Logout isn't working properly

[BonyYousuf]

In all the other Facebook SDK Logout function logs the user out of the app and also from Facebook, so that a different user can login. But this SDK does not behave like that. If you logout using it's API it only logs you out of the application and when you try to login again it logs the same user without even showing any login screen. This makes it impossible for any other user to use the app except the first user.

Please fix this.

This is the code I am using for logout

        FBSession sess = FBSession.ActiveSession;
        if (sess != null)
        {
            System.Diagnostics.Debug.WriteLine("---------------------Logging Out");
            await sess.LogoutAsync();
        }

[danielvieira43]

That's a big issue. There are some people sharing code to clear up all cookies from facebook domain, and that's not working for winsdkfb. It worked for facebook sdk old version, but this new one doesn't clear up cached data from last facebook logged user.

This code doesn't work with winsdkfb:

HttpBaseProtocolFilter myFilter = new HttpBaseProtocolFilter();
HttpCookieManager cookieManager = myFilter.CookieManager;
HttpCookieCollection myCookieJar = cookieManager.GetCookies(new Uri("https://facebook.com"));
foreach (HttpCookie cookie in myCookieJar)
{
cookieManager.DeleteCookie(cookie);
}

And there is more related... The facebook authorization view is different in windows 10 phone (lumia 1520 I'm using) and windows 10 PC. Windows 10 shows a button allowing users to change facebook user before authorization. On Mobile devices there is no such option.

Anyone know some workaround to solve those problems?

Thanks a lot!

Daniel

[BonyYousuf]

When logout is called all you need to do is clear the internal cookies of the webview that you are using.

However according to this post this is not possible http://blogs.msdn.com/b/wsdevsol/archive/2012/10/18/nine-things-you-need-to-know-about-webview.aspx#AN7

So that leaves only two ways.

1. Find a url that logs out the user by visiting it. And as far as I know, Facebook no longer has such url(it used to).
2. This is very embarrassing but the only other way left is to open the facebook page in the internal WebView and ask the user to logout manually.

Or maybe being Microsoft you guys can just ask Facebook to give you guys a way to logout from Facebook.

In any case, this is a must feature and without it only one person will be able to use the app.

[BonyYousuf]

Hey, just found out that method 1 still works. Facebook still lets you logout by visiting a url. The url would need to look like this

https://www.facebook.com/logout.php?next={https://www.facebook.com or any other url}&access_token={your_access_token}

So all you need to do is run the above url in your internal WebView. If possible that WebView should be run without showing up. If that is not possible, you can show the WebView and once the browser redirects to the given "next" url, simply close the WebView.

[TedHoward]

Does this matter for your customers? Or just you as a developer?

Regardless of whether this matters to end-users, it's useful for developers to be able to re-authenticate. I typically do this by deleting /LocalState/FBSDKData and restarting. Or uninstall/reinstall which is a true user scenario.

fwiw,
I hate the workflow even though it's the right thing for Facebook and the right thing for consumers. As a developer, I loved that in 2009 I could create random FB accounts. Now I have to provide a unique phone # and so I have to resort to using FB developer test accounts. That's just the price of success.

[BonyYousuf]

It matters to my players since in a house a lot of people uses a single PC and plays the same game.
And this is a useful features and should be pretty straight forward if they could just point the internal WebView to logout url I posted previously

[BonyYousuf]

Guys, Any update on this?

[TedHoward]

When I replied I didn't realize this was a new issue. I thought it was the one I opened which is Closed as essentially 'Won't Implement': #31

I don't expect the MSFT team to implement this feature, but this is all open source so you can always fork it and change FacebookSession::Logout() to also invoke the WebView and call the logout url.

[BonyYousuf]

I am not a c++ programmer thats where all the problem is :(
But this seems like a very needed feature. I just don't understand why they would not add it.

[khouzam]

I've taken a look at the issue in more details, and while the guidance from Facebook does says that logout should only clear the token, the fact that we're using a Webview with its own cache does make things a lot more complicated. Looking at the iOS SDK, when you logout of an app and then try to login again, you get the identity provided by the Facebook App, from which you can logout and change the user, alternatively, if you don't have the Facebook app installed, then you will get redirected to the browser and use the identity that the browser has for Facebook. In both those cases, you can easily logout and change the user. Because our webview doesn't share the cache of the browser, this does make it very hard for someone to really log out of an app using the SDK.

We'll take a look at how to better handle the case of the webview to have the scenario work as expected.

Thank you for your feedback on the issue and for pushing for a proper resolution.

~Gilles

[danielvieira43]

Great!! @khouzam and @BonyYousuf, hope to see the resolution soon.

Thanks a lot!

[dwarwick]

Hello all. My name is David. I am writing a C# Windows 10 Universal App and I am using this SDK. My app does not use a web view control, so for me, calling a logout URL does no good. How can I log out a user from my app? Are there any options?

Is it possible for me to log out of Facebook so that another user can log in without using this SDK? Thanks.

[ThaineNorris]

This issue is of critical importance to my app as well. I have a photo booth app. Every single user of the photo booth, of which there may be hundreds at an event, wants to share on his own Facebook page. Therefore the app absolutely must be able to log out after each user. This was not a problem with the old SDK that is presently used in the Windows 8.1 version of the app in the store now. But this problem IS PREVENTING us from releasing a UWP version of the app!

[alakshmi1030]

As of #119 this Logout issue should be fully resolved.