I have a activity called StarterActivity which is the launcher activity of my android application. I have provided a logout menu option on press of which I am revoking all apps permissions. I verified all permissions are getting revoked and my app is no longer listed in https://www.facebook.com/settings?tab=applications
However the access token does not get cleared.
switch(item.getItemId())
{
case R.id.action_logout:
GraphRequest delPermRequest = new GraphRequest(AccessToken.getCurrentAccessToken(), "/{user-id}/permissions/", null, HttpMethod.DELETE, new GraphRequest.Callback() {
#Override
public void onCompleted(GraphResponse graphResponse) {
if(graphResponse!=null){
FacebookRequestError error =graphResponse.getError();
if(error!=null){
Log.e(TAG, error.toString());
}else {
finish();
}
}
}
});
Log.d(TAG,"Executing revoke permissions with graph path" + delPermRequest.getGraphPath());
delPermRequest.executeAsync();
break;
}
I want to relaunch my StarterActivity Intent again on logout.
I added
startActivity(new Intent(getApplicationContext(),StarterActivity.class));
after clearing permissions. But neither AccessToken.getCurrentAccessToken() or Profile.getCurrentProfile() is null. Perhaps getting cashed?
I also tried
AccessTokenTracker accessTokenTracker = new AccessTokenTracker() {
#Override
protected void onCurrentAccessTokenChanged(
AccessToken oldAccessToken,
AccessToken currentAccessToken) {
Log.d(TAG,"Access token changed");
if (currentAccessToken == null){
//User logged out
startActivity(new Intent(getApplicationContext(),StarterActivity.class));
}
}
};
But none of them seem to work. Access token is not cleared. How can I invalidate this data if cashed? I was hoping for it to get cleared on revoking permissions? Or is there a neater way to logout?
I am using SDK 4.x. More details on perm - https://developers.facebook.com/docs/graph-api/reference/user/permissions
What finally worked was
LoginManager.getInstance().logOut();
What it internally does is setting each access token and profile to null
public void logOut() {
AccessToken.setCurrentAccessToken((AccessToken)null);
Profile.setCurrentProfile((Profile)null);
}
Just revoking permission will not do. You can either manually set token and profile as null or use above API.
Related
I am implementing a Facebook login with Facebook SDK on Android.
compile 'com.facebook.android:facebook-android-sdk:4.+'
I'm logging in with the user as
callbackManager = CallbackManager.Factory.create();
loginButton.registerCallback(callbackManager, new FacebookCallback<LoginResult>() {
..
}
And for log out, I use my own log out button and log out the user programmatically:
LoginManager.getInstance().logOut();
My question is:
After log out, when I click on Continue with Facebook, the previous user information pops up to Continue as XY. I don't want this. I want to ask for email and password again, every time, if somebody wants to log in after log out. How can I do this?
Actually i found the solution. I changed the login behavior for the FB login button, for this i used:
loginButton.setLoginBehavior(LoginBehavior.WEB_ONLY);
So every time it pops up the WEB view for login button.
I want to ask for email, password again every time if somebody wants
to log in after log out.
try this in your onCreate()
FacebookSdk.sdkInitialize(getApplicationContext());
callbackManager = CallbackManager.Factory.create();
updateWithToken(AccessToken.getCurrentAccessToken()); //add this method
Now in updateWithToken() method logout the user from previous session
private void updateWithToken(AccessToken currentAccessToken) {
if (currentAccessToken != null) {
LoginManager.getInstance().logOut();
} else {
}
}
EDIT
if you want to completely disconnect user from facebook login use:
public void disconnectFromFacebook() {
if (AccessToken.getCurrentAccessToken() == null) {
return; // already logged out
}
new GraphRequest(AccessToken.getCurrentAccessToken(), "/me/permissions/", null, HttpMethod.DELETE, new GraphRequest
.Callback() {
#Override
public void onCompleted(GraphResponse graphResponse) {
LoginManager.getInstance().logOut();
}
}).executeAsync();
}
To really disconnect from facebook with the android SDk and avoid auto login after you must use
val accessToken = AccessToken.getCurrentAccessToken()
val request = GraphRequest.newDeleteObjectRequest(accessToken, "me/permissions", { response ->
LoginManager.getInstance().logOut() //not really needed i think
})
request.executeAsync()
In response you have a responseCode == 200 if OK
I have an Android application that uses Facebook sdk to log in. To do so, I use the LoginButton widget. The log in process works very well but I got a small problem : when I close the application or reinstall it, it automatically logs in into Facebook (the text on button switches to "Log out"). I don't want to have such behavior : I need that the user clicks on the button to log in every time the application starts. I checked on the internet and it seems this feature is called "single sign on" but I'm not sure about that. I have found several ways to do so but none of them works. I used Facebook SDK 4. This is the part of the code that instantiates the Activity.
