Skip to content


Subversion checkout URL

You can clone with
Download ZIP


Can't log out #35

ashfurrow opened this Issue · 7 comments

5 participants


After invoking invalidateCachedToken, calling getAccessTokenForPermissions:cached: with canCache set to NO, the UI to login is not presented; the user is logged in with their previous account.


I am also experiencing this issue however I am calling getAccessTokenForPermissions:cached: with canCache set to YES


I have the same problem. It must be sending the request for the user and app to facebook with the contents of the browser cache (user id info) and will re-authenticate again without showing the facebook login screen. So far I have no way to remove the user from the app and allow re-authentication with a new user id.


Yup, same problem here. I'm even calling invalidateCachedToken before calling getAccessTokenForPermissions:cached: which does delete it from the user defaults file, but still doesn't log out the user.


It seems that the issue is caused by cookies being left over from the previous session.

I'm currently using the following code after the call to invalidateCachedToken:

NSURL *facebookUrl = [NSURL URLWithString:@""];
NSURL *facebookSecureUrl = [NSURL URLWithString:@""];

NSHTTPCookieStorage *cookieStorage = [NSHTTPCookieStorage sharedHTTPCookieStorage];
NSArray *cookies = [[cookieStorage cookiesForURL:facebookUrl] arrayByAddingObjectsFromArray:[cookieStorage cookiesForURL:facebookSecureUrl]];

for (NSHTTPCookie *cookie in cookies)
    [cookieStorage deleteCookie:cookie];

After a quick dig around the official Facebook iOS SDK, the invalidateSession method actually uses a very similar approach:

NSHTTPCookieStorage* cookies = [NSHTTPCookieStorage sharedHTTPCookieStorage];
NSArray* facebookCookies = [cookies cookiesForURL:[NSURL URLWithString:@""]];

for (NSHTTPCookie* cookie in facebookCookies) {
    [cookies deleteCookie:cookie];


I'll try the URL tomorrow and report back.


That works for me @stevewilford . Maybe that code should go into invalidateCachedToken?


Awesome, thanks!


Fixed in commit e39cedf. Thanks guys!

@philippec philippec closed this
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.