Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Re-asking for Declined Facebook Permissions (auth_type=rerequest) does not work

Tags:

php

facebook

we are developing a Facebook application with PHP SDK 3.2.3 and Javascript SDK. I need to re-ask users permission to publish on their wall if they denied access to publish on Facebook at login.

As documentation says:

[...] Your app must re-ask for declined permissions with special handling. [...]

[...] Web apps must explicitly pass a new option to the Login Dialog: auth_type: rerequest. Details on how the new option works on the web is covered in our documentation on using the JavaScript SDK on the Web.

but we tried with this request:

https://www.facebook.com/dialog/oauth?auth_type=rerequest&client_id=1...7&redirect_uri=MY_PAGE&state=a1f4412db0617ef1a620ac1d1ebc2af8&sdk=php-sdk-3.2.3&campaign_page_with_active_panel=MY_PAGE

but users are redirected directly on MY_PAGE url and permissions are not re-requested.

This (wrong) behavior may be due to the fact that application is a test application?

like image 663
sensorario Avatar asked Sep 24 '14 14:09

sensorario


People also ask

How do I enable permissions on Facebook?

Adjust PermissionsClick “Edit Settings” next to Apps You Use on the Apps, Games and Websites page settings page. Click the app for which you want to adjust the settings. All of the permissions granted to the app will be displayed. Click “Remove” to delete any of the permissions.

How do I see app permissions on Facebook?

Tap in the top right of Facebook. Scroll down and tap Settings. Go to the Permissions section and tap Apps and Websites. Go to Apps, Websites and Games and tap Edit.


1 Answers

On the js sdk I directly call the login method like this:

FB.login( function( response ) {
      if (response.status == 'connected') {

      }
},{
      scope: 'email,public_profile',
      return_scopes: true,
      auth_type: 'rerequest'
 });

On the server side I use the accesstoken to request for user details on Facebook. If the email is not provided I return an error telling the user that he needs to log in again and provide email. When they click the login button again because of the auth_type: 'rerequest' part they will be requested again for permissions.

like image 56
chifliiiii Avatar answered Oct 13 '22 04:10

chifliiiii