Came into the office today to do some more work on my nearly completed Facebook Connect website application.
And i have discovered for some reason, the "onlogin" event of the fb:login button FBML control is no longer getting fired!!?!
To anyone else that has a Facebook Connect FBML app (and using the JavaScript API for authentication), i would advise you test your application to make sure it's still working.
A friend of mine's app (which is live) has also stopped working as of today.
What's happening is you click on the "Connect to Facebook" button, it shows the FB login dialog, you log in.
Yes, they are being logged in to Facebook correctly (thankfully), but the "onlogin" callback event is not getting fired anymore, so the page just sits there (where before the "onlogin" event would redirect to the homepage, for example).
Of course if you refresh, you are logged into Facebook.
Seriously, WTF - what have those developers at Facebook done now?!?!.
Any ideas? Has anyone read any updates/threads on this issue?
UPDATE:
8 hours and still no fix in place. I've tried to do some workarounds (there is also an onclick event of the FBML Login Button), but it's all too early in the authentication cycle.
We need to be able to hook into a post-login callback to do things like redirects, permission popups, authentication logic, etc.
Nothing we can do without Facebook fixing this.
I just hope when i come in the office tomorrow this will be 'magically' fixed, much like this issue 'magically' appeared.
Well judging by the comments here i'm not alone. It's obvious at this point that Facebook have made a change somewhere, without telling us.
I just hope they rectify this issue ASAP as there is no workaround i can see for this.
UPDATE 2
Yep - (drum roll), its yet ANOTHER bug from that team of world-class developers at Facebook: (thanks Anon for finding link) http://bugs.developers.facebook.com/show_bug.cgi?id=11733
I love it how the comment from the FB guy Marc says "Only seems to be happening on old Facebook Javascript SDK", well, enable us to do server-side authentication with your Graph API (instead of just for retrieving user details/posting), and we wont have to use the old JavaScript API!
Fun and games.
FINAL UPDATE
Facebook have (seemingly) fixed this.
Let's hope it stays fixed.
Given the 'correct' answer to Anon (as he found the link).
Please confirm and vote on this bug... this should be fixed asap!!
http://bugs.developers.facebook.com/show_bug.cgi?id=11733
if in FB.getLoginStatus you are passing second parameter as true, pls make it to false.
I resolved callback issue using this trick.
Thx
This is a bug and they are about to fix it
Related
I am trying to build a Facebook/Twitter application that allows the user to take a picture at a trade show for example. Then enter their facebook or twitter credentials and a comment and have it post to there site. I have messed around with the facebook side of things and can get it to work but logging the user out doesn't work as I thought.
The cookies are stored in Safari, this is fine but of course my app cannot get them.
Each time the user is done posting it needs to correctly log them off so the next user doesn't just relog back in as the prior user because of the cookies in safari. This almost needs to be a Kiosk like app.
I have been looking at this topic for about a week and all the old examples are relevant to the old FacebookSDK. I have looked at the examples provided by Facebook to no avail. Any help or pointers would be GREATLY appreciated. I
UPDATE:
I was looking into something like UIWebView to display facebook and then the cookies would be available to be deleted... Has anyone done this recently? I found some old examples but they do not work.
Update: I might have this working I am stuck on something else now but will post the answer to this question as soon as I finish! Should be next day or so.
I am working on implementing sharing an image via Twitter in my application and I have come across this page.
When I run my app in my simulator I can no longer log into Twitter. I get a page stating that "This page is no longer valid. It looks like someone already used the token information you provided."
I have gone to Twitter and to the Applications page and removed this application to try again. I still get this warning page though.
When I try to run the app on my device it crashes when I tap the Twitter Button.
Has anyone found a solution to this?
Or if someone could point me to a solid Twitter/TwitPic reference tutorial that actually works that would be great as well.
Check these sample twitter apps source codes, will lead you for smooth implementation,
https://github.com/bengottlieb/Twitter-OAuth-iPhone
https://github.com/luciuskwok/HelTweetica
https://github.com/takuma104/ntlniph
http://code.google.com/p/tweetero/
http://jaanus.com/post/1451098350/an-example-iphone-twitter-app
I got this problem.
Woah there!
This page is no longer valid. It looks like someone already used the
token information you provided. Please return to the site that sent
you to this page and try again. It was probably an honest mistake.
Turns out the fix for this was simple although it took some hunting down!
The date/time on the server running the app had somehow become a day behind.
Twitter checks the time sync when using the API, and if the client doesn’t have the correct time, it’ll report the above error.
Maybe you've got some loop or a method that is being called twice?
