问题
I'm writing a Windows Phone 7 app and have gotten Facebook login working using the C# sdk, but logging out has proven interesting. I've read this post:
Cannot Logout of Facebook with Facebook C# SDK
which seems to mirror the FB docs which indicate I should navigate to
https://www.facebook.com/logout.php?next=[redirect_uri]&access_token=[token]
However, that doesn't work and silently redirects me back to the facebook home page.
My best guess at the moment is facebook doesn't like the "next" URI I'm providing. I updated my FB app settings but either they haven't propagated yet, or something else is still not working.
I've seen posts recommending using InternetSetOption, but that API is not available on the phone.
In my application flow, logout leads to navigating to a different silverlight page in my app, so I really don't need the browser redirect for my purpose anyway, so I could just "forget" the access token without actually telling FB to invalidate it, but that seems weak and insecure.
So, while I wait longer to see if the app domain changes propagate across FB's servers and solve the problem I have a different question:
Why should the Facebook APIs care whether I provide "next" or not? Shouldn't I just be able to tell them to invalidate a token and have it happen?
Is there a logic piece I'm missing here?
Thanks!
回答1:
Update: I wrote an open-source Facebook login/logout control for WP7 that allows this (check the example project). It works by essentially using the web browser control to navigate to the logout page and then submit the logout form by injecting javascript into the web browser control. The idea came from this blog post.
The closest thing would be to revoke the extended permissions by issuing an HTTP DELETE to /me/permissions as documented here. Simply forgetting the auth token isn't a bad option either as the access tokens are generally only good for an hour or two unless you asked for offline_access. And if a user is overly concerned, they can remove your application on their settings page on facebook.com.
来源:https://stackoverflow.com/questions/8690991/facebook-logout-api-why-next