting login for the demo app. When I press the login, it brings up another window that has the allow/"don't allow" options. So far so good. The problem is that if I logout from within the sample app (i.e., [_facebook logout:self]) and try to login again, pressing the "login" button in the Facebook app does nothing (it's supposed to take you to the allow/"do not allow" page).
I have specified the App-ID in the sample app and I have included the fb[app-id] (e.g., fb1234) in the plist under 'URL Types' (otherwise, the Safari authentication would not have worked either).
Any help is appreciated.
It does not take you again to the "allow/don't allow" page because the user already gave permission to the app. The only way the page can show again is when the user revoke the access from the Facebook admin panel. I'm not sure if there's a part of the API that can actually revoke the access of the app from the iOS SDK.
Related
This is to document and share the solution to a problem I faced, hopefully it's of benefit to others as well.
Problem:
Using the Facebook iOS SDK to perform a Facebook login from my iOS app, it returns to my app immediately from the Facebook app without showing any login screen or dialog box if the user has already granted the requested permissions previously and logged out after that. This behavior is the same whether the login is via the Facebook iOS app or through a webview within the app itself.
This can be a problem especially if your app is trying to support multiple Facebook users, as users may not have already logged in to the correct account in the Facebook app beforehand. By returning to our app immediately without explicitly showing the Facebook account used, users will login with the current account used in Facebook, which could be the wrong account.
This behavior occurs when the "iOS Bundle ID" has been set in the app settings in Facebook https://developers.facebook.com/apps
This is also mentioned in Pro-tip 3 (which I believe was just recently added) of the Facebook Login doc.
In order to avoid this behavior, the "iOS Bundle ID" field needs to be blanked out. And from recent experience, this may involve deleting and creating the whole "Native iOS App" section again, as simply deleting the "iOS Bundle ID" and saving the changes does not appear to have any effect.
When a user clicks on the login with Facebook button on our website, we call:
https://www.facebook.com/dialog/oauth?client_id=xxxxxxx&
redirect_uri=http://xxxxx.com/Account/FBLogin&scope=email,publish_stream
Inside of our FBLogin (string code) method we do two things. First we call:
"https://graph.facebook.com/oauth/access_token?client_id=xxxxxxxxx&
redirect_uri=http://xxxxxx.com/Account/FBLogin&client_secret=xxxxxxxxxxxxx&code=" + code;
Then, if the FaceBook login was successful, we login the user into our site.
What is the equivalent of this workflow in iOS? We basically want to authenticate the user on our servers as part of the Facebook authentication. So when the Facebook authentication returns successfully, our user is also logged into our system.
Many thanks!
If you're using the Facebook iOS SDK, the SSO (single sign on) workflow is more like the Javascript SDK's workflow because the user is presented with what's similar to the JS SDK's popup: either in the form of a UIWebView, Safari Browser, or Facebook app (depending on the user's setup).
One of the most compelling features of the iOS SDK is Single Sign-On
(SSO). SSO lets users sign into your app using their Facebook
identity. If they are already signed into the Facebook iOS app on
their device, they do not have to type a username and password.
Furthermore, you can get permission from users to access their
Facebook profile information and social graph.
SSO primarily works by redirecting users to the Facebook app on their
devices. Since users are already logged into Facebook, they will not
need to enter their username and password to identify themselves. They
will see the Auth Dialog with the permissions that your app has asked
for, and will be redirected to your mobile app with the appropriate
access_token.
Developers should be aware that Facebook SSO will behave slightly
differently depending on what is installed on a user's device. This is
what happens in certain iOS configurations:
If the app is running in a version of iOS that supports multitasking,
and if the device has the Facebook app of version 3.2.3 or greater
installed, the SDK attempts to open the Auth Dialog within the
Facebook app. After the user grants or declines, the Facebook app
redirects back to the calling app, passing the access token,
expiration, and any other parameters the Facebook OAuth server may
return.
If the app is running in a version of iOS that supports multitasking,
but the device doesn't have the Facebook app of version 3.2.3 or
greater installed, the SDK will open the Auth Dialog in the Safari
mobile browser. After the user grants or revokes the authorization,
Safari redirects back to the calling app. Similar to the Facebook app
based authorization, this allows multiple apps to share the same
Facebook user access_token through the Safari cookie.
If the app is running in a version of iOS that does not support
multitasking, the SDK uses the old mechanism of popping up an inline
UIWebView, prompting the user to log in to Facebook and grant access.
The FBSessionDelegate is a callback interface that your app should
implement: The delegate methods will be invoked when the app
successful logs in or logs out. Read the iOS SDK documentation for
more details on this delegate.
... when the user finishes either signing in or not signing in and returns to your app from the "popup", your app has to decide what to do based on whether or not the user logged in/authorized the app (and a valid access token received).
Please read this for more info:
https://developers.facebook.com/docs/mobile/ios/build/#implementsso
After downloading my app from app store (or via OTA) and trying to share via FBConnect SDK, the mobile app is launched but returns almost immediately to the app with error -999, without asking user for authorizations.
After that, clicking on FB share button reopens the mobile app and all goes well, authorizations are asked, my app is called back and display the FB dialog.
That issue only happens once : if I uninstall/reinstall the app and remove the FBapp authorizations from my FB account, all goes well.
I already specified the BundleID/iTunes App ID in the "Native iOS App" menu, and use the last FacebookConnect SDK.
Anyone experienced the same issue ?
I am following the guide exactly to integrate with Facebook. A weird issue that i run into is that, if I,
uninstall the facebook app in iphone
OR change the facebook.m implementaion to disable facebook app like
[self authorizeWithFBAppAuth:NO safariAuth:YES];
The authorize method works well in safari and get back the auth token in the url
However, if I am not doing the above 2, it will switch to facebook app, and after it says 'loading...' for a second, it gets back to me an url saying user denied. (fbxxxxxxxxxxxxx://authorize#error_reason=user%5Fdenied&error=access%5Fdenied&error_description=The%2Buser%2Bdenied%2Byour%2Brequest%2E%3F%5F)
Why it behaves so differently in the native app and browser? Is it a bug in FB iPhone app? I am using the same app and same user to test.
double check your iOS Bundle ID in facebook app setting, it has to be exact same as what you define in app.
I have an iPhone app using facebook connection using FBConnect from github code.
It worked fine in the simulator, however when I installed it in the device with existing facebook app from facebook it didn't work. It opens the existing facebook app instead of returning to my own app.
How to avoid this kind of conflict using FBConnect for facebook connection with existing facebook app?
FYI, facebook app screen says "You have already authorized MagLetters. Press "Okay" to continue." however when I click "Okay" it will bring me facebook app's default page not to my app.
I would check the following:
Are you running the latest Facebook App?
Did you setup the URL Schemes in your plist file?
Are you overriding the application:handleOpenURL: method?