Announcement Announcement Module
Collapse
No announcement yet.
Log in. Access Canvas based app. Log out in other tab. View Friends. Error Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Log in. Access Canvas based app. Log out in other tab. View Friends. Error

    I haven't really explored this much with the spring social canvas app since I believe its behavior is much different than spring social showcase since the former relies on cookies.

    In my current app, I have a canvas based app and things are working fine. However if you sign out of facebook - say from another tab and then go back and try to view friends you'll get an error in your iframe:

    Code:
    org.springframework.social.RevokedAuthorizationException: The authorization has been revoked.
    	org.springframework.social.facebook.api.impl.FacebookErrorHandler.handleInvalidAccessToken(FacebookErrorHandler.java:138)
    	org.springframework.social.facebook.api.impl.FacebookErrorHandler.handleFacebookError(FacebookErrorHandler.java:109)
    	org.springframework.social.facebook.api.impl.FacebookErrorHandler.handleError(FacebookErrorHandler.java:58)
    Interestingly, this does NOT happen in the Showcase application when you log into the showcase app with your facebook account and then you log out of that facebook account in another tab. You'll still have access in showcase to all your facebook stuff even though you are logged out of facebook.

    I'm curious how this behavior could be so different since in the canvas app I'm working with. I'm still in just the iframe and I didn't mess at all with the facebook api calls to return things like friends. Any ideas what could explain the difference?

  • #2
    I believe that the reason it works in the showcase sample is because the showcase sample asks for "offline_access" permission. I'm guessing your app does not.

    It shouldn't happen in the canvas app because that exception is being handled, taking the user to the signin page (which does the JS redirect to Facebook's auth page and the process starts over).

    Comment


    • #3
      Originally posted by habuma View Post
      I believe that the reason it works in the showcase sample is because the showcase sample asks for "offline_access" permission. I'm guessing your app does not.
      Doh! of course. I should have realized that, thanks

      It shouldn't happen in the canvas app because that exception is being handled, taking the user to the signin page (which does the JS redirect to Facebook's auth page and the process starts over).
      In the canvas app is it really the exception being handled? Where does that take place? I'd assume the exception would get thrown here when the call to getFriends is made?

      Code:
      @RequestMapping(value = "/" /*, method = RequestMethod.GET*/) // FB wants the canvas page to take POST requests (?)
      	public String home(Model model) {
      		List<Reference> friends = facebook.friendOperations().getFriends();
      		model.addAttribute("friends", friends);
      		return "home";
      	}
      Last edited by rickcr; Aug 31st, 2011, 07:13 AM.

      Comment

      Working...
      X