I've set up facebook authentication on Expo 35 as described here:
https://docs.expo.io/versions/v35.0.0/sdk/facebook/
I can authenticate in both expo and standalone ios apps.
The problem is that instead of opening the facebook app,
it shows a browser window as an overlay: screenshot, screenshot
I'm not logged in to facebook in the browser. The browser prompts to open facebook app. Screenshot
Facebook app prompts to authorize access, as expected. Screenshot
But when I authorize access using the facebook app, I return back to the browser overlay, where I'm still not authenticated. Screenshot
I can manually enter my facebook creds in the browser overlay and then I'll get authenticated correctly, but this is hardly called a user-friendly experience.
How do I make my app open Facebook app directly or, at least, how do I make the facebook app authorize the browser overlay?
According to this [1] post the Facebook app login feature is now deprecated due to Apple restriction policy. Only web one will stay.
On iOS FB SDK change log [2] many login related APIs are deprecated by version 5.0.0 of the SDK and version 5.5.0 has note:
Replaced UIWebView with WKWebView as Apple will stop accepting submissions of apps that use UIWebView APIs
which implies the cause to be an Apple policy.
Source:
[1] https://forums.expo.io/t/sdk35-ios-facebook-login-doesnt-open-app/28567/3
[2] https://github.com/facebook/facebook-ios-sdk/blob/master/CHANGELOG.md
Related
Issue
When we try to log in with developer or testers accounts on iOS, we get the error Unsupported Request. Our app was disabled because the tester could not login due to this error.
Scenario
It works on android
We noted that while the app was in review (activated) users successfully logged in using facebook in iOS devices. That makes us believe this is a problem only with developer and testers accounts
We also noted that when we try login with a tester account an openid item is added to the permissions granted. Before this permission is added we manage to login on web, after this token is added we get the same error on web (Unsupported request)
We already filed a bug report to Facebook and we're waiting for a response.
We're using the react-native-fbsdk-next module and this issue has some more info. We're now trying the approach suggested on this comment
Have anybody managed to solve this? It really looks like a Facebook Bug.
Edit (2021-11-24)
The approach mentioned here works partially: works when logging in through Safari but does not work when Safari is not logged in and the app is used.
We're still waiting for Facebook's response
Facebook SDK versions behavior summary
v7.0.1 (react-native-fbsdk: 2.0.0):
Works when using Safari
Does not work when using FB App
v9.0.1 (react-native-fbsdk-next: 4.2.0):
Does not work both through Safari and FB app
v12.1.0 (react-native-fbsdk-next: 6.1.1):
Does not work both through Safari and FB app
Edit (2021-11-25)
We removed Facebook integration for the iOS app because we could not keep going without Facebook login for Android users. The app was reactivated and, after that, we generated a new production build and it's working as it should
We're still waiting for Facebook's response
I'm an Android programmer and I hired someone to write an iOS version of a Facebook app I wrote. A dispute came up regarding the login process on both platforms. In the Android app, when I log in to the app the first time, I see a screen from Facebook prompting me to continue, but after the first time, I don't see the screen; I just go directly to the app. He claims that under iOS, we can never bypass the Continue screen: it always displays. In his words,
"Tip: In order to clear the login token totally you need to logout from Facebook in safari browser as well since we can't clear that token of safari browser programmatically. it is not permitted on iOS."
Is this true?
EDIT: Here's what my developer replied:
"I didn't explicitly set the login behavior. it should be selected as default value."
and
"The Facebook SDK automatically selects the optimal login dialog flow based on the account settings and capabilities of a person's device. This is the default sequence that the Facebook SDK implements:
Facebook App Native Login Dialog
Facebook App Web Login Dialog
Mobile Safari Login Dialog
If the Facebook account is not set up, the Facebook SDK checks to see if the Facebook app is installed on the device. If the Facebook app is installed, the Facebook app native login dialog is presented if it's supported. If the Facebook app native login dialog can't be displayed because there's an old version of the app, the Facebook app web login dialog is presented. If the Facebook app isn't installed, mobile Safari is launched to display the Mobile Safari login dialog." I'm not clear on how all this is relevant to the issue, though.
