Comments (22)
These are what I discover when using version 17.0.0 SDK with iOS 17+
With AppTracking Transparency enable for your App -> receive a valid FB AccessToken
With AppTracking Transparency disable for your App -> receive an invalid FB AccessToken
from facebook-ios-sdk.
I resolved this issue. The FB SDK 17.0 uses a limited login forcefully in ios 17 when the ATT is not on. So we should impletemt limited logins. In the limited login, you cannot use the access token at the graph api in your web server. You can use the authentication token which is a JWT. You can verify it and extract user information from it. So you should handle the both tokens - normal access token on the ATT enabled and authentication token on the ATT not enabled. Or you can use the limited logins only and use authentication tokens.
from facebook-ios-sdk.
Hello - We recently made changes to Facebook Login SDK for iOS. As a result of these changes, we recommend that you use Limited Login. If you are unable to implement Limited Login, the Graph API, iOS would need to be used to support these permissions. See more details here.
Hello. then how to solve our problem?
We validate access token using our web server after facebook login. but now our app can't validate JWT iOS 17 device because we don't integrate limited login yet.
So you mean after all, in a system like us that verifies tokens through a web server, you can't do it the way it is, but you have to integrate limited logins or manually adjust the graph API?
Additionally, if you look at the official Facebook guide document, there is an article below, and even if you use that method, it returns an invalid access token. Why is that?
"A graph request will fail because there is no access token. To get an access token, either reuse the classic login method (defaults tracking to enabled), or call FBSDKLoginManager logInFromViewController:configuration:completion: with a configuration that specifies that tracking is enabled. Be aware that when you do this, users are tracked."
from facebook-ios-sdk.
I've encountered the same issue (I'm using Cocoapods). When using version 16.3.1, there are no errors, but upon upgrading to 17.0.0, I receive the "Invalid OAuth access token - Cannot parse access token" error when verifying the token in my server. In my testing, I've noticed that the tokenString value in version 17.0.0 is one character shorter than when testing with version 16.3.1. I'm not certain if this is related to the problem, but I thought it worth sharing.
from facebook-ios-sdk.
I have just found this announcement.
https://developers.facebook.com/blog/post/2024/03/28/changes-made-to-fb-login-sdk/
from facebook-ios-sdk.
Hello - We recently made changes to Facebook Login SDK for iOS. As a result of these changes, we recommend that you use Limited Login. If you are unable to implement Limited Login, the Graph API, iOS would need to be used to support these permissions. See more details here.
Hello. then how to solve our problem? We validate access token using our web server after facebook login. but now our app can't validate JWT iOS 17 device because we don't integrate limited login yet.
So you mean after all, in a system like us that verifies tokens through a web server, you can't do it the way it is, but you have to integrate limited logins or manually adjust the graph API?
Additionally, if you look at the official Facebook guide document, there is an article below, and even if you use that method, it returns an invalid access token. Why is that?
"A graph request will fail because there is no access token. To get an access token, either reuse the classic login method (defaults tracking to enabled), or call FBSDKLoginManager logInFromViewController:configuration:completion: with a configuration that specifies that tracking is enabled. Be aware that when you do this, users are tracked."
which means web server can't validate JWT IOS 17 device through Facebook api?
Is there some way for web server to validate JWT IOS 17 device through Facebook api? OR should web server just decode and verify JWT IOS 17 device (authentication token) by this doc?
from facebook-ios-sdk.
Hello - We recently made changes to Facebook Login SDK for iOS. As a result of these changes, we recommend that you use Limited Login. If you are unable to implement Limited Login, the Graph API, iOS would need to be used to support these permissions. See more details here.
Hello. then how to solve our problem? We validate access token using our web server after facebook login. but now our app can't validate JWT iOS 17 device because we don't integrate limited login yet.
So you mean after all, in a system like us that verifies tokens through a web server, you can't do it the way it is, but you have to integrate limited logins or manually adjust the graph API?
Additionally, if you look at the official Facebook guide document, there is an article below, and even if you use that method, it returns an invalid access token. Why is that?
"A graph request will fail because there is no access token. To get an access token, either reuse the classic login method (defaults tracking to enabled), or call FBSDKLoginManager logInFromViewController:configuration:completion: with a configuration that specifies that tracking is enabled. Be aware that when you do this, users are tracked."which means web server can't validate JWT IOS 17 device through Facebook api?
Is there some way for web server to validate JWT IOS 17 device through Facebook api? OR should web server just decode and verify JWT IOS 17 device (authentication token) by this doc?
How to verify the Authentication Token on the web server is shown in the official guide document. What I said above is that the official guide document says that you can get an access token by setting the loginFromViewController API to tracking enabled as above, but even if you do that, you will return the invalid token and ask why.
You can get a JWT-type token from our web server and verify it, but I thought it could be solved by modifying the API without adding additional logic.
from facebook-ios-sdk.
