Sharekit for Facebook (Graph API version) logout method not fully logging out or deauthorizing user_问答_开发者

I am using Sharekit for Facebook sharing with the Facebook Graph API. I have tried to find the latest, most up to date code (troppoli on github seems pretty up-to-date).

Using sharekit to log out of Twitter works fine with the line: [SHK logoutOfService:@"SHKTwitter"]; but the same line for Facebook, [SHK logoutOfService:@"SHKFacebook"], yields different results.

When I go to log back in, the login screen does not show. Instead, a screen with the text: "You have already authorized ... Press okay to continue." Then at the bottom of the screen, "Logged in as ..." and "Log out" . But the user is supposedly already logged o开发者_如何学运维ut.

Even worse, if I press the "Okay" button to continue on, I get the error: "The operation couldn't be completed. (NSURLErrorDomain error -999.)

I think I may need to tweak ShareKit to make this work but I hate to do that. Has anyone else come across this?

You need to make sure you set up the URL scheme in your info.plist properly. In your info.plist, make sure you have your CFBundleURLTypes set up for Facebook:

<key>CFBundleURLTypes</key>
<array>
    <dict>
        <key>CFBundleURLName</key>
        <string></string>
        <key>CFBundleURLSchemes</key>
        <array>
            <string>fb{app_id}</string>
        </array>
    </dict>
</array>

Replace {app_id} with your facebook app id.

You also need to add a handler in your app delegate to respond to the callback after the user has authenticated through Mobile Safari:

-(BOOL)application:(UIApplication *)application handleOpenURL:(NSURL *)url{
    return [SHKFacebook handleOpenURL:url];
}

-(BOOL)application:(UIApplication *)application openURL:(NSURL *)url sourceApplication:(NSString *)sourceApplication 
         annotation:(id)annotation{
    return [SHKFacebook handleOpenURL:url];
}

These changes fixed this issue for me.

I'm pretty sure this has something to do with the new Facebook Single-Sign-On (SSO). If the user has Facebook version 3.2.3 or greater installed, or if Safari is on the device (or simulator), authorization now takes place OUTSIDE of the app. Will post more as I find it.

EDIT: Apart from the NSURL error, it seems that this is the expected behavior with the new Facebook SSO. Users are supposed to remain in a pseudo-logged in/logged out state after 'logging out' of your app, in case they are logged into another app, etc. - it's all connected now. To really log out of facebook (to say, log in as someone else, etc.) it seems that the user needs to click the logout link on the authorization webview that shows when they are "logged out" of facebook in your app. I could be wrong but I'm pretty sure about this.

Apart from the above, I did find a way to get rid of the NSURL error and this makes things a lot better, and much more palatable. See How Do I Fix NSURLErrorDomain Error -999 in iPhone.

For more on the new Facebook SSO:

Excerpt from Facebook iOS Tutorial (see especially last paragraph):

Step 3: Implementing Single Sign-On (SSO)

One of the most compelling features of the iOS SDK is Single-Sign-On (SSO). SSO lets users sign into your app using their Facebook identity. If they are already signed into the Facebook iOS app on their device they do not have to even type a username and password. Further, because they are signing to your app with their Facebook identity, you can get permission from the user to access to their profile information and social graph.

SSO primarily works by redirecting the user to the Facebook app on her device. Since the user is already logged into Facebook, they will not need to enter their username and password to identify themselves. They will see the auth dialog with the permissions that your app has asked for and if they allow then they will be redirected to your app with the appropriate access_token.

Developers should be aware that Facebook SSO will behave slightly different depending on what is installed on the user's device. This is what happens in certain configurations:

If the app is running in a version of iOS that supports multitasking, and if the device has the Facebook app of version 3.2.3 or greater installed, the SDK attempts to open the authorization dialog within the Facebook app. After the user grants or declines the authorization, the Facebook app redirects back to the calling app, passing the authorization token, expiration, and any other parameters the Facebook OAuth server may return.

If the device is running in a version of iOS that supports multitasking, but it doesn't have the Facebook app of version 3.2.3 or greater installed, the SDK will open the authorization dialog in Safari. After the user grants or revokes the authorization, Safari redirects back to the calling app. Similar to the Facebook app based authorization, this allows multiple apps to share the same Facebook user access_token through the Safari cookie.

If the app is running a version of iOS that does not support multitasking, the SDK uses the old mechanism of popping up an inline UIWebView, prompting the user to log in and grant access. The FBSessionDelegate is a callback interface that your app should implement: The delegate's methods will be invoked when the app successful logs in or logs out. Read the iOS SDK documentation for more details on this delegate.

...

When the user wants to stop using Facebook integration with your app, you can call the logout method to clear the app state and make a server request to invalidate the current access_token.

[facebook logout:self]; You may implement the fbDidLogout method of the FBSessionDelegate protocol to handle any post-logout actions you wish to take.

Note that logging out will not revoke your application's permissions, but will simply clear your application's access_token. If a user that has previously logged out of your app returns, they will simply see a notification that they are logging into your app, not a notification to grant permissions. To modify or revoke an application's permissions, the user can visit the "Applications, Games, and Websites" tab of their Facebook privacy settings dashboard. You can also revoke an app's permissions programmatically using a Graph API call.