FacebookSdk.sdkInitialize(getApplicationContext());
callbackManager = CallbackManager.Factory.create();
this.setContentView(R.layout.login_layout);
getSupportActionBar().hide();
GoogleSignInOptions gso = new GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN).build();
mGoogleApiClient = new GoogleApiClient.Builder(this).enableAutoManage(this, this).addApi(Auth.GOOGLE_SIGN_IN_API, gso).build();
/*accessTokenTracker = new AccessTokenTracker() {
#Override
protected void onCurrentAccessTokenChanged(AccessToken oldAccessToken, AccessToken newAccessToken) {
updateWithToken(newAccessToken);
}
};*/
LoginManager.getInstance().logInWithReadPermissions(LogInActivity.this, Arrays.asList("public_profile", "user_birthday", "email"));
LoginManager.getInstance().setLoginBehavior(LoginBehavior.SUPPRESS_SSO);
fb_login = ((LoginButton) findViewById(R.id.fb_login));
fb_login.setLoginBehavior(LoginBehavior.SUPPRESS_SSO);
fb_login.registerCallback(callbackManager, new FacebookCallback<LoginResult>() {
#Override
public void onSuccess(LoginResult loginResult) {
Log.i("Facebook connect", "Connection success");
}
#Override
public void onCancel() {
Log.i("Facebook", "Super c'et cancel");
((TextView) findViewById(R.id.account)).setText("Annulé");
}
#Override
public void onError(FacebookException error) {
Log.i("Facebook", "Super y a une erreur");
((TextView) findViewById(R.id.account)).setText("Erreur");
}
});
Does someone have an idea how to disable to automatic connection ?
For Facebook SDK 4 and onwards, you could programmatically logout using:
LoginManager.getInstance().logOut();
Now, the problem is where do you place this code. If you're fine with Facebook logout when the app is sent to the background, you can use onPause() or onStop() methods.
The big part comes. You can't determine if the app is killed. Because it's simply killed and you don't get any callbacks to catch that event.
So, if you anyway want to implement this every-time-login thing, you have to do this when the app starts.
Initialize the Facebook SDK:
Check if the user is logged in.
If yes in step 2, run manual logout.
FacebookSdk.sdkInitialize(getApplicationContext());
if(AccessToken.getCurrentAccessToken() != null) {
LoginManager.getInstance().logOut();
}
step 1: like was written before you should make
LoginManager.getInstance().logOut();
step 2: To remove autologin just avoid behavior of Facebook app. You could do it via LoginBehavior.
LoginManager.getInstance().setLoginBehavior(LoginBehavior.WEB_ONLY);
Remove this line from your code
LoginManager.getInstance().logInWithReadPermissions(LogInActivity.this, Arrays.asList("public_profile", "user_birthday", "email"));
I post here because I've got a problem.
I'm working on a new android application , and I want to know how I can detect when a user is disconnecting (facebook logout button), because I want to refresh my UI at this moment.
I have been watched the official documentation, but I found nothing.
You can set a listener on the onCreate() method on your activity
AccessTokenTracker accessTokenTracker = new AccessTokenTracker() {
#Override
protected void onCurrentAccessTokenChanged(
AccessToken oldAccessToken,
AccessToken currentAccessToken) {
if (currentAccessToken == null){
//User logged out
}
}
};
You need to import com.facebook.AccessToken and com.facebook.AccessTokenTracker
When you create the instance of AccessTokenTracker it implicitly starts tracking. For stopping tracking you should call AccessTokenTracker.stopTracking() e.g. in onDestroy() to not receive anymore events when not needed/wanted and especially to not leak memory!
You can get any time if the user is logged in/out by calling
AccessToken at = AccessToken.getCurrentAccessToken();
If the user is not logged in, you get a null value.
For further reference please check the documentation at https://developers.facebook.com/docs/reference/android/current/class/AccessTokenTracker/
You can try this also
if(AccessToken.getCurrentAccessToken()!=null)
{
Log.v("User is login","YES");
}
else
{
Log.v("User is not login","OK");
LoginManager.getInstance().logInWithReadPermissions(WelcomeActivity1.this, (Arrays.asList("public_profile", "user_friends","user_birthday","user_about_me","email")));
}
Recently, Facebook released SDK 4 with new and cool updates. I tried to switch into SDK4 to use new features, however, I am struggling with the Login feature of Facebook.