If ATT is not agreed upon, limited access will be imposed. Is there any way to retrieve the ID for business through JWT Token at this time?
from facebook-ios-sdk.
Debug-Token api will also fail with the same error for access tokens generated with iOS v17.0.0.
from facebook-ios-sdk.
I've encountered the same issue. when using v16.3.1, there are no errors, but after update v17.0.0 I receive the same error. "Invalid OAuth access token - Cannot parse access token"
from facebook-ios-sdk.
same here🥲
from facebook-ios-sdk.
Same. But it happened only at the M2 machines like a macbook pro. And I didn't use the limited login, but the browser opens for limited login. The url is like "limited.facebook.com". At the old facebook sdk, the opened url is like "m.facebook.com/".
And the returned token doesn't begin with "GG". Our app is a game, and the access tokens begin with "GG" usually.
from facebook-ios-sdk.
Same. But it happened only at the M2 machines like a macbook pro. And I didn't use the limited login, but the browser opens for limited login. The url is like "limited.facebook.com". At the old facebook sdk, the opened url is like "m.facebook.com/".
And the returned token doesn't begin with "GG". Our app is a game, and the access tokens begin with "GG" usually.
same. And there is no button that can be used to jump to the FB client.
from facebook-ios-sdk.
These are what I discover when using version 17.0.0 SDK with iOS 17+
With AppTracking Transparency enable for your App -> receive a valid FB AccessToken
With AppTracking Transparency disable for your App -> receive an invalid FB AccessToken
we have the exact same issue
from facebook-ios-sdk.
I have just found this announcement. https://developers.facebook.com/blog/post/2024/03/28/changes-made-to-fb-login-sdk/
We got the same problem, so it's by design (not a bug)?
If so, this
I resolved this issue. The FB SDK 17.0 uses a limited login forcefully in ios 17 when the ATT is not on. So we should impletemt limited logins. In the limited login, you cannot use the access token at the graph api in your web server. You can use the authentication token which is a JWT. You can verify it and extract user information from it. So you should handle the both tokens - normal access token on the ATT enabled and authentication token on the ATT not enabled. Or you can use the limited logins only and use authentication tokens.
isn't a workaround but a proper solution for new SDK?
from facebook-ios-sdk.
Hello - We recently made changes to Facebook Login SDK for iOS. As a result of these changes, we recommend that you use Limited Login. If you are unable to implement Limited Login, the Graph API, iOS would need to be used to support these permissions. See more details here.
from facebook-ios-sdk.
Yep I got your point.
Just wondered whether I can use graph api to verify JWT, which is impossible.
So just to triple check, when web server validates JWT, gotta follow what the doc says, right?
from facebook-ios-sdk.
Facebook JWT tokens are not cached when the app is closed. Is there a way to get the token without displaying the limited login screen on Facebook?
FBSDKLoginKit.AccessToken.current?.tokenString -> nil?
from facebook-ios-sdk.
Let's say I already have a nonce, how do I exchange it for a JWT token instead of the (broken) access_token
?
from facebook-ios-sdk.
When it's a limited login you can't use access token because graph api will not work with it. Instead, you can use FBSDK AuthenticationToken.currentAuthenticationToken and verify it with JWK verifiers.
from facebook-ios-sdk.
Related Issues (20)
- I installed iOS SDK version 16.0.3 using the Swift Package Manager process, but when I checked on the Facebook developer account, it showed version 0.3.1. HOT 1
- Wrong version in SPM Xcode 15.3, latest release 17.0.0 but SPM package declares 14.1.0 HOT 9
- I want to updating Facebook SDK to 17.0.0 bug it is fail ,please update to 17.0.0 HOT 5
- Missing header for objective c FBSDKApplicationDelegate.h missing
- Can't use FBSDKLogin using Swift Package Manager HOT 4
- [iOS] `AppLinkUtility.fetchDeferredAppLink` returns nil url in completion
- Don't show 'isAdvertiserTrackingEnabled' deprecation warning below iOS 17 HOT 9
- iOS Facebook SDK lost session regularly HOT 1
- Facebook SDK(dynamic) Validation Failed in Unity
- Facebook Login doesn't open the App when Installed HOT 5
- App switches to limited login. HOT 10
- Facebook SDK automatic app events logging with StoreKit2 HOT 2
- Static Framework as a swift package
- Access Token Expiration error HOT 1
- Build error with FBAudienceNetwork.xcframework: Signature cannot be verified HOT 2
- ld: symbol(s) not found for architecture arm64 (Flutter) HOT 5
- iOS SDK API does not work even after performing all requested actions
- Privacy manifests only included in release 17.0.0 with breaking changes HOT 13
- Xcode15.3: After updating SDKv17.0.0 through SPM, an error occurred while running the project: dyld [5199]: Library not loaded: @ rpath/FBSDKCoreKit. framework/FBSDKCoreKit, unable to start the application HOT 15
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from facebook-ios-sdk.