Facebook auth.extendssoaccesstoken error code 10 - ios

In our Facebook app developer insights, we're seeing consistent daily errors for method auth.extendssoaccesstoken with error code 10, 'Application does not have permission for this action'. We are on the latest SDK with a near exact implementation of the current iOS integration guide. Searching Google, SO and Facebook Developers for the error and/or anything to do with extend token provided no results. Is there something I should be enabling on the Facebook app?

After further investigation into the Facebook SDK source, I believe I have a solid lead.
Some, not all, of our users are getting the this error
The previous behavior of auth.extendSSOAccessToken was depended upon the app receiving the 'offline_access' permission from the user.
The facebook-ios-sdk does not touch the 'offline_access' permission anywhere in it's code.
The application "not having permissions" for extending the access token suggests that the method still depends on the application getting the 'offline_access' permission. The only change is this now happens silently.
The Conclusion:
The app is not being granted the 'offline_access' permission in one of the many different methods of authentication. The iOS SDK attempts authentication in the following manner:
iOS Integrated Facebook Dialog
iOS Facebook App "Fast App Switch"
Login through Safari
Facebook SDK UIView Login Dialog
4 seems outdated and unlikely, and we're getting ~17% error rates which narrows it down to 1 or 3, since 2 is definitely still widely used.
Will update after further analysis.
Update 1
Using Facebook's insights and our git history, I believe the issue occurs when the user authenticates using the iOS6 Integrated Facebook Dialog (method 1). Came to the conclusion because the error appeared on Facebook Developer Insights after the iOS6 release and we released a version of the app that used SDK 3.1
Will update after testing

Related

Facebook iOS SDK Login - "Unsupported request"

Issue
When we try to log in with developer or testers accounts on iOS, we get the error Unsupported Request. Our app was disabled because the tester could not login due to this error.
Scenario
It works on android
We noted that while the app was in review (activated) users successfully logged in using facebook in iOS devices. That makes us believe this is a problem only with developer and testers accounts
We also noted that when we try login with a tester account an openid item is added to the permissions granted. Before this permission is added we manage to login on web, after this token is added we get the same error on web (Unsupported request)
We already filed a bug report to Facebook and we're waiting for a response.
We're using the react-native-fbsdk-next module and this issue has some more info. We're now trying the approach suggested on this comment
Have anybody managed to solve this? It really looks like a Facebook Bug.
Edit (2021-11-24)
The approach mentioned here works partially: works when logging in through Safari but does not work when Safari is not logged in and the app is used.
We're still waiting for Facebook's response
Facebook SDK versions behavior summary
v7.0.1 (react-native-fbsdk: 2.0.0):
Works when using Safari
Does not work when using FB App
v9.0.1 (react-native-fbsdk-next: 4.2.0):
Does not work both through Safari and FB app
v12.1.0 (react-native-fbsdk-next: 6.1.1):
Does not work both through Safari and FB app
Edit (2021-11-25)
We removed Facebook integration for the iOS app because we could not keep going without Facebook login for Android users. The app was reactivated and, after that, we generated a new production build and it's working as it should
We're still waiting for Facebook's response

Using LinkedIn's iOS 9 SDK for authentication with a webview instead of LinkedIn's mobile app

