Skip to content


Subversion checkout URL

You can clone with
Download ZIP
Browse files

Remove auth.expireSession call from SDK

Summary: The expireSession call was put in as a precaution to make sure that
apps sessions were really no longer good. However, this is unnecessary and it
causes issues with apps that were expecting the session to remain usable even
after the user logged out. So let's remove this call and leave it up to the app
developer to expire the session if they want.

Test Plan: Logged in and out of the demo app.

Reviewed By: trvish
  • Loading branch information...
commit c83bcaa0512bcdc662a4997fd97e047875e44891 1 parent c460265
@lshepard lshepard authored
Showing with 2 additions and 10 deletions.
  1. +2 −10 src/Facebook.m
12 src/Facebook.m
@@ -353,11 +353,10 @@ - (BOOL)handleOpenURL:(NSURL *)url {
* Invalidate the current user session by removing the access token in
- * memory, clearing the browser cookie, and calling auth.expireSession
- * through the API.
+ * memory and clearing the browser cookie.
* Note that this method dosen't unauthorize the application --
- * it just invalidates the access token. To unauthorize the application,
+ * it just removes the access token. To unauthorize the application,
* the user must remove the app in the app settings page under the privacy
* settings screen on
@@ -368,13 +367,6 @@ - (BOOL)handleOpenURL:(NSURL *)url {
- (void)logout:(id<FBSessionDelegate>)delegate {
self.sessionDelegate = delegate;
- NSMutableDictionary * params = [[NSMutableDictionary alloc] init];
- [self requestWithMethodName:@"auth.expireSession"
- andParams:params andHttpMethod:@"GET"
- andDelegate:nil];
- [params release];
[_accessToken release];
_accessToken = nil;
[_expirationDate release];

0 comments on commit c83bcaa

Please sign in to comment.
Something went wrong with that request. Please try again.