Permalink
Browse files

Remove auth.expireSession call from SDK

Summary: The expireSession call was put in as a precaution to make sure that
apps sessions were really no longer good. However, this is unnecessary and it
causes issues with apps that were expecting the session to remain usable even
after the user logged out. So let's remove this call and leave it up to the app
developer to expire the session if they want.

Test Plan: Logged in and out of the demo app.

Reviewed By: trvish
  • Loading branch information...
1 parent c460265 commit c83bcaa0512bcdc662a4997fd97e047875e44891 @lshepard lshepard committed Aug 29, 2011
Showing with 2 additions and 10 deletions.
  1. +2 −10 src/Facebook.m
View
12 src/Facebook.m
@@ -353,11 +353,10 @@ - (BOOL)handleOpenURL:(NSURL *)url {
/**
* Invalidate the current user session by removing the access token in
- * memory, clearing the browser cookie, and calling auth.expireSession
- * through the API.
+ * memory and clearing the browser cookie.
*
* Note that this method dosen't unauthorize the application --
- * it just invalidates the access token. To unauthorize the application,
+ * it just removes the access token. To unauthorize the application,
* the user must remove the app in the app settings page under the privacy
* settings screen on facebook.com.
*
@@ -368,13 +367,6 @@ - (BOOL)handleOpenURL:(NSURL *)url {
- (void)logout:(id<FBSessionDelegate>)delegate {
self.sessionDelegate = delegate;
-
- NSMutableDictionary * params = [[NSMutableDictionary alloc] init];
- [self requestWithMethodName:@"auth.expireSession"
- andParams:params andHttpMethod:@"GET"
- andDelegate:nil];
-
- [params release];
[_accessToken release];
_accessToken = nil;
[_expirationDate release];

0 comments on commit c83bcaa

Please sign in to comment.