I want to know what the expected behaviour of Facebook login integrated in an iPhone app is, when a user is already logged into Facebook on the device through Facebook app, and the app is granted the required permissions in the previous login. I want to know if the app exits and starts again, should it still switch to Facebook app/website to check the permissions or should it silently log the user in without getting out of the app? Currently, my app switches to Facebook, detects that the user has already granted access, asks for an Ok or Cancel and comes back to the app. I wan to know if this behaviour is expected, because it seems it's doing nothing but unnecessary switching. I have asked this question in another form and I have included my code. Here's the link: http://bit.ly/1E1u2VI
Thank you!
It silently log the user in without getting out of the app. For that you can check the current user's permissions.
This might help you:
Controlling Login dialogs
The Facebook SDK automatically selects the optimal login dialog flow based on the account settings and capabilities of a person's device. This is the default sequence that the Facebook SDK implements:
Facebook App Native Login Dialog
Facebook App Web Login Dialog
Mobile Safari Login Dialog
If the Facebook account is not set up, the Facebook SDK checks to see if the Facebook app is installed on the device. If the Facebook app is installed, the Facebook app native login dialog is presented if it's supported. If the Facebook app native login dialog can't be displayed because there's an old version of the app, the Facebook app web login dialog is presented. If the Facebook app isn't installed, mobile Safari is launched to display the Mobile Safari login dialog.
Here are the screenshots of code
I have checked the login process using safari browser it's work for me. [FBSDKAccessToken currentAccessToken] is working fine. I am attaching some screenshots might help you.
Right now I'm using a Facebook SDK to share posts from my application. The problem is that this sdk pops up a webview inside my app and asks the user to log in. There has to be a better way.
Can I send the share information to the facebook app on the users device (If they have it installed)? Or at least leverage the facebook app to check credentials? If people have to sign in to share, they probably won't do it..
The latest Facebook SDK 3.5 includes a native share dialog. If you follow the authentication workflow according do the documentation and the phone is on iOS 6.0 you should not get a UIWebView during authentication, instead you will get a UIAlertView.
Facebook login process would use WebView only in a few cases. Some of them are:
1) You are asking it to do so explicitly, by using - (void)openWithBehavior:(FBSessionLoginBehavior)behavior completionHandler:(FBSessionStateHandler)handler; which, I think, is not your case.
2) If there is no Facebook app installed on the device, FB SDK falls back to using WebView login window.
3) Probably, this is your case. If you are requesting publish permissions on the first attempt to open FB session, FB SDK will also fall back to old login flow envolving WebView. In the new login flow, FB session is supposed to be open with read permissions first (in that case, FB will use fast app switching or native iOS FB login):
+ (BOOL)openActiveSessionWithReadPermissions:(NSArray*)readPermissions allowLoginUI:(BOOL)allowLoginUI completionHandler:(FBSessionStateHandler)handler;
Then, you should ask additional publish permissions from the user:
- (void)requestNewPublishPermissions:(NSArray*)writePermissions defaultAudience:(FBSessionDefaultAudience)defaultAudience completionHandler:(FBSessionRequestPermissionResultHandler)handler;
That way, user will not need to log in (if he is logged in FB app already), but there will be inconvenience of double switching from your app to FB (though it works rather fast lately).
I was looking for a cleaner way to get publish permissions with FB Single Sign On on the first call, but unfortunately didn't find anything working yet.
This is the link for Facebook's iOS tutorial.
https://developers.facebook.com/docs/mobile/ios/build/
Can any one please explain what does this mean :
"If the device is running in a version of iOS that supports multitasking, but it doesn't have the Facebook app of version 3.2.3 or greater installed, the SDK will open the authorization dialog in Safari. After the user grants or revokes the authorization, Safari redirects back to the calling app. Similar to the Facebook app based authorization, this allows multiple apps to share the same Facebook user access_token through the Safari cookie."
Most of the posts say,like this one:
https://stackoverflow.com/questions/531712/reading-cookies-using-xcode-on-the-iphone
because of the sandbox environment of iOS one cannot access safari cookies, then how is this possible ?
and if its possible, How can multiple apps use the same access token. According to me different apps might have different permissions.
Your app does not read the cookie in that case. I think it just opens up a URL in Safari. Then some Facebook code which is run in Safari checks whether a valid Facebook session exists and then calls a callback function in your app. Of course all the access tokens and with them the different permissions for all the different apps on the device are saved separately in the facebook session so that the apps do not share the permissions. Only the user is saved in the session (most likely there is only one user who uses the mobile device), so that he doesn't have to login over and over again. He instead just clicks on 'login' or 'no, I'm not So and So'.