24

Friends I want to integrate Facebook in my App, so that I am download new Facebook SDK v.4.1.0, for Facebook login button use the class of FBSDKLoginButton as below code in Swift.

if (FBSDKAccessToken.currentAccessToken() != nil)
{
    // User is already logged in, do work such as go to next view controller.

    // Or Show Logout Button
    let loginView : FBSDKLoginButton = FBSDKLoginButton()
    self.view.addSubview(loginView)
    loginView.center = self.view.center
    loginView.readPermissions = ["public_profile", "email", "user_friends"]
    loginView.delegate = self
    self.returnUserData()
}
else
{
    let loginView : FBSDKLoginButton = FBSDKLoginButton()
    self.loginButtonDidLogOut(loginView)
    self.view.addSubview(loginView)
    loginView.center = self.view.center
    loginView.readPermissions = ["public_profile", "email", "user_friends"]
    loginView.delegate = self
 }
}

As above code there is display "Log in with Facebook" button.

enter image description here

After Successfully login thare is display logout button. when I click on logout button then its delegate is called - delegate class FBSDKLoginButtonDelegate

Delegate method of logout : 

func loginButtonDidLogOut(loginButton: FBSDKLoginButton!) {
    println("User Logged Out")

    FBSDKAccessToken.setCurrentAccessToken(nil)
    FBSDKProfile.setCurrentProfile(nil)

    let manager = FBSDKLoginManager()
    manager.logOut()

}

in delegate I am clear token and also called function of logout inside class of FBSDKLoginManager. But each time get authorized screen of user. Not get Login screen so that another user can't login with facebook. each time I have to clear browser history.

without clear browser history, There is not display login page so that another user can't login.

Qusetion : Facebook BUG

Each time display screen after logout :

enter image description here

Kirit Modi
  • 23,155
  • 15
  • 89
  • 112
  • i am facing the same problem....also to get the age range? – LC 웃 May 07 '15 at 05:45
  • 1
    I missed the part that you want to be able for the other user to log in (you might want to emphasize that). This is not related to 4.1, it has been so at least in 3.x. One should log out also from Facebook app (the app itself, not your app). Check [here](http://stackoverflow.com/a/15613171/653513). – Rok Jarc May 07 '15 at 06:34
  • 1
    @rokjarc yeah thats true..but what if we want user to forcefully login with new credentials – LC 웃 May 07 '15 at 06:46

2 Answers2

35

I am also stuck in the same place. However surfing i came to following conclusion.

First lets know the meaning of SingleSignOn:

Single sign-on (SSO) is a property of access control of multiple related, but independent software systems. With this property a user logs in once and gains access to all systems without being prompted to log in again at each of them.

i think theres some point.Why, we are not asked again to login although we have logged out? Its because on simulator the credential has been saved on safari(on the first time using facebook login, your app opens safari or facebook app if installed).

The information that allows you to see the 'you have already authorized...' message lies with Facebook.In order to revoke permissions from your app, you will need to touch the Graph API. FB docs, in the 'Delete' section of https://developers.facebook.com/docs/reference/api/user/

Revoking Login

You can also let people completely de-authorize an app, or revoke login, by making a call to this Graph API endpoint: DELETE /{user-id}/permissions

e.g in swift: 

 let deletepermission = FBSDKGraphRequest(graphPath: "me/permissions/", parameters: nil, HTTPMethod: "DELETE")
        deletepermission.startWithCompletionHandler({(connection,result,error)-> Void in            
            println("the delete permission is \(result)")

        })

But in order to logout from the app completely so that user will be prompted to re-enter credentials,see below:

You have to logout from facebook app , then only you are truly logged out and then only the app again asks for credentials.It's because you are not logged anywhere on the phone.So,SSO rule doesnot apply here. If you are logging out only from your app (not the fb one) you will get logged because of logged in from safari in your case.Thats why, you will get the same message showing you are already authorized for this app.

Try testing on simulator, while you insert the credentials for the first time then safari opens and the credentials you enter saves in safari. So,next time when you logout and login app it doesnot ask for credentials.Because safari provides it(or facebook app if you have entered your credential there)

Now you open safari and open facebook. You see facebook has already open and the info it takes from the safari automatically or if you have facebook app installed then from there. So logout from safari and reopen your app and logout from the app.Then your app will ask again credentials.

LC 웃
  • 18,888
  • 9
  • 57
  • 72
  • the same that you asked before. e.g self.fbLoginView.readPermissions = ["public_profile", "email", "user_friends","user_likes"] – LC 웃 May 07 '15 at 07:40
  • got An Error : Unknown path components: /108411252823523 – Kirit Modi May 07 '15 at 07:47
  • now i found out the answer to your question..see the updated answer – LC 웃 May 07 '15 at 08:52
  • 4
    Yes, + 1 vote but not ask login again, have to clear data of Safari broswer. – Kirit Modi May 07 '15 at 09:06
  • yeah..thats why facebook introduced updated SSO feature where user should not put each time the credentials instead take from the app it opened. If you want another login just logout from the previous one, from where you logged in – LC 웃 May 07 '15 at 09:08
  • i tried it and got **the delete permission is nil** – Ganesh Kumar Jan 08 '16 at 06:01
  • No idea about that – LC 웃 Jul 27 '16 at 09:16
  • 1
    So, is it not possible to logout a user and then ask for re enter the facebook credentials ? What if i want to login with a different user ? I've to log out from saffari and then open my own app ? – Santiago Carmona González Jul 28 '16 at 20:51
  • it's important to note that revoking permissions using the above graph call needs from you to submit this api call for Facebook review before submitting the app to App Store, the review process may take 2 weeks before approval from Facebook. – JAHelia Aug 22 '16 at 04:41
7

This answer helped me determine the root cause issue. The 2 keys are SSO and Safari. Facebook poorly documents the Facebook Login process. I had to turn off SSO. This is on the Facebook Developer site, where your app is registered, under Settings. But more importantly is I had to change the behavior of the FBLoginManager to use UIWebView and not Safari. I did this with the following snippet:

FBSDKLoginManager *loginMgr = [[FBSDKLoginManager alloc] init];
loginMgr.loginBehavior = FBSDKLoginBehaviorWeb;

If you use the default behaviors it will manage logouts through the Facebook App or the browser Safari, and not directly from the App. The FBSDKLoginBehaviorWeb is to use iOS UIWebView in a popup. This works perfectly, and credentials are required each time after a logout.

user589642
  • 396
  • 3
  • 5
  • 1
    I've been down this track and I eventually came to suggestions to use FBSDKLoginBehaviorWeb but there's a problem with it. See SO 48755910 for more details. Basically, FB Policy now forbids use of FBSDKLoginBehaviorWeb in iOS unless you App is a Kiosk App. I'm still looking for a legal and works easily work-around for how to log one FB user out and another one in on an iOS App. – Gallymon Feb 13 '18 at 01:11
  • Any updates on this? Is there a real way to logout the facebook user from SFSafari on app? – Mohamed Haseel May 30 '18 at 08:03