So far, to log out Facebook programmatically, I used :
Session session = Session.getActiveSession();
session.closeAndClearTokenInformation();
But SDK4 seems not to support Session anymore, and in official docs, they mention:
There are two ways to implement Facebook login on Android:
LoginButton class - Which provides a button you can add to your UI. It follows the current access token and can log people in and out.
Well, seems there's no way to log out Facebook programmatically except using LoginButton.
Anyone have any idea, please share it here.
You can use LoginManager.getInstance().logOut();, even if you use LoginButton because
This UI element wraps functionality available in the LoginManager.
EDIT:
Just to mention that this works for Facebook SDK v4. I don't know if they will change it in the future.
#as batoutofhell mention, don't forget to put FacebookSdk.sdkInitialize(getApplicationContext()); to initialize the facebook sdk. Please see here for the details.
SDK4, if you want to completely de-couple, make sure you also remove the app from the user's facebook account. This method disconnects the user completely:
public void disconnectFromFacebook() {
if (AccessToken.getCurrentAccessToken() == null) {
return; // already logged out
}
new GraphRequest(AccessToken.getCurrentAccessToken(), "/me/permissions/", null, HttpMethod.DELETE, new GraphRequest
.Callback() {
#Override
public void onCompleted(GraphResponse graphResponse) {
LoginManager.getInstance().logOut();
}
}).executeAsync();
}
You can use LoginManager.logOut()
Check out https://developers.facebook.com/docs/reference/android/current/class/LoginManager/
To handle it with the loginButton:
//Check if user is currently logged in
if (AccessToken.getCurrentAccessToken() != null && com.facebook.Profile.getCurrentProfile() != null){
//Logged in so show the login button
fbLogin.setVisibility(View.VISIBLE);
fbLogin.setOnClickListener(new View.OnClickListener() {
#Override
public void onClick(View view) {
//log out
LoginManager.getInstance().logOut();
gotoLogin();
}
});
}
You can logout by using LoginManager but you have to use graph request also. I am talking about log out completely so, that next time you can login with different account.
new GraphRequest(AccessToken.getCurrentAccessToken(), "/me/permissions/", null, HttpMethod.DELETE, new GraphRequest
.Callback() {
#Override
public void onCompleted(GraphResponse graphResponse) {
SharedPreferences pref = DashBoard.this.getPreferences(Context.MODE_PRIVATE);
SharedPreferences.Editor editor = pref.edit();
editor.clear();
editor.commit();
LoginManager.getInstance().logOut();
Intent logoutint = new Intent(DashBoard.this,MainActivity.class);
logoutint.setFlags(Intent.FLAG_ACTIVITY_CLEAR_TOP);
startActivity(logoutint);
}
}).executeAsync();
By the help of shared preferences here you can logout completely, and next time you can login with different account.
Frank version kotlin:
fun disconnectFromFacebook() {
if (AccessToken.getCurrentAccessToken() == null) {
return // already logged out
}
GraphRequest(
AccessToken.getCurrentAccessToken(),
"/me/permissions/",
null,
HttpMethod.DELETE,
GraphRequest.Callback {
LoginManager.getInstance().logOut()
}).executeAsync()
}
The title says it all. I'm using a custom button to fetch the user's facebook information (for "sign up" purposes). Yet, I don't want the app to remember the last registered user, neither the currently logged in person via the Facebook native app. I want the Facebook login activity to pop up each time. That is why I want to log out any previous users programmatically.
How can I do that? This is how I do the login:
private void signInWithFacebook() {
SessionTracker sessionTracker = new SessionTracker(getBaseContext(), new StatusCallback()
{
#Override
public void call(Session session, SessionState state, Exception exception) {
}
}, null, false);
String applicationId = Utility.getMetadataApplicationId(getBaseContext());
mCurrentSession = sessionTracker.getSession();
if (mCurrentSession == null || mCurrentSession.getState().isClosed()) {
sessionTracker.setSession(null);
Session session = new Session.Builder(getBaseContext()).setApplicationId(applicationId).build();
Session.setActiveSession(session);
mCurrentSession = session;
}
if (!mCurrentSession.isOpened()) {
Session.OpenRequest openRequest = null;
openRequest = new Session.OpenRequest(RegisterActivity.this);
if (openRequest != null) {
openRequest.setPermissions(null);
openRequest.setLoginBehavior(SessionLoginBehavior.SSO_WITH_FALLBACK);
mCurrentSession.openForRead(openRequest);
}
}else {
Request.executeMeRequestAsync(mCurrentSession, new Request.GraphUserCallback() {
#Override
public void onCompleted(GraphUser user, Response response) {
fillProfileWithFacebook( user );
}
});
}
}
Ideally, I would make a call at the beginning of this method to log out any previous users.