My iOS app currently offers users the option to log in and sign up with their LinkedIn accounts. I am using this project for the LinkedIn log and OAuth: LinkedInOAuth
With the update to iOS 9, my app now occasionally crashes, when a user attempts to log in through LinkedIn using that project, with a runtime exception of WebThread(18): EXC_BAD_ACCESS(code=1, address=0x8)
To resolve this occasional crash, I turned to an updated version of the project I was using that conforms to ios 9 and linkedin's ios 9 SDK.
The issue is that while this new project has solved the WebThread crashing, it now requires users to download LinkedIn's app (if they don't have it) in order to log in to my app with LinkedIn.
The previous project never had such requirements and would present a webview that allowed anyone with a linkedin account to log in.
My question is am I wondering if it is possible to authenticate with LinkedIn in ios 9 without requiring the user to download the mobile app? My hopes are that it is possible to update the old project to conform to ios 9 while simply presenting a webvew. Thank you!
We only discussed this last week (at the time your question didn't have an answer, but happy to update you now—that is, if you haven't solved this in the meantime).
After scouring several sources I came across this:
Mobile vs server-side access tokens
Presently, there is no mechanism available to exchange them. If you
require tokens that can be used in both the mobile and server-side
environment, you will need to implement a traditional OAuth 2.0
solution within your iOS environment to acquire tokens that can be
leveraged in both situations.
from: https://developer.linkedin.com/docs/ios-sdk-auth
The premise being that via mobile solutions, they offer single sign-on thru their app. This works, but requires their app. Apple's approval process has swung both ways on this, and it appears that it is a flip of the coin as to whether they will allow this or not (the requirement of a third party app). #AroundThen didn't have any luck and his app was rejected due to the requirement, however, other users* have indicated Apple weren't adverse to it in their application processes.
Alternatively, their is the web logon process using OAuth2. This is pretty stock for their non-mobile solutions. Currently sharing the tokens between mobile and web solutions is not a default and if you want to share the same token their solution is that that is listed above.
In essence (and copied from my other answer here):
You can test for the presence of the linked-in app:
if it is not there: implement OAuth2 directly through your app
if it is there: use it or your OAuth2 implementation (which you'd probably err on the side of using their app for the link-ability between any features of the app you may need in yours).
Thereby avoiding the REQUIREMENT to have the app installed, but utilising it if it is.
This suggests that authentication away from the app is supported.
Reportedly, #AroundThen has had success with this process.
Good luck!
*1 I'm currently having trouble finding his post, but basically he provided login credentials that Apple attempted to use, but had locality issues and hence couldn't get in, but it was inferred they may have approved it if they had of.

Parse Facebook Login App Must Ask For Basic Read Permission

I am building a Parse driven iOS application and am having some strange issues with Facebook login. Upon initializing my facebook permissions, I am asking for #"email" and nothing else. The login works when the user does not have the facebook iOS application installed on their device - and authenticates through safari (or another web browser). When the user DOES have the facebook iOS application installed and tries to grant permission to my app, the following error is displayed:
I have read through multiple tutorials and related stack overflow issues, and have yet to figure this one out. I tested this out with both an older version of the facebook SDK and the brand new one (3.5). Neither of those solutions appears to work. Anyone have any ideas? Thank you kindly.
Try with both #"email" and #"basic_info". This is currently documented on the Android side, but not iOS, which is weird - https://developers.facebook.com/docs/howtos/androidsdk/3.0/native-login/

FBLoginButton not requesting permissions

Firstly, apologies for the vague question!
At short notice I've been handed an app which has started failing when posting Facebook status updates. It seems to be using a very old version of the Facebook SDK so none of the code examples I have found work.
The error message when trying to post implies that facebook.users.setStatus endpoint is deprecated.
Accordingly, I updated the code to call facebook.stream.publish which seems to be the currently supported.
This results in a permissions error (code 200).
I then changed the Facebook app record to request the publish_actions permission. This looks good on the Facebook preview page:
...but doesn't seem to be reflected onthe in-app Facebook logon screen:
http://s13.postimage.org/d5sf8j0zr/i_Phone_No_Permissions_Request_Redact.png
I have waited several hours now so I don't think the problem is Facebook propogating the
app settings. Can anyone tell me if I'm on the right track here?
Plan B would be rewrite Facebook access using latest Facebook SDK, but this will require an upgrade for XCode and Mac OS, which I'm keen to avoid.
The publish_actions permission is used when dealing with Open Graph actions. From what I've read you'll need the extended publish_stream permission.

The app must ask for a basic read permission at install time. Only on native?

I've been using the Facebook iOS SDK for some app I've been working on -
My app only requires publishing of a photo, and I have no use of any read permissions or basic info.
When logging in using a browser (Simulator) or Fast-App switching (Device) it works fine with just openActiveSessionWithPublishPermissions:#[#"publish_stream"]...
But if I would try the same with an iOS6 device with the Native login, it would show the error describe in the title. Even though I have no need for any read access. This problem only occurs in the native login, and not in the Browser-based or Fast-App switching based logins for some reason.
Any ideas?
I reckon it has something to do with this:
Asking for Read & Write Permissions Separately
You are now required to request read and publish permission separately (and in that order). Most likely, you will request the read permissions for personalization when the app starts and the user first logs in. Later, if appropriate, your app can request publish permissions when it intends to post data to Facebook.
You cannot request read and publish permissions simultaneously using iOS6's Facebook support, and if you attempt to, the SDK will take the user through a less-optimal app-switching or web-based authentication flow.
It seems that they added this in SDK 3.1.

Resources