Our app uses Facebook app API and as of this morning, our log out just stopped working. When you click logout on our app, it will log you out of Facebook, but our app still detects a Facebook session and allows the user to stay logged in.
We also noticed that the fbsr_* cookie isn't being deleted. Although I'm not sure if it's suppose to be.
Any help would be greatly appreciated! Thanks!
I am having the same issue. I went ahead in php and did $facebook->destroySession(); which helped however as of this morning it is still returning the same things. I am thinking its a bug on the facebook side.
I made a post here: https://developers.facebook.com/bugs/245362365535898
Related
My app successfully connects to Facebook using Facebook's Graph API, requests access to the pages I want to post to and redirects back to my app. That works like charm.
My problem is that if I created a new page on Facebook, I cannot add it to my app:
When I try to connect again, Facebook seems to know what I have requested earlier and I'm immediately redirected to my app without the request which pages I want to allow access to.
How to reconnect or what's the normal way to fix that problem?
I use Facebook's PHP Graph SDK 5.7.
#CBroe That didn't work either, but then I've cleared all permissions and chosen to reopen the site selector dialog, chosen all sites and closed, removed the information from my database and reconnected... Now the dialog appeared! Thank you for your help! Helped me a lot!
I tried to set up social login for my website but I accidently uploaded a logo to the OAuth consent screen, which has locked my app in a verification Status: Needs verification. I get the following message:
"Because you updated the application logo, your app registration requires verification by Google. Please prepare your app to submit for verification".
I am unable to delete this application and set up a new one (without a logo) or remove the logo from the existing one. It's totally locked me up? I also get a message that it will only allow 100 logins before it stops. How can I get rid of this thing, I've got a banging headache, and spent 8 hours going around in circles... Should I just remove the google login from my website? Is that my only option now?
Please help me!
For anyone facing this issue in 2021:
If you place a logo on Oauth consent screen by mistake, submit your app for verification. This will allow you to use the consent screen as before.
When you are contacted by a representative, inform them you want to use the app withouth the logo.
You can also follow this thread or add your +1 in issue tracker.
I have a website that is being used by various corporate employees. Just today I have a user saying that everytime they login (even with correct username and password), they get an error saying they have to login to view the page. Basically, they type the right username/password and get forwarded to the home page, but that controller has a login required decorator which rejects them and they get sent back to the login screen. The user tried in IE10 and Google Chrome web browsers.
I have not been able to replicate this issue anywhere and unfortunately, i'm in no position to really ask this user for more information for debugging purposes :(. Has anybody seen this before??
I tried googling this, and i'm seeing issues with Django for IE but nothing with Chrome. Is there anything else that could be happening?
I'm using nginx+uwsgi on the server if that makes any difference.
Without more information this is pretty much impossible to solve.
Because no one else is having the problem and you can't reproduce it, I'm inclined to believe it's user error.
Have them clear their cache/cookies (The fact that it's multi-browser is troubling though), see if that helps.
Best guess so far without more information: The user has cookies disabled. I think Django auth relies on cookies.
Our desktop application integrates with Facebook using the desktop app workflow and for approx. 18 months has been working without any problems. However, we are starting to get reports from some users that they cannot get past the login process.
When the login is successful Facebook should be attaching the access_token to the redirect_uri. Our application detects this and moves the user to the main part of our Facebook integration. What appears to be happening in some situations is that the access_token parameter is missing which causes our application to leave our embedded browser window open with the following message from Facebook:
"Success
SECURITY WARNING: Please treat the URL above as you would your password and do not share it with anyone."
What is strange is that this does not occur with all Facebook accounts and which Facebook accounts it occurs with seems to be changing. For example, we had a report of this approx. 1 week ago but could not duplicate it with my own Facebook account or with a colleague's Facebook account. Today, I still cannot duplicate it with my own Facebook account but my colleague now gets the problem.
The URL our code sends to Facebook is:
https://graph.facebook.com/oauth/authorize?client_id=xxxx&redirect_uri=http://www.facebook.com/connect/login_success.html&type=user_agent&display=popup&scope=read_friendlists,user_photos,friends_photos,user_photo_video_tags,friends_photo_video_tags,user_events,friends_events,user_groups,friends_groups
Reading the latest API documentation it looks like they recommend a different way to connect which we have also tried:
https://www.facebook.com/dialog/oauth?client_id=xxxx&redirect_uri=http://www.facebook.com/connect/login_success.html&scope=read_friendlists,user_photos,friends_photos,user_photo_video_tags,friends_photo_video_tags,user_events,friends_events,user_groups,friends_groups&response_type=token
To rule out our application as the cause we have tried these URLs directly within a web browser. What we find is that when using my Facebook account the browser re-directs to the success URL that includes the access_token parameter but when using my colleague's account the browser re-directs to the success URL that includes the access_token and then immediately re-directs again to the success URL without the access_token.
so... As far as we can tell this is either:
a) A change to the API which we cannot find documented anywhere
b) A bug in Facebook
c) Something that is now controlled by the user's Facebook security settings
Is there anybody who could explain why Facebook is acting differently with different accounts and how we can go about fixing this?
Thanks.
Kevin.
I have the same problem in my desktop applications.
And I just solve it with careful reading in ht*ps://developers.facebook.com/docs/howtos/login/login-for-desktop/. The solution is to change redirect_uri from ht*p://www.facebook.com/... into ht*ps://www.facebook.com/...
Hope this will help you just like it help me
NB:
change ht*p into http
sorry i have to change the http into ht*p so that i can post the answer.
Since Thursday our Facebook App has stopped posting updates to our page without any changes from our side.The error we got is
"OAuthException: (#200) User does not have sufficient administrative
permission for this action on this page"
but the permissions are all set properly (user = manager, app has access to wall etc) and our server gets the token back with the permission to post.
Has anyone experienced this issue lately and are there any solutions or suggestions to fix this?
I am not sure if this will help you, but solved it for me. Using the graph explorer I found with the APP_TOKEN it would not work, however changing this to the USER_TOKEN worked perfectly.