Update for latest SDK:
Now #zeuter's answer is correct for Facebook SDK v4.7+:
LoginManager.getInstance().logOut();
Original answer:
Please do not use SessionTracker. It is an internal (package private) class, and is not meant to be consumed as part of the public API. As such, its API may change at any time without any backwards compatibility guarantees. You should be able to get rid of all instances of SessionTracker in your code, and just use the active session instead.
To answer your question, if you don't want to keep any session data, simply call closeAndClearTokenInformation when your app closes.
This method will help you to logout from facebook programmatically in android
/**
* Logout From Facebook
*/
public static void callFacebookLogout(Context context) {
Session session = Session.getActiveSession();
if (session != null) {
if (!session.isClosed()) {
session.closeAndClearTokenInformation();
//clear your preferences if saved
}
} else {
session = new Session(context);
Session.setActiveSession(session);
session.closeAndClearTokenInformation();
//clear your preferences if saved
}
}
Since Facebook's Android SDK v4.0 (see changelog) you need to execute the following:
LoginManager.getInstance().logOut();
Here is snippet that allowed me to log out programmatically from facebook. Let me know if you see anything that I might need to improve.
private void logout(){
// clear any user information
mApp.clearUserPrefs();
// find the active session which can only be facebook in my app
Session session = Session.getActiveSession();
// run the closeAndClearTokenInformation which does the following
// DOCS : Closes the local in-memory Session object and clears any persistent
// cache related to the Session.
session.closeAndClearTokenInformation();
// return the user to the login screen
startActivity(new Intent(getApplicationContext(), LoginActivity.class));
// make sure the user can not access the page after he/she is logged out
// clear the activity stack
finish();
}
Since Facebook's Android SDK v4.0 you need to execute the following:
LoginManager.getInstance().logOut();
This is not sufficient. This will simply clear cached access token and profile so that AccessToken.getCurrentAccessToken() and Profile.getCurrentProfile() will now become null.
To completely logout you need to revoke permissions and then call LoginManager.getInstance().logOut();. To revoke permission execute following graph API -
GraphRequest delPermRequest = new GraphRequest(AccessToken.getCurrentAccessToken(), "/{user-id}/permissions/", null, HttpMethod.DELETE, new GraphRequest.Callback() {
#Override
public void onCompleted(GraphResponse graphResponse) {
if(graphResponse!=null){
FacebookRequestError error =graphResponse.getError();
if(error!=null){
Log.e(TAG, error.toString());
}else {
finish();
}
}
}
});
Log.d(TAG,"Executing revoke permissions with graph path" + delPermRequest.getGraphPath());
delPermRequest.executeAsync();
Session class has been removed on SDK 4.0. The login magement is done through the class LoginManager. So:
mLoginManager = LoginManager.getInstance();
mLoginManager.logOut();
As the reference Upgrading to SDK 4.0 says:
Session Removed - AccessToken, LoginManager and CallbackManager classes supercede and replace functionality in the Session class.
Yup, As #luizfelippe mentioned Session class has been removed since SDK 4.0. We need to use LoginManager.
I just looked into LoginButton class for logout. They are making this kind of check. They logs out only if accessToken is not null. So, I think its better to have this in our code too..
AccessToken accessToken = AccessToken.getCurrentAccessToken();
if(accessToken != null){
LoginManager.getInstance().logOut();
}
private Session.StatusCallback statusCallback = new SessionStatusCallback();
logout.setOnClickListener(new OnClickListener() {
#Override
public void onClick(View arg0) {
Session.openActiveSession(this, true, statusCallback);
}
});
private class SessionStatusCallback implements Session.StatusCallback {
#Override
public void call(Session session, SessionState state,
Exception exception) {
session.closeAndClearTokenInformation();
}
}
Facebook provides two ways to login and logout from an account. One is to use LoginButton and the other is to use LoginManager. LoginButton is just a button which on clicked, the logging in is accomplished. On the other side LoginManager does this on its own. In your case you have use LoginManager to logout automatically.
LoginManager.getInstance().logout() does this work for you.