I have Twitter integrated into my application, with the help of Sharekit. Everything works pretty well except, if the user happens to tap on the "Sign Up" link on the Login/allow page, it goes to a non-sign up error page. Either a "Sorry that page doesn't exist" or "Hold up! Sorry the profile you were trying to view was suspended due to strange activity."
The account I'm using is working as far as logging in, posting etc. But that link seems to go off into space. Also if I click on the "Twitter Gear"/Application Icon the dialog (web view with the Twitter OAuth Authorize page loaded) just closes.
I can't find anything about how to configure stuff like this and everything else seemed to work pretty easily. The closest reference I could find was,this link Twitter API Issue 1045
Thanks in Advance for any help
Update:
I've been checking a few other apps with Twitter support. Most of the ones I've checked (TUAW,Joystiq,TFLN) seem to have rolled their own Twitter Login Page (using XAuth I assume) the one I found that uses the Twitter OAuth page (Shazam) actually takes you to mobile Safari and it exhibits the same behavior. Maybe I need to roll my own login?
I suggest you go into the ShareKit class files, go to the two .m files that have "twitter authorization" (im not sure which of the two it is, a simple search on xcode should find it) and change the invalid url that it is being sent to to this URL: https://mobile.twitter.com/signup
That should fix your problem!
I suggest using a packet sniffer on your device to determine the exact URL being called when you click the "Sign Up" link. There are plenty of ways to do this, but it is easier on jailbroken phones. Armed with the URL, you can see if it is potentially something you are doing wrong or indeed a twitter bug.
Try Jan Rain it makes it easy to integrate this functionality without errors.
http://www.janrain.com/products/engage/mobile
Here is a ShareKit folk I am using: https://github.com/baotuo/ShareKit
It looks do not have your issues and have much more improvement. You should give it a try.
When you implement twitter integration, you should not use the library which you used in older projects but download new twitter library. I had some problems with twitter oauth when I used older library. But after download and use new library, the issue was fixed.
I'm using the official FBConnect library for iOS and trying to get it working in my iPad app. Here's what's strange: when my friend logs in using the call to authorize:permissions:delegate, everything works fine: the dialog asks for his authorization to connect to Facebook, the fbDidLogin delegate method gets called, all is well.
However, when I try to login, the dialog never changes. The keyboard is dismissed, the password field is cleared and it just sits there. The issue is the same in both the simulator and on the device.
Here are the things I've checked and triple checked:
My login name and password are correct. If I do put in the wrong password, an "invalid username/password" message appears, and that isn't happening.
The application is not in sandbox mode.
The Application ID is correct (my friend can login without problems).
Some additional information:
Original application was created by my friend.
I created a second FB app and put in the new Application ID
My friend can login with the new Application ID
I can log in to neither.
This appears to suggest that there is something different about my friend's account, rather than the app itself.
We've been banging our heads together on this for a couple of days now. What could be causing this behaviour? Why isn't an error being generated?
Edit: It seems there are a lot of people affected by this, so in the interest of trying to find an answer, I've added a bounty.
There appears to be a server-side problem with Facebook logins as noted here:
http://github.com/facebook/facebook-ios-sdk/issues#issue/95
People have said that if they change their password on Facebook they are subsequently able to log in using the Facebook-iOS-SDK downloaded from github. Obviously that is a poor long-term solution and would be unacceptable in an app released through the App Store. On the bright side, there seem to be reports of similar login problems logging in from apps on other platforms as well.
Update: Facebook has a bug filed on this subject that can be viewed here:
http://bugs.developers.facebook.net/show_bug.cgi?id=13199
Well on Facebook they seem to have a block which prevents you from loading an iframe of their website.
When you do, they lock complete functionality of their website example.
I'm just wondering if anyone knows how you could bypass this?
If they did not prevent this, an attacker could load Facebook pages into an transparent iframe and put something interesting below it. Lets asume a victim has logged in to facebook and then visits the website of the attacker (after some time, in another tab).
The victim will click on something on the attacker's website. But in fact it is clicking onto the transparent iframe and triggering some action on the facebook website. The browser will of course sent the session cookie to Facebook and Facebook sees a legitimate action by an logged in user.
Wikipedia has an article on Clickjacking: http://en.wikipedia.org/wiki/Clickjacking
This attack can be prevented using the unofficial X-Frame-Option http header as described on
http://www.webmasterworld.com/webmaster/4022867.htm Unfortunately not all browsers support it, so a frame breaking java script is required, too.
If you can do that, facebook faces a serious security threat.
I say forget it, even if a method is found, facebook would soon block it, and the method will fail then.
Unless, you are doing something naughty and you only need something that works now.