User is asked for login credentials during reauthorization

Question

I am trying to implement the new Facebook SDK 3.0 into my Android app and I have run into a problem. The problem I am having is that the user is asked to log in again to give publish ("post_to_wall") permissions, even though the user is already logged in, with read permissions. This only happens if the user doesn't have the FB application installed. If he has the FB application installed, then he is only asked to grant the permissions.

This is how I implemented the login:

public void login(Activity activity) {
    Session session = Session.getActiveSession();

    if (session == null || !session.isOpened()) {
        openActiveSession(activity, true, sessionStatusCallback);
    }
}

private Session openActiveSession(final Activity activity, final boolean allowLoginUI, final StatusCallback callback) {
    return openActiveSession(activity, allowLoginUI, new OpenRequest(activity).setCallback(callback));
}

private Session openActiveSession(final Context context, final boolean allowLoginUI, final OpenRequest openRequest) {
    Session session = new Builder(context).setApplicationId(FACEBOOK_APPLICATION_ID).build();
    if (SessionState.CREATED_TOKEN_LOADED.equals(session.getState()) || allowLoginUI) {
        Session.setActiveSession(session);
        session.openForRead(openRequest);
        return session;
    }
    return null;
}

This is the callback's call method:

public void call(final Session session, final SessionState state, final Exception exception) {
    if (session.isOpened()) {
        if (state.equals(SessionState.OPENED_TOKEN_UPDATED)) {
            // code if new permissions have been granted
        } else {
            // code for login
        }
    } else if (session.isClosed()) {
            // code for user canceled login
        } else if (exception != null) {
            // code if there were errors during login 
        }
    }
}

This is the code I added to onActivityResult method of the activity that calls the login:

Session.getActiveSession().onActivityResult(activity, requestCode, resultCode, data);

And this is how I ask for new permissions:

Session session = Session.getActiveSession();
if (session != null && session.isOpened()) {    
    if (DONT_HAVE_PERMISSIONS) {
        Session.NewPermissionsRequest newPermissionsRequest = new Session.NewPermissionsRequest(activity,
                            FACEBOOK_PERMISSIONS).setRequestCode(FACEBOOK_AUTHORIZE_ACTIVITY_CODE);
        session.requestNewPublishPermissions(newPermissionsRequest);
    }
}

I've tried to find out more about this problem, and I only found out some hints that this is intended, but I haven't found anything concrete.

Is this the default behavior? If so, is there a way around it? Or, perhaps I did something wrong?

Thanks for the help.

Answer 1

Update your SDK version; this issue is resolved in Facebook Android SDK v3.0.1.