Limit permissions when accessing Facebook using Accounts framework

Question

I need some help on this one ....

So the problem I am facing is that while fetching the Facebook account from ACAccount, the alert view informs too many permissions. I am getting an alert box when I use the ACAccount login for facebook.

It says APP_NAME would like to access your basic profile info and list of friends

This shows up even when my permissions set is an empty array.

NSArray * FB_PERMISSIONS = @[];
// or FB_PERMISSIONS = @[@"public_profile", @"likes", @"email"];
// It does not matter what the array is -> The alert has extra sentences.

ACAccountType *FBaccountType= [_accountStore accountTypeWithAccountTypeIdentifier:ACAccountTypeIdentifierFacebook];
NSString *key = [[NSBundle mainBundle] objectForInfoDictionaryKey:@"FacebookAppID"];;
NSDictionary *dictFB = [NSDictionary dictionaryWithObjectsAndKeys:key,ACFacebookAppIdKey,FB_PERMISSIONS,ACFacebookPermissionsKey, nil];
[_accountStore requestAccessToAccountsWithType:FBaccountType options:dictFB completion:

What am I trying to do here?

I am just needing the "public_profile", @"email" and "likes". The alert says APP_NAME would like to access your profile, and likes on your behalf. In addition, APP_NAME would like to access your basic profile info and list of friends

Why is that second sentence there? How do I get rid of it? I can see a number of apps where the second line that talks about basic profile and list of friends does not show up.

Expected result:

APP_NAME would like to access your profile and likes.

Update:

Check my answer for solution.

Answer 1

There is nothing in the FB SDK docs that explain any of this. They made this way so that users can use the Facebook pop UI and pick the permissions they want to authorize. I guess Facebook design's philosophy is to give as much control and transparency to the user. But with the OS pop-up it hides a lot of permissions underneath. I guess it's Apple's design philosophy to show minimal information. This works best for developers scenario, as users usually freak out when they see so many permissions being asked by the app.

Anyway, if you take a look at FBSDKLoginManager+Internal.h you can checkout the capabilities for System login. Further digging, I've discovered that FBSDKLoginButton is pointless. The best way to go about this is using your own instance of FBSDKLoginManager, and set the system account type to be native, and if you get the error code 306, fall back to default login mechanism.

Somehow ->> This way does not show additional permissions. I have no idea how. All I know is that everything falls into place now.

Further more, you will have to setup a separate listener for ACAccountStoreDidChangeNotification so that you can tie up some edge cases. But yes, \m/