I am building an application which needs user credentials for multiple users. If SSO is enabled, then I cannot logout the user (provided Facebook app is installed on the device) after using our application. The session persists, and the only method for logging out the user is via the facebook app, before the next user can login to our application.
So, I need the SSO disabled, so that it is independent of the facebook app on the device.
I have seen the problem being queried here: Disabling and Enabling Single Sign On in Facebook as Required
I know that in SDK 2.0, it could have been done using FORCE_DIALOG_AUTH, but in SDK 3.*, how do I go about it?
http://developers.facebook.com/docs/tutorials/androidsdk/3.0/upgrading-from-2.0-to-3.0/
P.S.: Any other method of making the login and logout independent of the facebook app will also work
See setLoginBehavior in the OpenRequest that you pass to Session.openFor[Read|Publish] - https://developers.facebook.com/docs/reference/android/3.0/Session.OpenRequest#setLoginBehavior%28SessionLoginBehavior%29
You can set it to SUPPRESS_SSO which will use the web dialog instead of SSO - https://developers.facebook.com/docs/reference/android/3.0/SessionLoginBehavior#SUPPRESS_SSO
Related
I have an app that uses Facebook SDK for fetching data such as user's friends, picture and so on.
After using the SSO feature, if the facebook app is installed on the device, it remains logged in, and gives notifications and so on.
I want to disable that - I just need to authenticate with my app and do simple facebook queries, I don't want the facebook app to open and stay in the background.
Any way to do that?
With the new Facebook SDK 3.0 there's a Session#close() method.
I am working on an application where I need to integrate the social functionality of Facebook.
What I want is to know if the user is already connected to Facebook through a Facebook application or some other application that uses Facebook, and use this authentication. That means that if the user is already connect to Facebook through his device I recognize that and use it in my application - not ask the user for a new login.
Is it possible?
I found a lot stuff in the web, but nothing is related to that. I already downloaded the facebook SDK and added it to my project. I saw that there is a method (facebook.getAccessToken()) to get the access token, but I think I can use it only if the user do his first login in my application.
Any help would be great.
Thanks.
That means that if the user is already connect to Facebook through his device I recognize that and use it in my application - not ask the user for a new login.
Yes it is possible..This is called as Single-Sign-On in facebook , by default Single-Sign-On is enabled. One and only thing you have to do is that you need to generate Hash Key and Register with your Application created in Facebook.
Also it is possible to disable Single-Single-On by passing an extra parameter as below :
authenticatedFacebook.authorize(context PERMISSIONS,-1,new LoginListener());
-1 - refers disabling SSO
Single-Sign-On is clearly explained in Facebook Documentation..
I have created an android app for Facebook integration with single user Login. Now i want Multiple user Login in the same application. How can i do this. Please give some suggestions with any android code or usable link. Thanks in advance :)
The facebook android SDK is trying to use the SSO if the device has the facebook application (katana) installed.
If the SSO is used then you have no way of doing so, the authorize method will always use the logged in user in the katana and so you'll have to ask the user to manually logout in the main facebook application.
What you can do is call authorize without the sso as expalined here: How to disable Facebook single sign on for android - Facebook-android-sdk.
Is it possible to login into facebook using my own login form in Android & get the facebook user id? I just want to validate the users without need them access their facebook.
In the Android facebook tutorial, the app have to open facebook first so that user can login but there is no automatic close after user login successfully.
Thanks in advance
No, you don't have a way to log the user in through facebook without using their official endpoints.
You can open some sort of browser with the authentication dialog (or the open graph one) but that still mean using their forms/ui (what ever you want to call it).
You should just use the android sdk without using the SSO, that way the sdk won't call the facebook application that is installed on the device (if at all) and will just call the auth dialog for you.
This is a better solution for you since it "abstracts" some things from you, takes care of the access token and more.
Here's a thread about disabling the SSO: How to disable Facebook single sign on for android - Facebook-android-sdk
I'm using Facebook's Android API and everything works as expected with one exception. When I leave the Facebook app installed on the device (this is the stand-alone app, that has nothing to do with either the API or my app), and I call logout() on my Facebook object, it correctly voids the Facebook object but the next time I fire up the object it goes and retrieves the login data from the Facebook app and the login persists.
If I don't have the Facebook app installed on the device, everything works perfectly.
I'm curious if there's some mechanism I'm overlooking for forcing the Facebook app to not hold onto the login, or am I stuck having to tell my client (this is a custom app for a client, never going to market) that when they run this they will have to make sure to uninstall the Facebook app from the devices that they're running this on?
When you say the Facebook Android API, do you mean the Facebook Android SDK?
If so, when you call authorize, you have the option of specifying whether that is a single sign on (SSO) or a OAuth 2.0 dialog authorization. The default is SSO. If you authorize with SSO, and the Facebook app is present and logged in, then the authorize succeeds without going anywhere near the Facebook server.
If you do not use SSO, and use OAuth 2.0 dialog authorization, the user initially sees a login dialog plus an app authorization dialog, and after a successful login/authorization, the SDK keeps hold of an access token for subsequent authorizes.
Unfortunately, the SDK logout does not take account of SSO. It does a OAuth 2.0 expiresession and clears the access token, but it does not tell the Facebook app that the user has logged out. So that means when you do the next authorize (assuming it is an SSO) the Facebook app is still logged in, then the authorize succeeds without going anywhere near the Facebook server.
One way forward would be to not use SSO and require a OAuth 2.0 dialog authorization (using authorize(FORCE_DIALOG_AUTH)). That would require the user to login even if the Facebook app is present and logged in, but it would prevent the login persisting.