NOTE. Our (web application) worked fine until we updated the Oauth 2.0 workflow last weekend.
When a user "connects to facebook" to our (network) application, we register them on Facebook using the "server workflow" described in Facebook Authentication . However, Facebook raises the auth.logout event when a user gets to his home page in our application, which contains the following javascript code:
window.fbAsyncInit = function() { FB.init({appId: 'XXX', status: true, cookie: true, xfbml: true, channelUrl: 'http://XXX/fbchannel.html', oauth: true}); FB.Event.subscribe('auth.logout', function(response) { logout(); }); }; (function() { var e = document.createElement('script'); e.type = 'text/javascript'; e.src = document.location.protocol + '//connect.facebook.net/en_US/all.js'; e.async = true; document.getElementById('fb-root').appendChild(e); }()); function logout(){ new Ajax.Request('http://XXX/logout'); }
It seems that when the user logged in to Facebook they did not enter our application (if you have facebook.com open on the second tab of your browser and reload the page after entering our application, it will see that you are really logged into facebook.com).
Is there another step in OAuth 2.0 that needs to be taken to register a user in our application when using a “server-side workflow” that was not necessary in the previous version of OAuth? Should the user explicitly connect via facebook after connecting?
Any help would be greatly appreciated.
Thanks in advance, Jason
PS. Logging into our application through a stream on the client side (after you connected earlier) works fine. This is only when connecting and entering the system through a workflow on the server side, we are faced with the problem of automatic logout.
source share